I’m currently running a ROS 6.13 installation with four KVM guests - ROS on an Intel Core2Duo 2.6GHz with 2Gb RAM; installed is a 4Port Intel PCI-Express card (82571EB chipset) for internal traffic plus a 82541PI card for WAN.
Internal traffic is switched over HP Procurve 2510G-48 and HP Procurve E2910al-48G switches which are connected together over 4 SFP 1Gbit ports bonded trunk.
When I start a transfer from one server to another - all have Gbit cards - the throughput on ROS Host interface tops at a little over 200Mbit/s and drops to around 130Mbit/s, both CPU cores go and stay at around 80% load during the transfer.
There are no queues set but the default on each ethernet interface, firewall has just some simple input filtering rules to prevent access to routers.
edit:
just to clarify one machine is connected to the subnet that is routed through the host ROS installation and the other machine is connected to the subnet that is routed through one of the KVM Guests.
Before the move to ROS I had this machine running a clean linux installation with the same simple rules in place with iptables and never had problems with throughput.
Care to comment? What could be the problem here? Any insights?
RouterOS has neither paravirtualized device drivers nor paravirtualized kernel.
I/O depends strictly on HVM.
So, nic hardware is completely emulated without no acceleration.
Network performance are related to cpu performance and to nic emulation efficiency. Nothing more and nothing less.
I use some RouterOS VMs on Xenserver and network I/O is around 400Mb topping the cpu.
Seems that VMware does a better hvm job with much higher performance.
If you can pass the PCI NIC to the guest it will work with wirespeed. Pv guest also do this, but ROS needs hvm virtualisation. If mikrotik would compile in the PVHVM drivers, it would also give almost the same speed because the NIC is not emulated.
check how you have set up your guest network interfaces - if you have set up as NAT, it will be a hard time to get external host to establish a connection to internal hosts. Better option would be to use either router or bridged network so that all your guests are on the same subnet or the traffic can be routed to your virtual hosts.
There is also an option to create a virtual interface on your main host and assign it to the same virtual interface all your current guests are assigned to and do all the networking through there (default route etc.)
Best advice i can give when dealing with virtual networks/interfaces is to create network map ignoring all the virtual stuff and treating it as separate boxes and then you will know exactly what has to be configured and what issues will have to be addressed. Like, where is NAT, where is bridge/swtich etc.
