I want to follow up on my June 5 post about virtual network performance. We did some further testing and now have some concrete numbers to talk about.Lets first set the context. We are using a VM as a virtual firewall inside of an ESX server. So the question arises, how much does that slow us down? How fast can you move packets from a VM to the VFW out the interface of the VFW to the second VM?We used netperf to do the testing, and used the range test.The throughput you can squeeze out depends on the size of the datagram, so we end up with a table that looks something like this. We used tripped down Linux VMs running netperf (specifically the tcp_range-script) to generate the test packets and measure the throughput.
I read an interesting article on The Critical Role of Automation in a Virtualized World. The author talks about how all the increases in efficiency that come with virtualization bring a vast increase in complexity that threatens mission-critical business processing. He talks about enterprise schedulers with automation capabilities that provide a solution.Networking just exacerbates the issues raised in that article. In addition to bringing up the VM on the appropriate ESX server when it is needed, you also have to configure the VLAN to connect it to the right place, and put the firewall ACL in place to allow other servers to acess it. In case you are doing this balancing act across multiple data centers, you also have to configure VPN tunnels and potentially routes to allow the applications to work.The benefit to all this added complexity, of course, is an even greater increase in the efficiency that you set out to achieve. If you can increase efficiency by flexibly moving VMs across racks, think about how much better it would be if you could move VMs to any location on the globe where the power happened to be cheapest at that minute. Of course, with the cost and latency of moving the bits across the network, its not as simple as that, but you can think about it as increasing the solution space that your enterprise scheduling tools have to play with in order to find the cheapest solution that satisfies your QoS and reliability constraints.
How fast can you drive the network from a VM?VMware claims that they can go as fast as native hardware...http://www.vmware.com/files/pdf/ESX_networking_performance.pdf But a bit of deeper reading into vmware's claims seems to indicate that in order to get the network performance up to native hardware levels, you have to install the vmxnet driver. Also, you have to enable a few things (Jumbo frames, TCP Segmentation Offloading).We are still playing around with the various settings in our lab. While the performance is significantly improved from the starting point, we are still not at the point comparable to native hardware. Stay tuned for more results.
