This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-users] DNAT slow performance

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] DNAT slow performance
From: "Dmytro Korochkin" <mityacor@xxxxxxxxx>
Date: Sat, 5 Apr 2008 01:04:14 +0300
Delivery-date: Fri, 04 Apr 2008 15:04:48 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=IxHRUR1q9WeEvWkMiCj6zAzUKMOGlwIzTVeKiLX9AzM=; b=HxSbGET1+U0YdOxZyBYQTCkXydZhTSKkug/aZlrU3v8KLF6EJJrNvK7uQOrC/cDwGCZ/6Jnnn13/UJq9SnqslM6OJtMf5BU/CD30rPacaAQpbqqo1VqCNbjyTHDFxiV6kNgo745nxLjZBxDGdnQdj+AXleR8DONENAH3hPlHSHA=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=xDMzeIYJz8mXTAp3/VkxM5rnf4JztQtGjVrlE9wiUSO8bsViiGMGwT8hmZQMuZxuPtCrX2vnwxvRV94GBtd4+3ZwK/6TtuiGEHLnoSLJaFxFtblBIqceJsQIA2n10eBLNa+jEhNFt3ypm3iUxIZx+boTxLhz5OG56YMP010DU7c=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hi there

I've built a configuration based on following document: http://en.opensuse.org/Xen3_and_a_Virtual_Network
I have one physical interface on dom0 - eth0 with public IP, xenbr0 with local IP( and 8 domU with local IP from the same network as xenbr0.
IP address on xenbr0 is gw for all domU.

ip forwarding is enabled.

My dom0 iptables rules:
-A PREROUTING -d XX.XX.XX.XX -p tcp -m tcp --dport 5080 -j DNAT --to-destination
-A POSTROUTING -o eth0 -j SNAT --to-source XX.XX.X.XX

The SNAT rule works correctly, I can reach internet hosts from domU.

At the same time I have problem with the DNAT rule. I'm able to connect to domU from the Internet and when I try to download file through http protocol I can reach only 40kb/sec while I have 100Mb Internet link. I tried other protocols: scp, ftp but problem still exists.

I've tested connection between domU --> domU, domU ---> dom0, dom0 ---> dom,  Internet ---> dom0 and dom0 ---> Internet  - speed is acceptable.
Also I tried to play with
"iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080" on dom0. Speed is good too.

Please help me to solve the problem

Xen-users mailing list
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] DNAT slow performance, Dmytro Korochkin <=