Jump to content
Калькуляторы

FreeBSD shaper + INTEL 82599ES 10-Gigabit

 

Добрый день коллеги,уже не раз обсуждалась тема по поводу тюнинга подобных машин,но перепробовав все рекомендованные варианты я не знаю куда дальше копать проблему...может что то упускаю?

 

FreeBSD : 11.1
CPU : Intel(R) Xeon(R) CPU E5-2640 v2 @ 2.00GHz - x2 - драйвер : 3.1.13
Network : 82599ES 10-Gigabit SFI/SFP+ - 2 порта
Серв : шейп + фаервол  = (ipfw + setfib + queue) и снимает flow = ngnetflow (netgraph)
В ЧНН при включенном HyperT машина максимум прожевывает 2,7 Ggbit/s после растут задержки с потерей пакетов до 2%.
Сегодня выключил HyperT и картина такая что на текущий момент трафика на 1.5 Gbit/s и имеем среднюю загрузку CPU по Intr уже в районе 45%, скорее всего вечером будет хуже...

last pid: 66684;  load averages:  7.08,  7.02,  6.86                                                                                                                      up 0+08:30:14  13:31:08
326 processes: 26 running, 179 sleeping, 121 waiting
CPU 0:   0.0% user,  0.0% nice,  5.4% system, 50.0% interrupt, 44.6% idle
CPU 1:   0.0% user,  0.0% nice,  0.0% system, 62.3% interrupt, 37.7% idle
CPU 2:   0.0% user,  0.0% nice,  0.4% system, 27.3% interrupt, 72.3% idle
CPU 3:   0.0% user,  0.0% nice,  0.0% system, 51.5% interrupt, 48.5% idle
CPU 4:   0.0% user,  0.0% nice,  0.0% system, 36.5% interrupt, 63.5% idle
CPU 5:   0.0% user,  0.0% nice,  0.0% system, 42.3% interrupt, 57.7% idle
CPU 6:   0.0% user,  0.0% nice,  0.0% system, 48.5% interrupt, 51.5% idle
CPU 7:   0.0% user,  0.0% nice,  0.0% system, 31.2% interrupt, 68.8% idle
CPU 8:   0.0% user,  0.0% nice,  0.4% system, 42.3% interrupt, 57.3% idle
CPU 9:   0.0% user,  0.0% nice,  0.0% system, 37.7% interrupt, 62.3% idle
CPU 10:  0.0% user,  0.0% nice,  0.0% system, 43.5% interrupt, 56.5% idle
CPU 11:  0.0% user,  0.0% nice,  0.0% system, 40.8% interrupt, 59.2% idle
CPU 12:  0.0% user,  0.0% nice,  0.0% system, 41.5% interrupt, 58.5% idle
CPU 13:  0.4% user,  0.0% nice,  0.0% system, 39.2% interrupt, 60.4% idle
CPU 14:  0.0% user,  0.0% nice,  0.0% system, 44.2% interrupt, 55.8% idle
CPU 15:  0.0% user,  0.0% nice,  0.0% system, 28.1% interrupt, 71.9% idle
Mem: 13M Active, 60M Inact, 894M Wired, 22M Buf, 61G Free


PID USERNAME   PRI NICE   SIZE    RES STATE   C   TIME    WCPU COMMAND
   11 root       155 ki31     0K   256K RUN     2 412:01  73.97% idle{idle: cpu2}
   11 root       155 ki31     0K   256K CPU11  11 412:25  65.24% idle{idle: cpu11}
   11 root       155 ki31     0K   256K RUN    14 418:39  62.03% idle{idle: cpu14}
   11 root       155 ki31     0K   256K RUN     5 405:12  61.17% idle{idle: cpu5}
   11 root       155 ki31     0K   256K RUN     8 415:57  58.79% idle{idle: cpu8}
   11 root       155 ki31     0K   256K CPU4    4 400:38  57.89% idle{idle: cpu4}
   11 root       155 ki31     0K   256K RUN    12 410:59  57.06% idle{idle: cpu12}
   11 root       155 ki31     0K   256K RUN    13 419:58  51.46% idle{idle: cpu13}
   11 root       155 ki31     0K   256K RUN     3 404:07  50.40% idle{idle: cpu3}
   11 root       155 ki31     0K   256K RUN    15 416:01  50.20% idle{idle: cpu15}
   11 root       155 ki31     0K   256K RUN     1 400:47  50.16% idle{idle: cpu1}
   11 root       155 ki31     0K   256K RUN     6 402:41  48.82% idle{idle: cpu6}
   12 root       -72    -     0K  2080K CPU10  10 105:43  48.50% intr{swi1: netisr 10}
   11 root       155 ki31     0K   256K RUN     0 361:29  47.98% idle{idle: cpu0}
   11 root       155 ki31     0K   256K RUN     9 408:47  47.75% idle{idle: cpu9}
   11 root       155 ki31     0K   256K RUN     7 399:41  47.04% idle{idle: cpu7}
   11 root       155 ki31     0K   256K RUN    10 418:57  43.74% idle{idle: cpu10}
   12 root       -72    -     0K  2080K WAIT    9 109:49  41.72% intr{swi1: netisr 9}
   12 root       -72    -     0K  2080K WAIT   15 107:28  39.33% intr{swi1: netisr 15}
   12 root       -72    -     0K  2080K CPU13  13 104:00  36.01% intr{swi1: netisr 13}
   12 root       -72    -     0K  2080K WAIT    7 106:06  35.43% intr{swi1: netisr 7}
   12 root       -72    -     0K  2080K WAIT    6 104:08  32.92% intr{swi1: netisr 6}
   12 root       -72    -     0K  2080K RUN    12 112:34  31.83% intr{swi1: netisr 12}
   12 root       -72    -     0K  2080K WAIT    3 105:38  30.82% intr{swi1: netisr 3}
   12 root       -72    -     0K  2080K WAIT    1 107:42  29.33% intr{swi1: netisr 1}
   12 root       -72    -     0K  2080K WAIT    8 107:59  28.92% intr{swi1: netisr 8}
/boot/loader.conf

ahci_load="YES"
aio_load="YES"

## ISR
net.isr.defaultqlimit=4096
net.isr.bindthreads=1
net.isr.maxthreads=16
net.isr.numthreads=16
net.link.ifqmaxlen=10240

## KERN
kern.hz=250

### TCP Hostcache Tuning ###
net.inet.tcp.hostcache.hashsize=4096
net.inet.tcp.hostcache.bucketlimit=100
net.inet.tcp.hostcache.cachelimit=65536


### TCP Syncache Tuning ###
net.inet.tcp.syncache.hashsize=1024
net.inet.tcp.syncache.bucketlimit=100
net.inet.tcp.syncache.cachelimit=65536

#TCP control-block Hash table tuning
net.inet.tcp.tcbhashsize=4096

#Tuning_ix_card
hw.ix.rxd=4096
hw.ix.txd=4096
hw.ix.tx_process_limit=512
hw.ix.rx_process_limit=512

#NETGRAPH
net.graph.maxdata=65536
net.graph.maxalloc=65536

#QUEUES
hw.ix.num_queues=8

 

 

sysctl.conf

#TCP

net.inet.tcp.sendbuf_max=16777216
net.inet.tcp.recvbuf_max=16777216
net.inet.tcp.sendbuf_auto=1
net.inet.tcp.recvbuf_auto=1
net.inet.tcp.sendbuf_inc=16384
net.inet.tcp.recvbuf_inc=524288
net.inet.tcp.hostcache.expire=1

#IP

net.inet.ip.fw.one_pass=0
net.inet.ip.dummynet.hash_size=65536
net.inet.ip.dummynet.expire=1
net.inet.ip.dummynet.io_fast=1
net.inet.ip.dummynet.pipe_slot_limit=2048
net.inet.ip.fw.dyn_buckets=2048
net.inet.ip.intr_queue_maxlen=10240

#ISR

net.isr.dispatch=deferred
net.inet.tcp.tso=0
hw.intr_storm_threshold=9000

#OTHER

net.graph.maxdgram=35000
kern.ipc.maxsockbuf=83886080
net.link.ether.inet.max_age=280
net.inet.tcp.sendspace=3217968
net.inet.udp.recvspace=3217968
net.inet.ip.fw.dyn_max=65535
net.inet.udp.maxdgram=57344
net.inet.udp.recvspace=65536
net.inet.tcp.sendspace=65536
net.inet.udp.blackhole=1
net.inet.tcp.blackhole=2
net.inet.tcp.mssdflt=1460
net.inet.tcp.minmss=536
net.inet.tcp.syncache.rexmtlimit=0
net.inet.ip.maxfragsperpacket=0
net.inet.ip.maxfragpackets=0
net.inet.tcp.abc_l_var=44
net.inet.tcp.initcwnd_segments=44
net.inet.tcp.syncookies=0
kern.random.fortuna.minpoolsize=2048
ipfw show

03320  12896016    2676457111 skipto 3540 ip from table(10) to any
03321         0             0 skipto 3520 ip from table(5) to any
03324   9951103    1591378255 skipto 3520 ip from table(8) to any
03325  50774020   14673528009 skipto 3520 ip from table(9) to any
03326  35424237    7696965534 skipto 3520 ip from table(15) to any
03327 422316667  104008253476 skipto 3520 ip from table(11) to any
03328 158083619   32348227401 skipto 3520 ip from table(12) to any
03329  11032564    1050846010 skipto 3560 ip from table(13) to any
03330   7771075    3215195684 skipto 3560 ip from table(14) to any
03332         0             0 skipto 3560 ip from table(16) to any
03333  22683265   10366564479 skipto 3560 ip from table(17) to any
03334 286755010   97483697556 skipto 3560 ip from table(18) to any
03335         0             0 skipto 3560 ip from table(19) to any
03336   2679482     568325094 skipto 3580 ip from table(20) to any
03337         0             0 skipto 3580 ip from table(21) to any
03338 479175598  159194922190 skipto 3580 ip from table(22) to any
03341         0             0 skipto 3580 ip from table(25) to any
03342   8850378    2144489890 skipto 3580 ip from table(26) to any
03343         0             0 skipto 3580 ip from table(27) to any
03344 382069071   96912350084 skipto 4000 ip from table(28) to any
03345         0             0 skipto 4000 ip from table(29) to any
03346  86946227   17624043970 skipto 3520 ip from table(30) to any
03347  21898906   10682276564 skipto 4000 ip from table(31) to any
03348         0             0 skipto 4000 ip from table(32) to any
03349   5106534    1075364437 skipto 4020 ip from table(33) to any
03350  93931549   30859668533 skipto 4020 ip from table(34) to any
03351  18146793   12233066496 skipto 4020 ip from table(35) to any
03352         0             0 skipto 4020 ip from table(36) to any
03353         0             0 skipto 4035 ip from table(37) to any
03354         0             0 skipto 4035 ip from table(38) to any
03355         0             0 skipto 4035 ip from table(42) to any
03356   1486134     562701580 skipto 4035 ip from table(43) to any
03357  83250313   29863535412 skipto 4035 ip from table(41) to any
03358 333469642   91802034087 skipto 4035 ip from table(24) to any
03500  83882271   48839995461 setfib 0 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03510  83882271   48839995461 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03520 381627663   88954690476 setfib 1 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03530 381627663   88954690476 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03540   6448025    1338229156 setfib 2 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03550   6448025    1338229156 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03560 164116093   56057608356 setfib 3 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03570 164116093   56057608356 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03580 245352446   80953834398 setfib 4 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
03590 245352446   80953834398 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04000 201976131   53796641563 setfib 5 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04010 201976131   53796641563 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04020  58595394   22084466556 setfib 6 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04030  58595394   22084466556 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04035 209103151   61114149617 setfib 7 ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04040 209103151   61114149617 allow ip from any to any in { via ix1 or via vlan550 or via vlan500 }
04048  65997182   43250841509 allow ip from table(3) to any
04049  86629365   80813140002 allow ip from any to table(3)
04050    247150      31556726 pipe 32 ip from table(4) to any out
04051     56308      19442586 pipe 33 ip from any to table(4) in
04052    246690      31497260 allow ip from table(4) to any
04053     97277      32861103 allow ip from any to table(4)
04060         0             0 pipe 128 ip from table(5) to any out
04061         0             0 pipe 129 ip from any to table(5) in
04062         0             0 allow ip from table(5) to any
04063         0             0 allow ip from any to table(5)
04064    799590      81553565 pipe 256 ip from table(6) to any out
04065         0             0 pipe 257 ip from any to table(6) in
04066    799590      81553565 allow ip from table(6) to any
04067         0             0 allow ip from any to table(6)
04070   3490857     748696721 pipe 512 ip from table(7) to any out
04071   4144912    4082310966 pipe 513 ip from any to table(7) in
04072   3580772     747186399 allow ip from table(7) to any
04073   8524329    7633334713 allow ip from any to table(7)
04080   5492666     883455843 pipe 1024 ip from table(8) to any out
04081   7089993    7970941751 pipe 1025 ip from any to table(8) in
04082   5876292     931044091 allow ip from table(8) to any
04083  13356353   14794871539 allow ip from any to table(8)
04090  38198337   12348695775 pipe 2048 ip from table(9) to any out
04091  41688485   35352904702 pipe 2049 ip from any to table(9) in
04092  49299041   16599474615 allow ip from table(9) to any
04093  79700913   66138998392 allow ip from any to table(9)
05000   6256127    1318416067 pipe 3072 ip from table(10) to any out
05001   7257915    8104266493 pipe 3073 ip from any to table(10) in
05002   6258403    1316394861 allow ip from table(10) to any
05003  13370413   14935760994 allow ip from any to table(10)
05010 219762305   53932762407 pipe 4096 ip from table(11) to any out
05011 352876142  436904332218 pipe 4097 ip from any to table(11) in
05012 227264467   55473839053 allow ip from table(11) to any
05013 685398969  844092506910 allow ip from any to table(11)
05020  79015856   16172110865 pipe 5120 ip from table(12) to any out
05021 102411403  117400917239 pipe 5121 ip from any to table(12) in
05022  78580401   16072876425 allow ip from table(12) to any
05023 199051573  227177805292 allow ip from any to table(12)
05030   5551513     528897294 pipe 6144 ip from table(13) to any out
05031   7057698    8585992886 pipe 6145 ip from any to table(13) in
05032   5600577     524705950 allow ip from table(13) to any
05033  13499858   16423614952 allow ip from any to table(13)
05040   6099622    2214972060 pipe 8192 ip from table(14) to any out
05042   8303233    2811606282 allow ip from table(14) to any
05043  16622928   18619998038 allow ip from any to table(14)
05050  28731476    6873603872 pipe 10240 ip from table(15) to any out
05051  45354201   52571975488 pipe 10241 ip from any to table(15) in
05052  39852930   10141643680 allow ip from table(15) to any
05053  88433578  101951838483 allow ip from any to table(15)
05060         0             0 pipe 12288 ip from table(16) to any out
05061         0             0 pipe 12289 ip from any to table(16) in
05062         0             0 allow ip from table(16) to any
05063         0             0 allow ip from any to table(16)
05070  18094743    6812384512 pipe 15384 ip from table(17) to any out
05071  24838807   25856897948 pipe 15385 ip from any to table(17) in
05072  22498930    8059932663 allow ip from table(17) to any
05073  48905176   50429142127 allow ip from any to table(17)
05080 160286201   55020222166 pipe 20480 ip from table(18) to any out
05081 345901467  437605656074 pipe 20481 ip from any to table(18) in
05082 176614298   61176243800 allow ip from table(18) to any
05083 671941968  847211531225 allow ip from any to table(18)
05090         0             0 pipe 25600 ip from table(19) to any out
05091         0             0 pipe 25601 ip from any to table(19) in
05092         0             0 allow ip from table(19) to any
05093         0             0 allow ip from any to table(19)
05100   1330464     283544966 pipe 30720 ip from table(20) to any out
05101   3319701    4502272402 pipe 30721 ip from any to table(20) in
05102   1330464     283544966 allow ip from table(20) to any
05103   6542629    8868582360 allow ip from any to table(20)
05104         0             0 pipe 35840 ip from table(21) to any out
05105         0             0 pipe 35842 ip from any to table(21) in
05106         0             0 allow ip from table(21) to any
05107         0             0 allow ip from any to table(21)
05110 242802537   80729557527 pipe 40960 ip from table(22) to any out
05111 423017613  523248359416 pipe 40961 ip from any to table(22) in
05112 246737365   81902553044 allow ip from table(22) to any
05113 829496636 1022938671049 allow ip from any to table(22)
05120         0             0 pipe 46080 ip from table(23) to any out
05121         0             0 pipe 46081 ip from any to table(23) in
05122         0             0 allow ip from table(23) to any
05123         0             0 allow ip from any to table(23)
05130 170843760   46647464919 pipe 51200 ip from table(24) to any out
05131 340900184  441736141243 pipe 51201 ip from any to table(24) in
05132 175419641   47426272310 allow ip from table(24) to any
05133 669353122  865882417822 allow ip from any to table(24)
05140         0             0 pipe 56320 ip from table(25) to any out
05141         0             0 pipe 56321 ip from any to table(25) in
05142         0             0 allow ip from table(25) to any
05143         0             0 allow ip from any to table(25)
05150   9943755    2556565497 pipe 61440 ip from table(26) to any out
05151  20311009   25161454588 pipe 61441 ip from any to table(26) in
05152  15473156    4041401910 allow ip from table(26) to any
05153  39954805   49388876294 allow ip from any to table(26)
05160         0             0 pipe 1024 ip from table(27) to any out
05161         0             0 pipe 1025 ip from any to table(27) in
05162         0             0 allow ip from table(27) to any
05163         0             0 allow ip from any to table(27)
05170 190696823   48378612036 pipe 7144 ip from table(28) to any out
05171 464822209  606071562455 pipe 7145 ip from any to table(28) in
05172 190705648   48379265048 allow ip from table(28) to any
05173 922306303 1201411013501 allow ip from any to table(28)
05180         0             0 pipe 7146 ip from table(29) to any out
05181         0             0 pipe 7147 ip from any to table(29) in
05182         0             0 allow ip from table(29) to any
05183         0             0 allow ip from any to table(29)
05190  43309590    8801314453 pipe 8144 ip from table(30) to any out
05191  88717677  117715216495 pipe 8145 ip from any to table(30) in
05192  43309590    8801314453 allow ip from table(30) to any
05193 175618509  232854275928 allow ip from any to table(30)
05200  10888813    5334631314 pipe 8146 ip from table(31) to any out
05201  16013831   19674342041 pipe 8147 ip from any to table(31) in
05202  10888663    5334474358 allow ip from table(31) to any
05203  31475585   38560527150 allow ip from any to table(31)
05210         0             0 pipe 9145 ip from table(32) to any out
05211         0             0 pipe 9146 ip from any to table(32) in
05212         0             0 allow ip from table(32) to any
05213         0             0 allow ip from any to table(32)
05220   2544100     537059666 pipe 10245 ip from table(33) to any out
05221   4447968    5684320988 pipe 10246 ip from any to table(33) in
05222   2544100     537059666 allow ip from table(33) to any
05223   8836717   11285189288 allow ip from any to table(33)
05230  47613275   15722701387 pipe 10247 ip from table(34) to any out
05231 113411895  144602237469 pipe 10248 ip from any to table(34) in
05232  47614354   15722728526 allow ip from table(34) to any
05233 225496493  287349721275 allow ip from any to table(34)
05240   9056179    6115076809 pipe 12464 ip from table(35) to any out
05241  16378737   21357031599 pipe 12465 ip from any to table(35) in
05242   9055972    6114981275 allow ip from table(35) to any
05243  32630598   42528791890 allow ip from any to table(35)
05250         0             0 pipe 13464 ip from table(36) to any out
05251         0             0 pipe 13465 ip from any to table(36) in
05252         0             0 allow ip from table(36) to any
05253         0             0 allow ip from any to table(36)
05260         0             0 pipe 14464 ip from table(37) to any out
05261         0             0 pipe 14465 ip from any to table(37) in
05262         0             0 allow ip from table(37) to any
05263         0             0 allow ip from any to table(37)
05270         0             0 pipe 15060 ip from table(38) to any out
05271         0             0 pipe 15061 ip from any to table(38) in
05272         0             0 allow ip from table(38) to any
05273         0             0 allow ip from any to table(38)
05280         0             0 pipe 16060 ip from table(39) to any out
05281         0             0 pipe 16061 ip from any to table(39) in
05282         0             0 allow ip from table(39) to any
05283         0             0 allow ip from any to table(39)
05290   1966598    1149382145 pipe 17060 ip from table(40) to any out
05291   2978779    3608481444 pipe 17061 ip from any to table(40) in
05292   1966598    1149382145 allow ip from table(40) to any
05293   5948429    7203616668 allow ip from any to table(40)
05300  41590659   14968772354 pipe 18432 ip from table(41) to any out
05301  60760497   75353754472 pipe 18433 ip from any to table(41) in
05302  41621017   15010246799 allow ip from table(41) to any
05303 121000592  149954579864 allow ip from any to table(41)
05310         0             0 pipe 19432 ip from table(42) to any out
05311         0             0 pipe 19433 ip from any to table(42) in
05312         0             0 allow ip from table(42) to any
05313         0             0 allow ip from any to table(42)
05320    734984     280840547 pipe 20432 ip from table(43) to any out
05321   2623468    3426823937 pipe 20433 ip from any to table(43) in
05322    734984     280840547 allow ip from table(43) to any
05323   5242040    6846815006 allow ip from any to table(43)
65535   3495281     249541350 deny ip from any to any

 

Edited by fr3nd

Share this post


Link to post
Share on other sites

4 минуты назад, TheUser сказал:

Может быть есть смысл pipe переделать через tablearg?

И allow ip XXX тоже как-то переделать...

А зачем вам 8 FIB-ов???

tablearg не юзал, почитаю

Setfib, 6 NATов абонентских + 2 на тест, тут был расчет из того что на каждый NAT до 1 Gbit/s c запасом так сказать.

Думаете в эту сторону копать ? 

Share this post


Link to post
Share on other sites

5 часов назад, fr3nd сказал:

Думаете в эту сторону копать ? 

Думаю, что оптимизация фаервола даст немного прироста.

Отключите шейп (при условии, что не будет полки где-то в узком месте) и посмотрите что станет с нагрузкой.

Share this post


Link to post
Share on other sites

15 минут назад, TheUser сказал:

Думаю, что оптимизация фаервола даст немного прироста.

Отключите шейп (при условии, что не будет полки где-то в узком месте) и посмотрите что станет с нагрузкой.

Интересная вещь, исключив примерно 50% pipeов вот что получил :
и канал прокачал до 2.92 Gbit/s, больше трафика абоны не генерят

netstat -w 1
            input        (Total)           output
   packets  errs idrops      bytes    packets  errs      bytes colls
    659284     0     0  701535203     532459     0  412523947     0
    652508     0     0  688272175     533191     0  413225486     0
    657645     0     0  685544724     536840     0  403915069     0
    641441     0     0  666188109     530615     0  396935026     0
    631128     0     0  660667052     525205     0  403082602     0
    651938     0     0  685016744     531476     0  399100978     0
    652382     0     0  682720783     537903     0  411552083     0
    646259     0     0  684313944     528971     0  408424724     0
    664234     0     0  698992348     543152     0  414776031     0
    677219     0     0  705356838     560997     0  433857840     0
    653246     0     0  691381785     534548     0  408766461     0
    659641     0     0  692617484     540544     0  417158004     0


    CPU 0:   0.0% user,  0.0% nice,  1.6% system, 55.3% interrupt, 43.1% idle
CPU 1:   0.0% user,  0.0% nice,  0.0% system, 61.2% interrupt, 38.8% idle
CPU 2:   0.0% user,  0.0% nice,  0.0% system, 62.0% interrupt, 38.0% idle
CPU 3:   0.0% user,  0.0% nice,  0.0% system, 69.4% interrupt, 30.6% idle
CPU 4:   0.0% user,  0.0% nice,  0.0% system, 57.6% interrupt, 42.4% idle
CPU 5:   0.0% user,  0.0% nice,  0.0% system, 74.9% interrupt, 25.1% idle
CPU 6:   0.0% user,  0.0% nice,  0.0% system, 54.5% interrupt, 45.5% idle
CPU 7:   0.0% user,  0.0% nice,  0.0% system, 58.4% interrupt, 41.6% idle
CPU 8:   0.0% user,  0.0% nice,  0.0% system, 58.0% interrupt, 42.0% idle
CPU 9:   0.0% user,  0.0% nice,  0.0% system, 58.0% interrupt, 42.0% idle
CPU 10:  0.0% user,  0.0% nice,  0.0% system, 55.7% interrupt, 44.3% idle
CPU 11:  0.0% user,  0.0% nice,  0.4% system, 63.9% interrupt, 35.7% idle
CPU 12:  0.0% user,  0.0% nice,  0.4% system, 56.9% interrupt, 42.7% idle
CPU 13:  0.0% user,  0.0% nice,  0.0% system, 62.0% interrupt, 38.0% idle
CPU 14:  0.0% user,  0.0% nice,  0.0% system, 61.2% interrupt, 38.8% idle
CPU 15:  0.0% user,  0.0% nice,  0.8% system, 59.2% interrupt, 40.0% idle

исходя из этого, поможет ли мне оптимизация фаерволла настолько чтоб держать подобный результат или я все таки упираюсь в проц для шейпинга такого объема данных?

Share this post


Link to post
Share on other sites

51 минуту назад, fr3nd сказал:

и канал прокачал до 2.92 Gbit/s, больше трафика абоны не генерят

А потери пакетов при этом начались?

Edited by Tau

Share this post


Link to post
Share on other sites

14 часов назад, fr3nd сказал:

net.isr.defaultqlimit=4096 net.isr.bindthreads=1 net.isr.maxthreads=16 net.isr.numthreads=16 net.link.ifqmaxlen=10240

Я бы увеличил.

У тебя в сетевухах очереди поди 4096....

 

 

14 часов назад, fr3nd сказал:

### TCP Hostcache Tuning ### net.inet.tcp.hostcache.hashsize=4096 net.inet.tcp.hostcache.bucketlimit=100 net.inet.tcp.hostcache.cachelimit=65536 ### TCP Syncache Tuning ### net.inet.tcp.syncache.hashsize=1024 net.inet.tcp.syncache.bucketlimit=100 net.inet.tcp.syncache.cachelimit=65536 #TCP control-block Hash table tuning net.inet.tcp.tcbhashsize=4096

Не влияет.

 

14 часов назад, fr3nd сказал:

#TCP net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.sendbuf_auto=1 net.inet.tcp.recvbuf_auto=1 net.inet.tcp.sendbuf_inc=16384 net.inet.tcp.recvbuf_inc=524288 net.inet.tcp.hostcache.expire=1

 

#IP net.inet.ip.fw.one_pass=0 net.inet.ip.dummynet.hash_size=65536 net.inet.ip.dummynet.expire=1 net.inet.ip.dummynet.io_fast=1 net.inet.ip.dummynet.pipe_slot_limit=2048 net.inet.ip.fw.dyn_buckets=2048 net.inet.ip.intr_queue_maxlen=10240

Первая половина не влияет точно.

Тут я бы тоже очередь удлиннил, но кажется это очередь самого хоста а не маршрутизируемого.

 

14 часов назад, fr3nd сказал:

net.inet.tcp.tso=0

Тоже не влияет.

 

14 часов назад, fr3nd сказал:

net.graph.maxdgram=35000 kern.ipc.maxsockbuf=83886080

 

net.link.ether.inet.max_age=280 net.inet.tcp.sendspace=3217968 net.inet.udp.recvspace=3217968 net.inet.ip.fw.dyn_max=65535 net.inet.udp.maxdgram=57344 net.inet.udp.recvspace=65536 net.inet.tcp.sendspace=65536 net.inet.udp.blackhole=1 net.inet.tcp.blackhole=2 net.inet.tcp.mssdflt=1460 net.inet.tcp.minmss=536 net.inet.tcp.syncache.rexmtlimit=0 net.inet.ip.maxfragsperpacket=0 net.inet.ip.maxfragpackets=0 net.inet.tcp.abc_l_var=44 net.inet.tcp.initcwnd_segments=44 net.inet.tcp.syncookies=0 kern.random.fortuna.minpoolsize=2048

Вторая половина не влияет.

 

Попробуй ещё это:

kern.random.harvest.mask=526        # [UMA],FS_ATIME,[SWI],[INTERRUPT],[NET_NG],[NET_ETHER],[NET_TUN],MOUSE,KEYBOARD,ATTACH,[CACHED]

 

 

Дальше

kldload hwpmc
pmccontrol -e*
pmcstat -TS instructions -w1

в помощь.

Share this post


Link to post
Share on other sites

19 часов назад, default_vlan сказал:

Быть может и глупый вопрос, но. Вы уверены что потеря трафика именно на сервере? До сервера не проверяли?

конечно

на текущий момент включил обратно HT, kern.random.harvest.mask=351, на пике прожевал 2,95 Gbit/s при int CPU 68%, пока смотрю дальше

Edited by fr3nd

Share this post


Link to post
Share on other sites

ситуацию подобную уже несколько раз здесь видел.

https://www.intel.com/content/dam/www/public/us/en/documents/datasheets/xeon-e5-v2-datasheet-vol-1.pdf

страница 15, первый рисунок.

ваша сетевуха работает только с одним процом напрямую, со вторым - данные гоняются через первый и через QPI link.

добавьте герц/ядер на одном проце и выкиньте второй.

ну и гипертрейдинг наверно тоже далеко послать...

а потом уже всякий тюненх(тм)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.