Private network dropping packets
I have a private network (logical network on a single server) and the performance is very poor. There are many dropped packets. I ran sniffer traces on both DomU machines. Packets go in one end and don't come out the other.
Configuration: There is a "firewall" linux DomU with 2 nic, one on the lan and one private. It's running simple iptables nat. There is a "private" linux DomU with 1 nic, on the private network. scp from the private machine to/from the firewall machine is 25M/s. scp from the firewall machine to the outside world is 25M/s. scp from the private machine to the outside world is 2M/s. The sniffer traces show about 5 packets going into the firewall end of the "wire" before the private machine starts sending duplicate acks for the missed packets. It all syncs back up and continues on for a few more packets. The throughput is absolutely horrible due to all the retransmissions and transmissions of packets after a dropped packet is noticed.
Oracle VM 3.0.3. Adding a CPU (2 cpus for a firewall? rediculous) got me up to this 10% performance area. It was about 1% of expected performance with 1 cpu. The firewall runs great on vSphere 5. ifconfig stats on the DomU show 0 dropped packets but Dom0 shows them by the hundreds of thousands.
Anyone got any ideas?