[Lxc-users] Communication between network namespaces is slow within VMs

[Jérôme Petazzoni]

Hi,

(Note: this is not specific to LXC, but it is related to network
namespaces, so I thought that this might be the best place to get some
help. If I'm wrong, feel free to redirect me elsewhere!)

While doing a bunch of TCP speed tests with containers, I noticed the
following: when running in virtual machines (tested with KVM and
VirtualBox), transfer speeds between containers are much slower than
expected.

I tested with "iperf -s" on one end, "iperf -c $other_end -i 1" on the
other end.

Here are the results:
- local test on physical machine (through localhost): 40 Gb/s
- container-to-container on physical machine: 25 Gb/s
- local test on virtual machine: 30 Gb/s
- container-to-container on virtual machine: 600 Mb/s

I thought that it could be a problem with the bridging, so I also tested to
connect containers directly with a pair of veth interfaces. Results were
slightly better (1 Gb/s) but still waaaay below what I expected.

Is this expected? (I think it's not; but I might be missing some essential
point about virtual machines here.)

I wrote a handful of scripts to easily test the different scenarios:
https://gist.github.com/jpetazzo/6645281

I don't know if it's a problem with the network namespaces or the veth
device (I'm considering trying an elaborated test with multiple physical
interfaces to rule veth out of the equation, but I don't have the required
hardware here).

All ideas are welcome!

-- 
@jpetazzo <https://twitter.com/jpetazzo>
Latest blog post: http://blog.docker.io/2013/09/docker-joyent-openvpn-bliss/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130920/7ac69653/attachment.html>