This document discusses using Iperf, a tool for active measurements of the maximum achievable bandwidth on IP networks. It describes how Iperf can test TCP and UDP throughput, and notes some limitations in TCP measurements. The document provides examples of Iperf commands and options to measure bandwidth, including adjusting buffers, parallel transfers, and reporting intervals. It also describes how to use Iperf to generate very high bandwidth streams, with cautions about unintended network impacts.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
NAT and firewall presentation - how setup a nice firewallCassiano Campes
This is a presentation I did during my internship @ PARKS in 2014. It shows how to configure NAT & firewall rules using IPTABLES.
I hope this can be useful to somebody in the future.
These slides summarise the 0-RTT converters that were proposed in the IETF MPTCP working group to aid the deployment of Multipath TCP. Additional details are available in https://www.ietf.org/internet-drafts/draft-bonaventure-mptcp-converters-01.txt
High performance browser networking ch1,2,3Seung-Bum Lee
Presentation material including summary of "High Performance Browser Networking" by Ilya Grigorik. This book includes very good summary of computer network not only for internet browsing but also multimedia streaming.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
NAT and firewall presentation - how setup a nice firewallCassiano Campes
This is a presentation I did during my internship @ PARKS in 2014. It shows how to configure NAT & firewall rules using IPTABLES.
I hope this can be useful to somebody in the future.
These slides summarise the 0-RTT converters that were proposed in the IETF MPTCP working group to aid the deployment of Multipath TCP. Additional details are available in https://www.ietf.org/internet-drafts/draft-bonaventure-mptcp-converters-01.txt
High performance browser networking ch1,2,3Seung-Bum Lee
Presentation material including summary of "High Performance Browser Networking" by Ilya Grigorik. This book includes very good summary of computer network not only for internet browsing but also multimedia streaming.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
This gives an overall idea about wireshark design and how to capture packets using wireshark, tcpdump and tshark. It also covers basics behind measuring network performance and tools to use such as bmon and iperf.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThomas Graf
The Linux packet filtering technology, iptables, has its roots in times when networking was relatively simple and network bandwidth was measured in mere megabits. Emerging technologies, such as distributed NAT, overlay networks and containers require enhanced functionality and additional flexibility. In parallel, the next generation of network cards with speeds of 40Gb and 100Gb will put additional pressure on performance.
In the upcoming Red Hat Enterprise Linux 7, a new dynamic firewall service, FirewallD, is planned to provide greater flexibility over iptables by eliminating service disruptions during rule updates, abstraction, and support for different network trust zones. Additionally, a new virtual machine-based packet filtering technology, nftables, addresses the functionality and flexibility requirements of modern network workloads.
In this session you’ll:
Deep dive into the newly introduced packet filtering capabilities of Red Hat Enterprise Linux 7 beta.
Learn best practices.
See the new set of configuration utilities that allow new optimization possibilities.
1. 1
Using Iperf
Jon M. Dugan
<jdugan@es.net>
NANOG 43, Brooklyn, NY
June 1, 2008
Energy Sciences Network
Lawrence Berkeley National Laboratory
Networking for the Future of Science
3. 3
Iperf’s notion of clients and servers
Client is the sender
Server is the receiver
(discard server)
4. 4
TCP Measurements
• Measures TCP Achievable Bandwidth
– Measurement includes the end system
– Sometimes called “memory-to-memory” tests
• Limits of what we can measure
– TCP is a largely a black box
• Many things can limit TCP throughput
– Loss
– Congestion
– Buffer Starvation
– Out of order delivery
5. 5
Example Iperf TCP Invocation
Server (receiver):
$ iperf -s
------------------------------------------------------------
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
------------------------------------------------------------
[ 4] local 10.0.1.5 port 5001 connected with 10.0.1.10 port 60830
[ 4] 0.0-10.0 sec 1.09 GBytes 933 Mbits/sec
[ 4] local 10.0.1.5 port 5001 connected with 10.0.1.10 port 60831
[ 4] 0.0-10.0 sec 1.08 GBytes 931 Mbits/sec
Client (sender):
$ iperf -c 10.0.1.5
------------------------------------------------------------
Client connecting to 10.0.1.5, TCP port 5001
TCP window size: 129 KByte (default)
------------------------------------------------------------
[ 3] local 10.0.1.10 port 60830 connected with 10.0.1.5 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.2 sec 1.09 GBytes 913 Mbits/sec
6. 6
Bandwidth Delay Product
• The amount of “in flight” data allowed for a TCP
connection
• BDP = bandwidth * round trip time
• Example: 1Gb/s cross country, ~100ms
1,000,000,000 b/s * .1 s = 100,000,000 bits
100,000,000 / 8 = 12,500,000 bytes
12,500,000 bytes / (1024*1024) ~ 12MB
• To get full TCP performance the TCP window needs to be
large enough to accommodate the Bandwidth Delay
Product
7. 7
UDP Measurements
• UDP provides greater transparency
• We can directly measure some additional things:
– Loss
– Jitter
– Out of order delivery
8. 8
Example Iperf UDP Invocation
Server (receiver):
$ iperf -u -s
------------------------------------------------------------
Server listening on UDP port 5001
Receiving 1470 byte datagrams
UDP buffer size: 107 KByte (default)
------------------------------------------------------------
[ 3] local 10.0.1.5 port 5001 connected with 10.0.1.10 port 65299
[ 3] 0.0-10.0 sec 1.25 MBytes 1.05 Mbits/sec 0.008 ms 0/ 893 (0%)
Client (sender):
$ iperf -u -c 10.0.1.5 -b 1M
------------------------------------------------------------
Client connecting to 10.0.1.5, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size: 9.00 KByte (default)
------------------------------------------------------------
[ 3] local 10.0.1.10 port 65300 connected with 10.0.1.5 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 1.25 MBytes 1.05 Mbits/sec
[ 3] Server Report:
[ 3] 0.0-10.0 sec 1.25 MBytes 1.05 Mbits/sec 0.003 ms 0/ 893 (0%)
[ 3] Sent 893 datagrams
9. 9
Adjusting Iperf for performance
• The –w option for Iperf can be used to request a particular
buffer size. This sets both send and receive buffer size.
– The OS may need to be tweaked to allow buffers of sufficient
size.
– See http://dsd.lbl.gov/TCP-tuning/ and
http://www.psc.edu/networking/perf_tune.html
• Parallel transfers may help as well, the –P option can be
used for this
10. 10
Useful Iperf Invocations
• UDP and TCP:
• -i n report status every n seconds
• -d do bidirectional test simultaneously
• -r do bidirectional test one after another
11. 11
Using Iperf to generate high rate streams
• UDP doesn’t require a receiver
• If you have good counters on your switches & routers
those can be used to measure
• Turns out UDP reception can be very resource intensive
resulting in drops at the NIC at high rates (8-9 Gb/s)
12. 12
Never do this
• Need to generate 10 Gb/s but only have a 1 Gb/s host?
Iperf UDP
1 Gb/s
Destined for
10.1.1.1
Use the –T option to Iperf to control
the number of times the traffic loops
Can also use firewall filters to discard a certain TTL range.
Other filters may be prudent as well.
10.0.1.1 10.0.1.2
Static route:
10.1.1.1/32 10.0.1.2
Static route:
10.1.1.1/32 10.0.1.1
13. 13
Iperf Development
• Primarily in maintenance mode
– Accepting and apply patches
– Fixing bugs and documentation as time allows
• Future Directions
– libiperf