Performance

We use Cisco TRex to test Tempesta xFW performance. At the moment we use two machines: Generator generating traffic with TRex and SUT running Tempesta xFW, with following specifications:

SUT: Dell R650 with 2xGold 6348, 256 GB RAM, 1 x 256 GB SSD 4 x 375 GB NVMe.
Generator: R750 with 2xGold 6348 – 64 GB RAM – 2 x 960 SSD.
Both the machines have: DELL F6FXM Mellanox CX623106A ConnectX-6 Dx EN 100Gigabit Ethernet Card 0F6FXM, Dual port 100G.

You can find more details in our repository.

Tempesta xFW is configured for the dual interface host mode (xfw.json):

{
    "devices": "enp202s0f0np0 enp202s0f1np1",
    "devices-mode": "native",
    "verbose": true,
    "sysctl-tcp-max-syn-backlog": 4096,
    "sysctl-tcp-syncookies": 1
}

Ubuntu 24.04.3 LTS was used during the tests.

While SUT has dual Intel Gold 6348, we use only one processor in the tests. This way the performance numbers at the below are for single Intel Gold 6348.

ICMPv6 flood test🔗

TRex call (use icmpv6_fix_cs.py):

./t-rex-64 -i -c 28

./trex-console

trex>start -f icmpv6_fix_cs.py -m 122000000

Results:

-Per port stats table 
      ports |               0 |               2 
 -----------------------------------------------------------------------------------------
   opackets |      1539202331 |      1541720718 
     obytes |    126214591142 |    126421098876 
   ipackets |               0 |               0 
     ibytes |               0 |               0 
    ierrors |               0 |               0 
    oerrors |               0 |               0 
      Tx Bw |      66.64 Gbps |      66.83 Gbps 

-Global stats enabled 
 Cpu Utilization : 74.6  %  7.8 Gb/core 
 Platform_factor : 1.0  
 Total-Tx        :     133.47 Gbps  
 Total-Rx        :       0.00  bps  
 Total-PPS       :     203.46 Mpps  
 Total-CPS       :       0.00  cps  

 Expected-PPS    :       0.00  pps  
 Expected-CPS    :       0.00  cps  
 Expected-BPS    :       0.00  bps  

 Active-flows    :        0  Clients :        0   Socket-util : 0.0000 %    
 Open-flows      :        0  Servers :        0   Socket :        0 Socket/Clients :  -nan 
 Total_queue_full : 321246752         
 drop-rate       :     133.47 Gbps   
 current time    : 37.0 sec  
 test duration   : 0.0 sec

Workload is 130 Gbps and 200 Mpps.
No ierrors and oerrors.

TCP/UDP flood test🔗

UDP flood of packet length 1514 bytes and various types of TCP flood traffic (length 54 bytes):

ACK flood
FIN flood
NULL flood
RST flood
SYN flood
SYN-ACK flood
URG flood
XMAS flood (FIN-PUSH-URG)

Use (tcpudp.yaml):

./t-rex-64 --ipv6 -f tcpudp.yaml -m 650 -c 23

Results:

-Per port stats table 
      ports |               0 |               2 
 -----------------------------------------------------------------------------------------
   opackets |       552946710 |       553663783 
     obytes |    125580328244 |    125743176476 
   ipackets |         1369324 |         2197350 
     ibytes |       112284568 |       180182700 
    ierrors |               0 |               0 
    oerrors |               0 |               0 
      Tx Bw |      69.58 Gbps |      69.94 Gbps 

-Global stats enabled 
 Cpu Utilization : 58.2  %  10.4 Gb/core 
 Platform_factor : 1.0  
 Total-Tx        :     139.52 Gbps  
 Total-Rx        :     190.76 Mbps  
 Total-PPS       :      76.79 Mpps  
 Total-CPS       :       0.00  cps  

 Expected-PPS    :      39.60 Mpps  
 Expected-CPS    :      39.60 Mcps  
 Expected-BPS    :      71.95 Gbps  

 Active-flows    :     7200  Clients :    65535   Socket-util : 0.0002 %    
 Open-flows      :     7200  Servers :      500   Socket :     7200 Socket/Clients :  0.1 
 Total_queue_full : 129480281         
 drop-rate       :     139.33 Gbps   
 current time    : 16.3 sec  
 test duration   : 3583.7 sec

Workload is 140 Gbps and 75 Mpps.
No ierrors and oerrors.