I've uncovered a troubling performance symptom that I believe is related to relayd's "check script" functionality.
The system is a Dell R710 with 12GB RAM and 10Gb interfaces. The problem is that when relayd is running with redirects that uses the check script functionality, performance of the interface drops around 30% while the check script is running. I ran the tests in an offline configuration so no other traffic could be a factor ( test1 <--> OpenBSD <--> test2 ). Tests were performed using the nuttcp tool and both servers ( test1 & test2 ) pull line-rate 9.912Gbps when connected back-to-back. When run through the OpenBSD firewall, regardless of PF rules, the rate drops to 7.25Gbps when the script runs. At first I thought it was my script but I replaced my script with 'true', 'false' and the problem still remained. I've validated that this exists in versions 4.8 through 5.1. I've also tried looking at the relayd code but it seemed like a reasonable exec call. I can't seem to understand why a running script would cause a network performance drop. I would also bet that this only noticeable over 10Gb interfaces. Nevertheless, with check script running every 15 seconds we've succumbed to an overall drop in network performance. Any insight or direction would be greatly appreciated. Bennett
