dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
821

Trel
Good Evening
Premium Member
join:2002-10-08
USA

Trel

Premium Member

Maximizing 10gbe (iperf) speeds without disabling services

We're doing some testing with 10gbe cards and two directly connected machines.
What we've found is regardless of settings for the drivers, if Windows Firewall and Base Filtering Engine services are enabled, we get significantly slower speeds.

However, having those services disabled prevents us from using the required anti-virus software we'll need to have.

Does anyone have any suggestions on what we could do to prevent the significant performance hit to the 10gbe cards while still keeping those services enabled?

Msradell
Premium Member
join:2008-12-25
Louisville, KY

Msradell

Premium Member

Have you tried using a firewall and antivirus from a different supplier? Each companies software behaves differently with your system. By reading your original post it looks like you are using the firewall provided by Microsoft which is known to be one of the most intrusive and least effective.

Trel
Good Evening
Premium Member
join:2002-10-08
USA

1 edit

Trel

Premium Member

said by Msradell:

Have you tried using a firewall and antivirus from a different supplier? Each companies software behaves differently with your system. By reading your original post it looks like you are using the firewall provided by Microsoft which is known to be one of the most intrusive and least effective.

We don't have that option. Even with Windows firewall disabled, the base filtering engine service alone interferes with 10gbe and we're at a loss here.

Also to clarify, we're having these issues prior to the anti-virus software.
I'm asking about it now because that software requires the base filtering engine service to be present, and we will have to use this antivirus software (symantec endpoint protection) when these servers go live as per network policy.
dave
Premium Member
join:2000-05-04
not in ohio

dave to Trel

Premium Member

to Trel
Putting a software filter in the way will introduce end-to-end latency, this seems unavoidable. For a single protocol stream, this tends to reduce throughput, because the time between request and response is greater.

The way to keep throughput up in the face of latency is increased parallelism: more independent sessions, or more outstanding requests before awaiting a response. As an application user, you may not have that option.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian to Trel

Premium Member

to Trel
Just a couple of things.

QOS turned off/on help?
(In properties for the connection)
»www.wireshark.org/docs/w ··· ums.html
Checksum or TCP offloading on/off help?
(In the device manager|network adapters|properties|advanced)
»www.rackspace.com/knowle ··· ver-2012

These are the first two I look at if there is any lag.
Shady Bimmer
Premium Member
join:2001-12-03

Shady Bimmer to Trel

Premium Member

to Trel
When doing your testing have you included performance monitoring of the platform in addition to the network?

Maintaining throughput while trying to do any processing on a 10Gb link will take considerable processor utilization. If the base filtering service introduces CPU context switching (IE: if it causes an extra switch from unprivileged user to privileged kernel and back) this will introduce significant latency. Performance monitoring with/without the noted service(s) running may provide insight.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

said by Shady Bimmer:

If the base filtering service introduces CPU context switching (IE: if it causes an extra switch from unprivileged user to privileged kernel and back) this will introduce significant latency.

That sounds familiar.
Love to be able to sort that at work but it's not my place to do so.
I've found the new system where you log on as an email address, even just running an email client with a lot of emails off the exchange server causes problems.
Yea, love to sort that out.

Hope you find what is sucking up the bandwidth without too much trouble.

Trel
Good Evening
Premium Member
join:2002-10-08
USA

Trel to Shady Bimmer

Premium Member

to Shady Bimmer
said by Shady Bimmer:

When doing your testing have you included performance monitoring of the platform in addition to the network?

Maintaining throughput while trying to do any processing on a 10Gb link will take considerable processor utilization. If the base filtering service introduces CPU context switching (IE: if it causes an extra switch from unprivileged user to privileged kernel and back) this will introduce significant latency. Performance monitoring with/without the noted service(s) running may provide insight.

I'm not sure what you mean by performance monitoring with/without the services. If you're referring to say using iperf with it on, and then iperf with it off, that's what we already did to narrow it down to that service.
Shady Bimmer
Premium Member
join:2001-12-03

Shady Bimmer

Premium Member

said by Trel:

I'm not sure what you mean by performance monitoring with/without the services. If you're referring to say using iperf with it on, and then iperf with it off, that's what we already did to narrow it down to that service.

I asked if you had done performance monitoring of the platform in addition to the network.

Specifically, did you monitor CPU utilization (per-core), memory utilization, context switching, interrupts, and other I/O metrics?

There are many factors involved in optimizing network performance, especially with 10Gb. The addition of those services may have a significant impact on CPU utilization and you may be hitting a limit, but that would be pure speculation without actual metrics.

Trel
Good Evening
Premium Member
join:2002-10-08
USA

Trel

Premium Member

said by Shady Bimmer:

said by Trel:

I'm not sure what you mean by performance monitoring with/without the services. If you're referring to say using iperf with it on, and then iperf with it off, that's what we already did to narrow it down to that service.

I asked if you had done performance monitoring of the platform in addition to the network.

Specifically, did you monitor CPU utilization (per-core), memory utilization, context switching, interrupts, and other I/O metrics?

There are many factors involved in optimizing network performance, especially with 10Gb. The addition of those services may have a significant impact on CPU utilization and you may be hitting a limit, but that would be pure speculation without actual metrics.

Ok, I think we're having a bit of miscommunication of the issue I'm having.

I don't remember the exact numbers but with Base Filtering Engine ON, I'm getting around 1gbit speeds, maybe sometimes 2. If I disable the service, I immediately get closer to 7 or 8 gbit.

The CPU isn't getting hit hard at all, these were fresh Lenovo servers with dedicated intel fiber 10gbe cards.

Fresh install of Win Server 2012 r2
2.50 ghz quad-core Xeon, 16gb ram

No software other than drivers installed.

We weren't using any other software to monitor other than looking at task manager, but the CPU wasn't getting particularly hammered.

That service was like a switch.
Shady Bimmer
Premium Member
join:2001-12-03

Shady Bimmer

Premium Member

said by Trel:

We weren't using any other software to monitor other than looking at task manager, but the CPU wasn't getting particularly hammered.

That service was like a switch.

You will need to do much more detailed monitoring. If you enable an OS service and performance drops through the floor then you'll need to find which resource is the bottleneck.

If you have a quad-core CPU and task manager showed 25% CPU utilization (either overall, or consistently across all four cores) then I would not say the CPU is not getting particularly hammered. If a particular service/process/app is single-threaded then a 25% utilization across four cores for that service/process/app has reached its limit (100% of a single core) and would be the bottleneck. I would not know whether the MS Base Filtering engine is single- or multi-threaded but some research may provide details.

These types of issues may not be easy to diagnose. Perhaps opening a case with Microsoft may provide some insight?