houkouonchi
Joined: 20 Mar 2010
Posts: 47
|
 Posted: Thu Mar 22, 2012 3:16 am Post subject: Jumbo frames with VPN/bonding. |
 |
|
I am having some wierd issues when using jumbo frames on my VPN interfaces for VPN bonding.
I started using jumbo frames due to getting <1 link speed when enabling bonding. Once I enabled jumbo frames (VPN links themselves MTU of 9000 and 9000 on BOND00 on both ends) I am getting good performance:
Client -> server
| Code: |
admin@zeroshell: 07:33 PM :~# wget -O /dev/null http://172.31.1.1/2gb.bin
--19:33:18-- http://172.31.1.1/2gb.bin
=> `/dev/null'
Connecting to 172.31.1.1:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1,992,294,400 [application/octet-stream]
9% [====> ] 179,440,712 36.05M/s
|
server -> client
| Code: | wget -O /dev/null http://172.31.1.2/2gb.bin
--19:33:46-- http://172.31.1.2/2gb.bin
=> `/dev/null'
Connecting to 172.31.1.2:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1,992,294,400 (1.9G) [application/octet-stream]
4% [====> ] 89,365,332 17.14M/s
|
I am bonding two 150/75 connections for 300/150 and getting just about what I would expect with overhead.
The problem is I am having some issues I believe with the MTU that is making certain things not work. It reminds me of a problem I had with PPPoE back in the day.
I tried using this ipables rule:
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:10000 -j TCPMSS --clamp-mss-to-pmtu
And it is getting hit but I am still seeing things not being able to connect at times.
admin@zeroshell: 08:12 PM :~# iptables -v -n -L FORWARD
Chain FORWARD (policy ACCEPT 7459 packets, 1744K bytes)
pkts bytes target prot opt in out source destination
435 25604 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x06/0x02 tcpmss match 1400:10000 TCPMSS clamp to PMTU
admin@zeroshell: 08:15 PM :~#
Any suggestions of what the problem might be? |
|
Search
Register
Usergroups
Profile
Log in
Private Message
