Virtualbox / Dual Paravirtualized nics slower than normal bridged.
-
At home I have been very successfully running pfSense in a virtual machine on a Win 7 machine that doubles as a HTPC for a few years.
I use pfSense principally so that I can route PC's on my home net work over a VPN using OpenVPN aes-256-cbc. The newly released Virtualbox 5.0 now offers aes-ni hardware acceleration to guests such as pfSense. As Virtualbox also runs as a service and VMware player doesn't I thought I would try Virtualbox.
Virtualbox setup
Host Win 7
Guest pfSense
CPU Intel Sandbridge 2500k
NIC HP Intel Pro/1000 PT dual.The initial set up was relatively straightforward, the only hiccup was that I needed to give 3 cores to the pfSense virtual machine in order to achieve the expected 150Mb/s speeds over the VPN. Needless to say it was slamming the CPU.
My guess for this poor performance was the virtualised bridged NICs. As my dual gigabit nic card was only used by pfSense I thought I would get a performance boost by setting the Virtualbox bridged network adapters to Paravirtualized Network (virtio-net). This was relatively easy to set up and pfSense worked using the freebsd virtio nic drivers (I checked in /var/log/dmesg.boot).
All well and good but now instead of 150 Mb/s over the VPN I get 40Mb/s. Without the VPN I only get 100 Mb/s when I expect 160 Mb/s. If I set only one of the NICs to paravirtualized I get 80Mb/s over the VPN.
Why would I get massively poorer performance using paravirtualized nics?