[Lxc-users] Dreadful network performance, only to host from container

Toby Corkindale toby.corkindale at strategicdata.com.au
Thu May 27 08:21:43 UTC 2010 

On 27/05/10 18:06, atp wrote:
As requested:


> ifconfig br0 from the host

br0       Link encap:Ethernet  HWaddr 00:1e:37:4d:8c:d8
           inet addr:192.168.1.206  Bcast:192.168.1.255  Mask:255.255.255.0
           inet6 addr: fe80::21e:37ff:fe4d:8cd8/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:3867723 errors:0 dropped:0 overruns:0 frame:0
           TX packets:1849343 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:3451303555 (3.4 GB)  TX bytes:382610461 (382.6 MB)


> ifconfig eth0 from the container

eth0      Link encap:Ethernet  HWaddr 36:d1:4f:d9:51:59
           inet addr:192.168.1.88  Bcast:192.168.1.255  Mask:255.255.255.0
           inet6 addr: fe80::34d1:4fff:fed9:5159/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:1416 errors:0 dropped:0 overruns:0 frame:0
           TX packets:495 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:1020033 (1.0 MB)  TX bytes:37512 (37.5 KB)



> and the version of lxc you're using.

It's close to the git head, master branch.
Last commit was 0093bb8ced5784468daf8e66783e6be3782e8fea on May 18th.
(The version that originally shipped with ubuntu was giving me errors 
about not being able to pivot_root)

> Do you have anything special with
> the /etc/sysctl.conf?

I think these came with the system, are they likely to be problematic?

net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1
net.ipv4.tcp_syncookies=1
vm.mmap_min_addr = 65536
fs.inotify.max_user_watches = 524288
kernel.shmmax = 38821888



> On a completely blank container with no tuning, I get with scp;
>
> host->container squashfs.img 100% 639MB 33.6MB/s 00:19
> container->host squashfs.img 100% 639MB 29.0MB/s 00:22
>
> Both tests inside the container. The limiting resource here is cpu for the
> encryption.

mm, yeah, I'd be waiting all week to copy an equivalently sized file 
like that. Although if i copy it to another host on the network, then 
back again, it's all fine :/

> I'm on kernel 2.6.34/fc12 for this.

I'm on 2.6.32-22/ubuntu 10.04


thanks,
Toby

More information about the lxc-users mailing list