[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Low performance when use DNAT rules


  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: "Dmytro Korochkin" <mityacor@xxxxxxxxx>
  • Date: Sat, 5 Apr 2008 01:07:51 +0300
  • Delivery-date: Fri, 04 Apr 2008 15:08:24 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=N60MCSrHhRYc0FFTpuENVqQ+z5XN/lowh77lJ8ff3o9GbE45X0KRmb+uO6t87qBe+0Q2j3NcYMmejygt0H6qBXHcF8x+xX4zY9eP3EtF2O2H/zgp14PokO0wDxQJ3l277eYp5NAgynqIUnccHbq4T0XlxYwkQ+8XD99joiPzjxw=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

Hi there

I've built a configuration based on following document:
http://en.opensuse.org/Xen3_and_a_Virtual_Network
I have one physical interface on dom0 - eth0 with public IP, xenbr0 with
local IP(10.100.0.1/24) and 8 domU with local IP from the same network as
xenbr0.
IP address on xenbr0 is gw for all domU.

ip forwarding is enabled.

My dom0 iptables rules:
-A PREROUTING -d XX.XX.XX.XX -p tcp -m tcp --dport 5080 -j DNAT
--to-destination 10.100.0.7:80
-A POSTROUTING -o eth0 -j SNAT --to-source XX.XX.X.XX

The SNAT rule works correctly, I can reach internet hosts from domU.

At the same time I have problem with the DNAT rule. I'm able to connect to
domU from the Internet and when I try to download file through http protocol
I can reach only 40kb/sec while I have 100Mb Internet link. I tried other
protocols: scp, ftp but problem still exists.

I've tested connection between domU --> domU, domU ---> dom0, dom0 --->
dom, Internet ---> dom0 and dom0 ---> Internet - speed is acceptable.
Also I tried to play with
"iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT
--to-ports 8080" on dom0. Speed is good too.

Please help me to solve the problem

Regards
-- 
Dmytro

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.