Linux packet forwarding performance

I’m experiencing performance issues with Linux packet forwarding. I use an old laptop as a router, with iptables to handle masquerading and ipv4 forwarding turned on.

Intranet network is connected to the gigabit built-in NIC
Internet network cis onnected to a 32bit PCMCIA card

Measured speeds :

Internet <-> Router : 11.2 MB/s
Intranet <-> Router : 112 MB/s
Intranet <-> Internet : no more than 100 KB/s

I can have both interfaces downloading / uploading at the same time without any issue.

Router hardware configuration :

Pentium M 1.6GHz
1.2 GB RAM
DELL Latitude D410

Software configuration :

Linux 2.6.32-5-686 #1 SMP Tue Mar 8 21:36:00 UTC 2011 i686 GNU/Linux (Debian 6)
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/proc/sys/net/ipv4/ip_forward set to 1

I have no clue why this is happening, does anyone have an idea of where this performance drop could come from ?

I will try reinstalling the operating system, but I do not think it will change anything.

Nicolas

Posted 2011-05-21T16:12:06.620

Reputation: 358

Answers

I already faced a Linux router which wouldn't forward more than about 100kB/s for each connection.

The issue was the Ethernet interface to the ISP equipment was set to half duplex. Fixed by disabling auto-negotiation and manually forcing full duplex. This could be done via ethtool:

sudo ethtool -s eth1 speed 100 duplex full autoneg off

Bertrand Lupart

Posted 2011-05-21T16:12:06.620

Reputation: 11

Internet <-> Router : 11.2 MB/s

How was this measured? 100MBit/s Internet pipes are uncommon. Do you have glass fiber at your home? If you have some sort of ADSL, the 100KB/s sound reasonable.

Turbo J

Posted 2011-05-21T16:12:06.620

Reputation: 1 919

I'm in a French engineering school which is connected to Internet through RENATER. The actual internet link is around 1Gb/s, but we're limited by 100Mb switches.

– Nicolas – 2011-05-21T16:39:58.063

The we need some more info like distribution, kernel version etc. Try to disable "power management" in the BIOS - maybe your CPU just sleeps longer ;-) – Turbo J – 2011-05-21T17:00:47.210

1If you have a shared 1GB pipe at you school, how do you know it is free? It might just be saturated to the point where you only can get 100KB/s. This was always the case when I went to my university... – Turbo J – 2011-05-21T17:04:00.013

Have you tried testing the bandwidth between the internet and your router? You could ssh in and use wget or curl to download something large to the router. – JasonWoof – 2011-05-21T19:22:47.910

JasonWoof: That's exactly what I did. Turbo J: We're not that many students living on-site, and it's the week-end. When I manually forward a port, using netcat, it works like a charm. I'll reinstall the router tonight and get back to you when it's done. – Nicolas – 2011-05-21T19:24:06.207

Just did a fresh install ; the problem remains. – Nicolas – 2011-05-21T23:39:28.570

As most of us have no crystal ball, more info might be helpful. – Turbo J – 2011-05-22T03:36:55.523

Sorry, I thought I had done it. Edited question to include kernel version + what I changed. I tried with another computer and exactly the same software, it works as it should. I'm going to test with fragrouter to see if that's purely a kernel problem. – Nicolas – 2011-05-22T11:01:18.193

I'm getting more and more puzzled as I test things : routing schema is Local1 <-Router1-> Local2 <-Router2-> Local3 <-Router3-> Internet . The faulty router is Router1 (debian box). Local1<->Local2 is OK, Local1<->Local3 is OK too, but Local1<->Internet has performance problems while Router1<->Internet is OK . -- Thanks for your help, but I think I'll leave it there and swap the 'Router1' machine. – Nicolas – 2011-05-22T11:38:28.520

Have you checked for packet loss? You can try ping or analyze a trace with Wireshark (new versions colorize such errors). Has the final client bad tuned TCP performance (windows) ? – LatinSuD – 2011-06-22T18:15:42.377