[CentOS] Centos 7 as gateway - UDP performance is busted/awful?

Thu Aug 14 17:05:58 UTC 2014
Tony Mountifield <tony at softins.co.uk>

In article <20140814120002.16440e86 at tomh>,
Tom Horsley <horsley1953 at gmail.com> wrote:
> I just replaced a dead system disk on my KVM host that was
> running an ancient fedora 13. Since centos 7 was available,
> I decided to go with it to get some long term stability.
> 
> The problem is that NFS mounts inside the virtual machines
> don't work for spit when talking to older NFS servers that
> must speak UDP.
> 
> Is there something about UDP traffic that requires tweaks
> I don't know about for centos 7 to serve as a gateway machine?
> I've got the ip forwarding settings and other sysctl stuff
> that was set in the old fedora 13 system.
> 
> I've got the bridges defined that same way as the old f13
> system.
> 
> I've got TCP stream connections working flawlessly, it is
> just the UDP traffic that seems to barf.
> 
> Does this strike a familiar note with anyone?
> 
> When I run wireshark on the KVM host machine, I see
> NFS packets retransmitting a lot and I also see ICMP
> messages about Destination Unreachable, Fragmentation
> Needed. (I don't know what any of it means though :-).

This means that either the host or one of the guests is trying to
send packets with a larger MTU than part of the path to the destination
will allow.

If you look inside the ICMP packet in wireshark, it will tell you
who sent it and what MTU they said was acceptable.

For TCP, the protocol stack is able to adapt by reducing its MSS
dynamically in response to those ICMPs and retry. I don't think
UDP is able to do that.

Also examine the MTU settings for your network interfaces on both
the host and the guests, using ifconfig -a.

Cheers
Tony
-- 
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org