I have been battling an extremely odd behavior with the VirtIO adapter for Linux KVM guests. First, my set up:
KVM host is a CentOS 6.8 box. Guests are running CentOS 7. The adapters were originally connected to a host bridge although I changed the virtual networking into a OVS setup with the guests connecting to a OVS bridge.
The Linux guests all live on the OVS bridge "internalbr1" that is not bridged to a host interface. Instead, traffic goes to the LAN gateway of 10.255.0.1 which is the LAN interface of a PFSense VM who sends it out through a passthrough interface on the host. Basically the OVS bridge "internalbr1" is acting as a switch between the guests and firewall LAN side.
Originally the guests had the e1000 adapter but due to speed issues (speed decrease down to 100k during downloads) I want to switch over to VirtIO. There is a Windows Guest (2012) running with a VirtIO adapter (saw same e1000 issue. On a bridge to a host interface) and it's working perfectly. All of the Linux guests can ping out just fine with no latency, trying to pull web pages with wget is extremely slow and yum commands return with "No route to host" even though pings to the yum repos work just fine.
I'm at a loss on what's going on and hours googling is not helping. Has anyone else ran into an issue similar before?
Update
Discovered that it was the PfSense firewall after all and not VirtIO (well partially). After doing some packet captures on the firewall I discovered bad checksums on the packets leaving. I found that this is sometimes the issue with hardware checksum offloading. I disabled hardware checksum offloading and everything starting working like it should. I guess the VirtIO adapter cannot do hardware checksum offloading (at least with my versions). This also explained why I was seeing no issue with the e1000 adapter.
I hope this helps someone in the future.
