[strongSwan] Big packet loss under load
Roland Mas
lolando at debian.org
Thu May 15 18:00:11 CEST 2014
Roland Mas, 2014-05-15 17:13:11 +0200 :
[...]
>> When using netcat with TCP, flow control takes care that packet loss
>> is minimal. You may try to switch to iperf with some larger UDP
>> bandwidths to check if you can reproduce these losses. Also, if you
>> have a few hundred sockets some special Netfiltering/Conntracking may
>> slow things down compared to a single TCP stream?
>
> I'll investigate these points, and report back if I find anything
> significant.
Using iperf in UDP, I get <0.01% packet loss until 200 Mb/s, then it
increases to 1-10% (varying across runs) at 300 Mb/s. However, this
seems to have no impact on a ping running in parallel.
Nothing significant in the kernel logs, and there don't seem to be
anything about conntracking in the netfilters. nf_conntrack_max is set
at its default value (65536), so we should be fine from that
perspective.
Any other hint?
Roland.
--
Roland Mas
Le weblog entièrement nu -- http://roland.entierement.nu/
Le photoblog entièrement net -- http://roland.entierement.net/
More information about the Users
mailing list