Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Iptables & network performance on SunFire v100
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo on Sparc
View previous topic :: View next topic  
Author Message
djericj
n00b
n00b


Joined: 31 Jan 2010
Posts: 2

PostPosted: Sun Jan 31, 2010 1:39 am    Post subject: Iptables & network performance on SunFire v100 Reply with quote

I seem to be having a problem with network performance on a SunFire v100. I have the system setup to forward packets from eth0 to eth1 (outgoing) and vice versa for incoming. I am using kernel version 2.6.31 r7. I am using iptables. The system specs are 500mhz UltraSparc IIe, 512 RAM, 40gb IDE disk and 2 Davicom 10/100 Ethernet.

I seemed to be capped at 10mbs when passing traffic from my network through the firewall. Internet speed tests show me getting 10mbs down when going through the firewall but 20mbs on systems that are directly connected to the Internet. I can get higher speeds when going out to the Internet on the firewall itself, for example, when downloading packages during an emerge. At first I thought it was a problem with my iptables rules but I can turn off almost all the rules except for the basic nat rules and there appears to be no improvement in performance. This made me wonder if it wasn't a problem with the NIC drivers or some other system configuration problem.

Does anyone have any idea what could be the problem? Is this system too slow to handle firewall duties?
Back to top
View user's profile Send private message
Shining Arcanine
Veteran
Veteran


Joined: 24 Sep 2009
Posts: 1110

PostPosted: Sun Jan 31, 2010 3:18 am    Post subject: Reply with quote

If your transfer speeds are being capped at 10Mbps, it sounds like your network card is running in 10base-T mode, which is the speed ethernet originally had back in the 1980s. Are you sure that you have the proper drivers for your network card? Your system might be using the drivers for a 10Mbps network card for your network card.

I wish I could be more helpful, but I am new to this sort of stuff myself. I hope this helps.
Back to top
View user's profile Send private message
dogshu
Apprentice
Apprentice


Joined: 22 Jun 2003
Posts: 168
Location: New Haven, CT, USA

PostPosted: Sun Jan 31, 2010 4:48 am    Post subject: Re: Iptables & network performance on SunFire v100 Reply with quote

run "ethtool eth0" and "ethtool eth1" and make sure both are set to 100 megabit. emerge ethtool if it's not already installed.
Back to top
View user's profile Send private message
djericj
n00b
n00b


Joined: 31 Jan 2010
Posts: 2

PostPosted: Sun Jan 31, 2010 5:40 pm    Post subject: Reply with quote

Thank you for the suggestions. After some research it appears thy I was indeed running both NIC in 10 base T mode. This was confirmed by ethtool. I also determined that I appear to be running the correct driver. Based upon my research the Davicom chips in the SunFire v100 can actually use two different drivers, dmfe and tulip. I found that several people on various forums recommended the tulip driver over the dmfe driver. I also seemed to have more success using the tulip driver as the dmfe driver was flaky and seemed to have problems loading at boot time. This was true if I compile the driver as a module or directly
into the kernel.

So after a bit more research I ended up autoloading the tulip driver with options 5,5 which forces the driver into 100baseT. Once this change had been made I experienced a 50% increase in performance to about 15 mps.

While this is certainly better than what I was getting, it us still not operating at max or near max speed. I would expect some overhead from using an SPI firewall but is a 5 mps reduction reasonable? My Internet connection max speed from my ISP is 20 mps so I am not entirely clear as to why I'm still getting approxamately 25% decrease in throughput. Could this just be a symptom of the overhead incurred by iptables or the system itself?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo on Sparc All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum