Strange behaviour regarding download speed

  • Hi, after having exhausted all possible scenario's to pinpoint the problem, I thought to ask here.

    1 server with 2 NICs and a KVM hypervisor and openvswitch.
    3 VM's (2 CentOS and pfSense)
    eth0 connected to my cable modem (which is in bridge mode) - DHCP
    eth1 connected to a switch (lan) -
    Bridged the two NIC's br0(eth0) and br1(eth1)

    pfSense VM:
    two virtio NICs (vtnet0 WAN and vtnet1 LAN)
    1 NAT rule and 1 IPSec VPN config.

    on the shell of pfSense I fetch a 100MB file => This goes fast w/ the whole bandwidth of ISP (20Mbit/s)
    Fetching the same file from any of the two CentOs VM's => 200Kbit/s

    Trying to rule out openvswitch and copied a 100MB file from CentOs 1 to CentOs 2 => LAN speed.

    Tried setting auto negotiante/fixed speed on bith interfaces in pfSense, to no avail.
    Am out of options here.

    Also, what is strange is that I tried disabling the firewall in pfSense which should leave it routing only. But that resulted in no internet.

    Any kind of insight/help is so welcome..


    Just now I first used the IPSec VPN and find another clue that something isn't right.

    Via the tunnel, traffic to pfSense (web) is fast as normal.
    To a shell prompt of other VM's it takes 5 minutes get a prompt, but then it has been timed out already by the client.

    To a physical host I get the prompt immediately, but download speeds are still a a tenth of my bandwidth.

    I'll remove openvswitch and use old kernel bridging and see if things better, as I suspect it to be the problem.

    Regards, moussar

  • Just solved the issue. Turned out to be bound to virtio drivers.
    Setting the NICs to e1000 solved the issue.
    Lost some settings in the switch, like NAT rules (but not their firewall rule) and DHCP scope, etc. While other settings remained intact.

Log in to reply