Tinc performance on a Dir-300
Clemens John
clemens-john at gmx.de
Tue Sep 21 14:49:30 CEST 2010
Am Dienstag 21 September 2010, 13:51:26 schrieb ZioPRoTo (Saverio Proto):
> > Our tinc device tap0 has an MTU of 1500 but it is in a bridge (br-mesh)
> > wich has an MTU of 1476. Maybe you can have a look at this?
>
> OK, maybe you have a problem with packet fragmentation and you waste a
> lot of CPU.
> Try to put the MTU of your tap device to a lower value.
>
> Make this test MTU 1280 and add the following rule to your iptables
> firewall:
>
> iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS
> --clamp-mss-to-pmtu
>
> this will cause new TCP connections to use segments that fit your interface
> MTU.
>
> Note that 1280 is not the optimal value, you can fine tune later if
> you see you get more speed.
Yeah! That gave me a performance boost of about 150K/s and tincd does not get
at 99% CPU anymore.
I now get a maximum of ~530K/s.
I will try to evaluate this :)
If you have more of such good tips I´m ofcourse interested :D
Clemens
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100921/28acccc4/attachment.pgp>
More information about the tinc
mailing list