Last Update : November 29, 1999
This scenario verifies the performance characteristics of a network interconnecting device, when the target ROUTER is attached to the model network.Then we determine about IP datagram size exclude the Ethernet header in this scenario.
Verification of router's performance about packet forwarding of ROUTER under network that a ROUTER works as Security Gateway.Authentication Header(AH) tunnel mode.
Authentication algorithm :
HMAC-MD5MODE :
tunnelVerification Points :- Frame loss rateSend a specific number of frames at a specific rate through the DUT to be tested and count the frames that are transmitted by the DUT.The frame loss rate at each point is calculated using the following equation:
( ( input_count - output_count ) * 100 ) / input_count - Throughput
Send a specific number of frames at a specific rate through the DUT and then count the frames that are transmitted by the DUT.
If the count of offered frames is equal to the count of received frames, the fewer frames are received than were transmitted, the rate of the offered stream is reduced and the test is rerun.
The throughput is the fastest rate at which the count of test frames transmitted by the DUT is equal to the number of test frames sent to it by the test equipment.
UDP
SGW=Security Gateway
HOST-2
|
|
-----------+-------+------------ (Net-X) (Prefix 3ffe:501:481d:f003::/64)
|
|
ROUTER-2(SGW)
|
|
---+-------+-------------------- (Net-Y) (Prefix 3ffe:501:481d:f002::/64)
|
|
ROUTER-1(SGW)
|
|
---+-------+-------------------- (Net-Z) (Prefix 3ffe:501:481d:f001::/64)
|
|
HOST-1
| Machine | Comments | Initial status | Configuration |
|---|---|---|---|
| HOST-1 | Reference Machine | Is attached to Net-Z with power turned off. | - |
| ROUTER-1 | Your Machine | Power is turned off. I/F-Z is attached to Net-Z while I/F-Y is attached to Net-Y. |
Static routing. Sends RA to Net-Z. Doesn't send and receive RIP. |
| ROUTER-2 | Reference Machine | Power is turned off. I/F-Y is attached to Net-Y while I/F-X is attached to Net-X. |
Static routing. Sends RA to Net-X. Doesn't send and receive RIP. |
| HOST-2 | Reference Machine | Is attached to Net-Y with power turned off. | - |
*Auth Alg = Authentication Algorithm
| Machine | Src | Dest | Protocol | Mode | SPI | Auth Alg | Upper | Port(Src/Dst) |
|---|---|---|---|---|---|---|---|---|
| ROUTER-1 | Net-Z | Net-X | AH | Tunnel | 1011 | HMAC-MD5 | any | - |
| ROUTER-2 | Net-X | Net-Z | AH | Tunnel | 5011 | HMAC-MD5 | any | - |
Performance is checked by using application program "tg".
| No | Action | Check point | Comments |
|---|---|---|---|
| 1 | Boot HOST-1 | - | - |
| 2 | Boot HOST-2 | - | - |
| 3 | Boot ROUTER-1 | - | - |
| IPsec tunnel (granularity=Network) (algorithm=HMAC-MD5) | |||
| 4 | At ROUTER-1 set configuration | - | - |
| 5 | At ROUTER-2 set configuration | - | - |
| Confirmation of reachability | |||
| 6 |
At HOST-1, run "ping6" to HOST-2's global address. Repeat 10 times. Ex) # ping6 -c 10 HOST-2 |
- |
ROUTER-1 should transmit NS to HOST-2's "Solicited-Node Address" in order to forward "Echo Request" to HOST-2. HOST-2 should transmit NA to ROUTER-1 (I/F = Net-Y).
ROUTER-1 should transmit NS to HOST-1's "Solicited-Node Address" in order to forward "Echo Reply" to HOST-1. |
| 7 | Wait 2 seconds. | - | wait 2 seconds to be sure that the learning has settled. |
| Run the test trial(Frame loss rate) | |||
| 8 |
At HOST-1, transmit UDP packets to HOST-2's global address.
The sizes are 16, 80, 208, 464, 720, 976, 1232, 1452 bytes of UDP Data. The frame rates are 100%, 90%, 80% ... of maximum rate. At the end of each trial Wait for 2 seconds for any residual frames to be received. This sequence SHOULD be continued (at reducing 10% intervals) until there are two successive trials in which no frames are lost. |
Check the number of packets sent from HOST-1 about all size.
Check the number of packets received at HOST-2 about all size. |
Total size of IP Datagram is 64=40+8+16 bytes. Total size of IP Datagram is 128=40+8+80 bytes. Total size of IP Datagram is 256=40+8+208 bytes. Total size of IP Datagram is 512=40+8+464 bytes. Total size of IP Datagram is 768=40+8+720 bytes. Total size of IP Datagram is 1024=40+8+976 bytes. Total size of IP Datagram is 1280=40+8+1232 bytes. Total size of IP Datagram is 1500=40+8+1452 bytes. |
| Repeat the trial. | |||
| 9 | Repeat the action No. 8, total 5 times. | - |
Maximsum value and minimum value are ignored.
Average 3 values. |
| Run the test trial(Throughput) | |||
| 10 | At HOST-1, transmit UDP packets to HOST-2's global address.
If the count of offered frames is equal to the count of received frames, The sizes are 16, 80, 208, 464, 720, 976, 1232, 1452 bytes of UDP Data. The duration of the test portion of each trial SHOULD be at least 60 seconds. Increase the interval until "Frame loss rate" becomes 0%. At the end of each trial Wait for 2 seconds for any residual frames to be received. |
Check the number of packets sent from HOST-1 about all size.
Check the number of packets received at HOST-2 about all size.
Check the throughput about all size. |
Total size of IP Datagram is 64=40+8+16 bytes. Total size of IP Datagram is 128=40+8+80 bytes. Total size of IP Datagram is 256=40+8+208 bytes. Total size of IP Datagram is 512=40+8+464 bytes. Total size of IP Datagram is 768=40+8+720 bytes. Total size of IP Datagram is 1024=40+8+976 bytes. Total size of IP Datagram is 1280=40+8+1232 bytes. Total size of IP Datagram is 1500=40+8+1452 bytes. |
| Repeat the trial. | |||
| 11 | Repeat the action No. 10, total 5 times. | - |
Maximsum value and minimum value are ignored.
Average 3 values. |
Devices Under Test(DUT)
- Frame loss rate
| Percentage of maximum frame rate | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 100% | 90% | 80% | 70% | 60% | 50% | 40% | 30% | 20% | 10% | |
| 16 byte | (1) | (2) | (3) | (4) | (5) | |||||
| 80 byte | (6) | (7) | ||||||||
| 208 byte | ||||||||||
| 464 byte | ||||||||||
| 720 byte | ||||||||||
| 976 byte | ||||||||||
| 1232 byte | ||||||||||
| 1452 byte | ||||||||||
When size is 16 byte, if frame loss rates of (4) and (5) are 0%, change the size.- ThroughputAfter the trial about all size has been finished, repeat the trial total 5 times.
When size is 16 byte, if frame loss rates of (4) and (5) are 0%, trial is started from 80% of maximum frame rate.Reduce the frame rate until frame loss rate becames 0%.
After the trial about all size has been finished, repeat the trial total 5 times.
- Frame loss ratethe X axis is the input frame rate as a percent of the theoretical rate for the media at the specific IP datagram size.
The Y axis MUST be the percent loss at the particular input rate.The left end of the X axis and the bottom of the Y axis MUST be 0 percent.
the right end of the X axis and the top of the Y axis MUST be 100 percent.Multiple lines on the graph MAY used to report the frame loss rate for different IP datagram sizes, protocols, and types of data streams.
- Throughput
the x coordinate is the IP datagram size.
the y coordinate SHOULD be the frame rate.There SHOULD be one line showing the theoretical frame rate for the media at the various IP datagram sizes.
The second line SHOULD be the plot of the test results.
Maximum frame rates reference
| Size(bytes) | Ethernet(pps) | Fast Ethernet(pps) |
|---|---|---|
| 64 | 12254 | 122549 |
| 128 | 7530 | 75301 |
| 256 | 4251 | 42517 |
| 512 | 2272 | 22727 |
| 768 | 1550 | 15508 |
| 1024 | 1177 | 11770 |
| 1280 | 948 | 9484 |
| 1500 | 812 | 8127 |
Theoretical maximum pps rates for Ethernet and Fast Ethernet were calculated by adding 20 bytes to each frame size to account for 0.96 microsecond inter-frame gap (equivalent to 12 bytes) and preamble (8 bytes).Thus, the maximum Ethernet frame rate in pps for a IP Datagram of X bytes is:
and, the maximum Fast Ethernet frame rate in pps for a IP Datagram of X bytes is:
Frame rates reference (Ethernet)
| Ethernet(pps) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 100% | 90% | 80% | 70% | 60% | 50% | 40% | 30% | 20% | 10% | |
| 64 byte | 12254 | 11029 | 9803 | 8578 | 7352 | 6127 | 4901 | 3676 | 2450 | 1225 |
| 128 byte | 7530 | 6777 | 6024 | 5271 | 4518 | 3765 | 3012 | 2259 | 1506 | 753 |
| 256 byte | 4251 | 3826 | 3401 | 2976 | 2551 | 2125 | 1700 | 1275 | 850 | 425 |
| 512 byte | 2272 | 2045 | 1818 | 1590 | 1363 | 1136 | 909 | 681 | 454 | 227 |
| 768 byte | 1550 | 1395 | 1240 | 1085 | 930 | 775 | 620 | 465 | 310 | 155 |
| 1024 byte | 1177 | 1059 | 941 | 823 | 706 | 588 | 470 | 353 | 235 | 117 |
| 1280 byte | 948 | 853 | 758 | 663 | 569 | 474 | 379 | 284 | 189 | 94 |
| 1500 byte | 812 | 731 | 650 | 568 | 487 | 406 | 325 | 243 | 162 | 81 |
Frame rates reference (Fast Ethernet)
| Ethernet(pps) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 100% | 90% | 80% | 70% | 60% | 50% | 40% | 30% | 20% | 10% | |
| 64 byte | 122549 | 110294 | 98039 | 85784 | 73529 | 61274 | 49019 | 36764 | 24509 | 12254 |
| 128 byte | 75301 | 67770 | 60240 | 52710 | 45180 | 37650 | 30120 | 22590 | 15060 | 7530 |
| 256 byte | 42517 | 38265 | 34013 | 29761 | 25510 | 21258 | 17006 | 12755 | 8503 | 4251 |
| 512 byte | 22727 | 20454 | 18181 | 15908 | 13636 | 11363 | 9090 | 6818 | 4545 | 2272 |
| 768 byte | 15508 | 13957 | 12406 | 10855 | 9304 | 7754 | 6203 | 4652 | 3101 | 1550 |
| 1024 byte | 11770 | 10593 | 9416 | 8239 | 7062 | 5885 | 4708 | 3531 | 2354 | 1177 |
| 1280 byte | 9484 | 8535 | 7587 | 6638 | 5690 | 4742 | 3793 | 2845 | 1896 | 948 |
| 1500 byte | 8127 | 7314 | 6501 | 5688 | 4876 | 4063 | 3250 | 2438 | 1625 | 812 |