Firewall Wizards mailing list archives

RE: tests about latency

From: Andrea Pasquinucci <cesare () ucci it>
Date: Fri, 12 Sep 2003 20:09:15 +0200 (CEST)


On Fri, 12 Sep 2003, Paul Robertson wrote:

[ ... ]


Performance testing is difficult to get right, and the numbers change for 
most devices with minor changes to the packets you're generating.  Sizes, 
fragments, windows for TCP, and the like all make different devices do 
different things, _especially_ if you're trying to make a security 
decision based upon the packets.  For instance, how many out of sequence 
packets will a device buffer before making the other end retransmit 
packets?  Are those buffers packet-size specific?  If we fill up a 
different sized buffer, will it affect overall performance for the other 
buffers, and how?

The best you can hope to do is get a representative sample of traffic out 
of wherever you want to put the device, then recreate a similar mix and 
test with each piece.  Everything else is a guess, and probably a poorly 
educated one unless you completely understand the characteristics of the 
hardware, stack and testing going on.


The fact that it is not so easy is confirmed by various ongoing research 
projects (mostly done at univeristies, but a few companies are interested 
too). A few links I have right now (apologies for those I don't find 
anymore):

http://www.caida.org/analysis/performance/bandwidth/ 
  (famous are netperf and pathchar)

http://www-iepm.slac.stanford.edu/

http://www.ripe.net/ttm/

http://moat.nlanr.net/

http://www.merit.edu/ipma/ (dead ?)

http://ipm.mib.infn.it/ (see http://ipm.mib.infn.it/sim_projects.html for 
a list of other similar projects)

http://www.advanced.org/IPPM/index.html

and there was also matrix.net (now zaffire).

Some of the techniques, applications and issues discussed in these pages
are not directly relevant to the question asked, neither to firewalls and
IT security. On the other side, Internet is now a very "complex system" 
and such that we should all worry about its complexity, robustness and 
fragility. In other words, it can have a life of its own, and rebel 
against its users. Firewalls and routers are at the moment the objects at 
the forefront, if something happens, they could mitigate the disaster or 
get the blame. 

Thanks for a great list.

Andrea


--
Andrea Pasquinucci                     cesare () ucci it
My public PGP key is at http://www.ucci.it/ucci_pub_key.asc
fingerprint = 569B 37F6 45A4 1A17 E06F  CCBB CB51 2983 6494 0DA2


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

RE: tests about latency TSimons (Sep 05)
- RE: tests about latency Neale Banks (Sep 12)
  - RE: tests about latency Paul Robertson (Sep 12)
    - Large number of packets on TCP/12159 David Vernon (Sep 14)
  - Re: tests about latency Mikael Olsson (Sep 14)
    - Re: tests about latency Christopher Hicks (Sep 14)
- <Possible follow-ups>
- RE: tests about latency Andrea Pasquinucci (Sep 14)