On Fri, Oct 24, 2008 at 03:54:01PM +0200, Christoph Leser wrote: > > If it is a buffer size problem, why can he transmit 500mb/sec between bsd and > local linux?
As Otto mentioned, read up on 'bandwidth delay product'. There's higher network latency between the remote sites vs hosts on the local LAN and buffer sizes become quite relevant in high(er) latency situations. http://en.wikipedia.org/wiki/Bandwidth_delay_product http://www.psc.edu/networking/projects/tcptune/ John > > > -----Urspr|ngliche Nachricht----- > > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Im Auftrag von Otto Moerbeek > > Gesendet: Freitag, 24. Oktober 2008 13:11 > > An: Sebastian Reitenbach > > Cc: [email protected] > > Betreff: Re: slow network performance behind cisco > > > > > > On Fri, Oct 24, 2008 at 12:58:27PM +0200, Sebastian Reitenbach wrote: > > > > > Hello everybody, > > > > > > I'm experiencing a very bad network performance, when I try > > to connect > > > to a remote server. The point-to-point connection is a E3 > > line, with > > > 34MBit/s, with a cisco 2800 router on each side, terminating the > > > point-to-point connection. > > > > > > These cisco routers have two gigabit interfaces, and a serial > > > point-to-point E3 controller. Below my network layout: > > > > > > +-------------+ > > > |Remote Server| > > > +-------------+ > > > |GigaBit Ethernet > > > +------------+ > > > |Remote Cisco| > > > +------------+ > > > |Serial E3 Line > > > | > > > +------------+ GigaBit Ethernet +---------+ > > > |Local Cisco |---------------------|Linux Box| > > > +------------+ +---------+ > > > |GigaBit Ethernet > > > +-------+ > > > |BSD Box| > > > +-------+ > > > > > > I use iperf to measure the connection speed. > > > The OpenBSD box, and the Linux box are in two different > > networks, so > > > the connection between these two is also routed. When I use iperf > > > between the Linux-Box and the BSD-Box, then iperf measures about > > > 500MBit/s, so thats fine. When I use iperf between the > > Linux Box and > > > the remote server, then I get sth. about 32 MBits, that's fine too. > > > When I use iperf between the BSD box and the remote server, > > > I only get 2MBit/s. > > > Then I thought, maybe the interface where the BSD box is connected > > > is the problem, so I connected it to the interface on the cisco, > > > where the Linux box was connected before, but still only the > > > 2MBit/s speed to the remote host. > > > I also tried different OpenBSD boxes, with different > > network adaptors, > > > one with bge, another one with fxp, but also, no difference. > > > With both BSD boxes, connection to the Linux box is fast, > > > connections to the remote server is slow. > > > Then I tried to fiddle around with pf, scrub rules on the BSD box. > > > I tested with disabled firewall, with > > > scrub no-df > > > scrub set-tos lowdelay > > > scrub set-tos throughput > > > and some more, but without any observable difference in the speed. > > > The Linux box and the BSD boxes both had the same MTU on > > their interfaces, > > > and also no dropped packets, or errors on the interfaces. > > > > > > When I connect the Linux box behind the OpenBSD box, and > > then try to > > > connect from the Linux box to the OpenBSD box, the > > performance becomes > > > slow. > > > > > > So right now I'm a bit puzzled, and have no idea, why the > > connection > > > to the remote host is fast when using a Linux box, but so slow when > > > using OpenBSD. Are there any differences in the IP packets that > > > OpenBSD and Linux creates? I'm going to capture the network > > traffic on > > > the Linux and OpenBSD box to be able to compare the IP packets. > > > Is there any tool where I can replay the packet sequence on > > OpenBSD that I > > > have > > > recorded with tcpdump on the Linux box? > > > > > > Unfortunately, I don't have access to the remote cisco, or remote > > > server, so I cannot check anything there. > > > > > > any hint is greatly appreciated. > > > > OpenBSD uses a pretty low default send and receive buffer > > size for sockets. Try increasing net.inet.tcp.recvspace and > > net.inet.tcp.sendspace, after reading a bit about bandwidth * > > delay products. > > > > -Otto > > > > > > > > If there is more information needed from my side, to explain the > > > problem, don't hesitate to ask. > > > > > > kind regards > > > Sebastian > > > > > > > > ______________________________________________________________________ > > > _ > > > Jetzt neu! Sch|tzen Sie Ihren PC mit McAfee und WEB.DE. 30 Tage > > > kostenlos testen. > > http://www.pc-sicherheit.web.de/startseite/?mc=022220 > > > > > > If it is a buffer size problem, why can he transmit 500mb/sec between bsd and > local linux?
