|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
A speed test with Iperf , Relayd and PF.
Hi all,
I am conducting some speed test inside my LAN evironment . The actual testing network topology is as follow : Iperf Client --> OpenBSD7.1 Proxy --> host server iperf All the connections are with CAT 6 and running at 1000 Mbps speed .(1Gbps) The interface 10.10.10.2 is em0 or the interface facing the outside. The IP address of the iperf server is part of the network behind the Relay with an address of 192.168.20.9. With Iperf from the server side, I am using the default TCP window size (128KByte), as well from the client side . When I use this relay with RELAYD : Code:
tcp connection fixup { tcp nodelay } relay IPERF_TEST{ listen on 10.10.10.2 port 6740 forward to 192.168.20.9 port 6670 protocol fixup } If instead, I deactivate the relayd function and using a simple PF redirecting with Code:
pass in on em0 proto {tcp} from any to em0 port 6740 rdr-to 192.168.20.9 port 6670 (which I should expect the same as normal for being a 1Gbps link) This make me wonder now why using RELAYD makes the TCP redirection so slow and how to improve it since I will need to use Relayd for a HTTP-->HTTPS redirect for example using SNI for different domains. |
|
|||
Thank You for the reply. Well I am using prefork with 10 instead of 5 (the default)... i think would be enough?
|
|
|||
Looks like something on how RELAYD is handling the process or how it fragments the TCP windows to the outside interface.. Even if I redirect to a loopback from the outside interface is the same... I am using the OpenBSD base system I was able to successfully redirect the traffic to subdomains using SNI without httpd or nginx but this really is a tweaking obstacle .
|
|
||||
If no one else chimes in here in the next day or two you might want to post to the Project's misc@ mailing list. You will have a much larger audience. If you do post there, be sure to include your relay.conf provisioning (redacting any private information).
|
|
|||
Thank You, I just sent an email there. If I find a usable solution will report it also here.
|
|
|||
Ok the problem was not related to RelayD , but to the virtualized interface , that wasn't enabled with multiprocessor option and para-virtualization (was running as an emulation of a e1000 interface)
So far so good, now the speed is consistent. |
|
|||
Thanks for Your support.
I have noticed that other people here is searching for a complete RelayD configuration to avoid using NGINX or HTTPD. We'll try to post it in the future as it working very well as reverse proxy. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Understanding relayd | sleepyjoe | OpenBSD Security | 2 | 26th April 2020 05:30 AM |
Test server | barti | OpenBSD General | 4 | 2nd August 2012 08:11 AM |
relayd | gpatrick | OpenBSD General | 0 | 8th May 2012 10:10 PM |
relayd | gpatrick | OpenBSD General | 1 | 16th January 2010 12:19 AM |