From: Lee Yates <rainmakerraw@icloud.com>
To: "Jonathan Neuschäfer" <j.neuschaefer@gmx.net>
Cc: wireguard@lists.zx2c4.com
Subject: Re[2]: Very low throughput in *BSDs (but only as a router)
Date: Sun, 22 Jul 2018 16:15:09 +0000 [thread overview]
Message-ID: <em2e24e324-b892-408f-b01f-9e4a1e77497f@lee-pc> (raw)
In-Reply-To: <20180721221805.GD10598@latitude>
[-- Attachment #1: Type: text/plain, Size: 2199 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
>As far as I understand it, the virtual router OS is based on BSD,
>right?
>Are the virtual client OSes that you tested based on Linux?
>
>If that's the case, then the result is quite expected: There is a fast,
>in-kernel implementation for Linux[1], but no fast implementation for
>BSD.
>The implementation for BSD is wireguard-go[2], which hasn't really been
>optimized.
>
>
>Jonathan Neuschäfer
>
>[1]: https://git.zx2c4.com/WireGuard/tree/src
>[2]: https://git.zx2c4.com/wireguard-go/about/
Thanks for your reply.
No, I can achieve (almost) full WAN line rate using *BSD as local
clients' OS too, not just Linux ones. The wireguard-go being in user
space doesn't really cause much damage on powerful hardware. For example
on GhostBSD (in a VM) I got >345Mbps down and 20Mbps up running wg-go on
the same machine. [1] The throughput problem only arises when I run wg
directly on the router instance.
I think I made some progress however. I need to do some testing on my
main workstation later, though, as I was working on a (lower powered)
laptop today. OpenBSD being limited to a single core for routing (I
believe its pf is now more multi-threaded however) could also be a
factor. I'm going to move my improved pf.conf over to FreeBSD on the
workstation and see if I get better throughput. I'm convinced I've made
a simple mistake in implementing NAT or one of the pf rules at this
point. It doesn't really make sense otherwise.
I'll get there in the end. :) Thanks again for your reply.
Kind regards,
Lee Yates
[1] https://i.imgur.com/XCFADnR.png
-----BEGIN PGP SIGNATURE-----
Version: BCPG C# v1.8.1.0
iQFBBAEBCAArBQJbVK2PJBxMZWUgWWF0ZXMgPHJhaW5tYWtlcnJhd0BpY2xvdWQu
Y29tPgAKCRDvJcvMOyipklBtB/90STajUjPPXF6F7hkfQdE3xVqNTjfaW4J93+MH
4CKC+wdGAS9riIycSTyEIT1VPjFm17dyUwAEO5hUNfF6anywjTEPWVnR2Mirvnkz
oKURCwEwMMQr1ZHEN/naiO9IfQm9OJKy/20RD0kYMT6Qdmejg7xtQWzkKUD745f/
sRzVxJe6484dHxLW/1bQc5ccWCe3rM6uq9Axo3RyOiWPvDey+pOBEnMvK3LtoGQg
EqddOo72dzjTlWwc2GP7wBxEWtlvMaIg0HYsxsbmh50zWSTuFYclBGDyiDSrHzfl
fe4iHqiRVa6sx7xVys903Dg83tTI/cdJbEGvH4lRu/VZguoe
=zIHq
-----END PGP SIGNATURE-----
[-- Attachment #2: rainmakerraw@icloud.com.asc --]
[-- Type: application/pgp-keys, Size: 1677 bytes --]
next prev parent reply other threads:[~2018-07-22 16:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-20 20:54 Very low throughput in *BSDs (but only as a router) Lee Yates
2018-07-21 22:18 ` Jonathan Neuschäfer
2018-07-22 16:15 ` Lee Yates [this message]
2018-07-23 11:43 ` Re[2]: " Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=em2e24e324-b892-408f-b01f-9e4a1e77497f@lee-pc \
--to=rainmakerraw@icloud.com \
--cc=j.neuschaefer@gmx.net \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).