2n-tx2-xl710

2n1l-40ge2p1xl710-ethip4ipsec10000tnlsw-ip4base-int-aes128cbc-hmac512sha-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.11       1.37 
 2.  0.11       1.37 

 1518b-2t2c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.21       2.74 
 2.  0.21       2.75 

 1518b-4t4c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.42       5.41 
 2.  0.42       5.41 

 imix-1t1c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.24       0.86 
 2.  0.24       0.87 

 imix-2t2c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.47       1.72 
 2.  0.48       1.73 

 imix-4t4c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.92       3.33 
 2.  0.92       3.33

2n1l-40ge2p1xl710-ethip4ipsec10000tnlsw-ip4base-int-aes128gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  0.51       6.52 
 2.  0.51       6.56 

 1518b-2t2c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.01      12.89 
 2.  1.03      13.09 

 1518b-4t4c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.78      22.61 
 2.  1.78      22.61 

 imix-1t1c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.18       4.05 
 2.  1.30       4.43 

 imix-2t2c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  2.49       8.54 
 2.  2.57       8.80 

 imix-4t4c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  4.58      15.67 
 2.  4.70      16.07

2n1l-40ge2p1xl710-ethip4ipsec10000tnlsw-ip4base-int-aes256gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  0.39       4.99 
 2.  0.39       5.01 

 1518b-2t2c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  0.78       9.94 
 2.  0.78       9.99 

 1518b-4t4c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  1.42      18.04 
 2.  1.42      18.13 

 imix-1t1c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  1.03       3.52 
 2.  1.11       3.81 

 imix-2t2c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  2.18       7.46 
 2.  2.25       7.68 

 imix-4t4c-ethip4ipsec10000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  4.05      13.88 
 2.  4.10      14.02

2n1l-40ge2p1xl710-ethip4ipsec1000spe-cache-ip4base-policy-outbound-nocrypto-ndrpdr

RFC4301: SPD lookup performance

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 for IPv4 routing.

  • [Cfg] DUT configuration: DUT1 is configured with IPv4 routing, two static IPv4 /24 route entries, one SPD on each outbound interface in each direction and 1000 SPD entry(ies) in each SPD. Only outbound traffic is matched and only the last rule is the matching rule. SPD flow-cache for IPv4 outbound traffic is enabled. DUT1 is tested with Intel-XL710.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains two L3 flow-groups (flow-group per direction, 253 flows per flow-group) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. The DUT does SPD lookup with only the lowest priority rule matching the traffic. The action of the matching rule is BYPASS. No encryption or authentication is done.

  • [Ref] Applicable standard specifications: RFC4301 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec1000spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1.  4.07       2.73 
 2.  4.12       2.77 
  
 3.   11   26   40        10   20   34  
 4.   17   40   56        18   31   39  
 5.   29   48   66        31   46   62  

 64b-2t2c-ethip4ipsec1000spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1.  8.31       5.58 
 2.  8.52       5.73 
  
 3.   10   24   37        11   33   42  
 4.   20   30   40        19   34   42  
 5.   30   43   53        30   42   52  

 64b-4t4c-ethip4ipsec1000spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1. 14.53       9.76 
 2. 17.08      11.48 
  
 3.   10   17   40        14   30   39  
 4.   21   33   41        17   26   31  
 5.   38   49   63        38   50   62

2n1l-40ge2p1xl710-ethip4ipsec1000spe-ip4base-policy-outbound-nocrypto-ndrpdr

RFC4301: SPD lookup performance

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 for IPv4 routing.

  • [Cfg] DUT configuration: DUT1 is configured with IPv4 routing, two static IPv4 /24 route entries, one SPD on each outbound interface in each direction and 1000 SPD entry(ies) in each SPD. Only outbound traffic is matched and only the last rule is the matching rule. DUT1 tested with Intel-XL710.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains two L3 flow-groups (flow-group per direction, 253 flows per flow-group) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. The DUT does SPD lookup with only the lowest priority rule matching the traffic. The action of the matching rule is BYPASS. No encryption or authentication is done.

  • [Ref] Applicable standard specifications: RFC4301 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec1000spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  0.31       0.21 
 2.  0.32       0.21 
  
 3.   18   19   25        18   28   47  
 4.   19  305  325        19  304  324  
 5.  386  698  808       381  715  790  

 64b-2t2c-ethip4ipsec1000spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  0.63       0.42 
 2.  0.63       0.42 
  
 3.   14   42   52        14   19   29  
 4.   44  219  272        27  214  265  
 5.  168  365  384       161  355  371  

 64b-4t4c-ethip4ipsec1000spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  1.23       0.83 
 2.  1.27       0.85 
  
 3.   14   28   40        14   29   43  
 4.   28  105  130        27  102  133  
 5.   84  122  142       107  137  193

2n1l-40ge2p1xl710-ethip4ipsec1000tnlsw-ip4base-int-aes128cbc-hmac512sha-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.11       1.37 
 2.  0.11       1.37 

 1518b-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.21       2.77 
 2.  0.21       2.77 

 1518b-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.43       5.53 
 2.  0.43       5.56 

 imix-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.24       0.86 
 2.  0.24       0.87 

 imix-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.48       1.72 
 2.  0.48       1.73 

 imix-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.96       3.46 
 2.  0.96       3.47

2n1l-40ge2p1xl710-ethip4ipsec1000tnlsw-ip4base-int-aes128gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  0.51       6.54 
 2.  0.52       6.57 

 1518b-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.02      13.02 
 2.  1.03      13.08 

 1518b-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.92      24.50 
 2.  1.92      24.50 

 imix-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.28       4.37 
 2.  1.30       4.46 

 imix-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  2.57       8.80 
 2.  2.61       8.94 

 imix-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  5.11      17.49 
 2.  5.24      17.94

2n1l-40ge2p1xl710-ethip4ipsec1000tnlsw-ip4base-int-aes256gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  0.39       5.00 
 2.  0.39       5.02 

 1518b-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  0.78       9.93 
 2.  0.78       9.98 

 1518b-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  1.56      19.88 
 2.  1.57      19.98 

 imix-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  1.11       3.80 
 2.  1.12       3.84 

 imix-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  2.24       7.68 
 2.  2.27       7.76 

 imix-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  4.51      15.42 
 2.  4.53      15.50

2n1l-40ge2p1xl710-ethip4ipsec1000tnlsw-ip4base-policy-aes256gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec1000tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  0.37       0.41 
 2.  0.38       0.42 

 64b-2t2c-ethip4ipsec1000tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  0.76       0.84 
 2.  0.78       0.86 

 64b-4t4c-ethip4ipsec1000tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  1.53       1.69 
 2.  1.54       1.70

2n1l-40ge2p1xl710-ethip4ipsec100spe-cache-ip4base-policy-outbound-nocrypto-ndrpdr

RFC4301: SPD lookup performance

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology

with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 for IPv4 routing.

  • [Cfg] DUT configuration: DUT1 is configured with IPv4 routing, two static IPv4 /24 route entries, one SPD on each outbound interface in each direction and 100 SPD entry(ies) in each SPD. Only outbound traffic is matched and only the last rule is the matching rule. SPD flow-cache for IPv4 outbound traffic is enabled. DUT1 is tested with Intel-XL710.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains two L3 flow-groups (flow-group per direction, 253 flows per flow-group) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. The DUT does SPD lookup with only the lowest priority rule matching the traffic. The action of the matching rule is BYPASS. No encryption or authentication is done.

  • [Ref] Applicable standard specifications: RFC4301 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec100spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1.  3.91       2.63 
 2.  4.12       2.77 
  
 3.   10   24   38        10   13   21  
 4.   26   44   69        17   41   52  
 5.   30   49   67        31   49   64  

 64b-2t2c-ethip4ipsec100spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1.  8.13       5.46 
 2.  8.46       5.68 
  
 3.   10   22   40        10   25   39  
 4.   21   37   49        20   36   43  
 5.   31   42   54        30   40   50  

 64b-4t4c-ethip4ipsec100spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1. 15.38      10.33 
 2. 17.09      11.48 
  
 3.   10   27   39        10   20   41  
 4.   19   28   38        20   30   41  
 5.   38   49   62        38   50   63

2n1l-40ge2p1xl710-ethip4ipsec100spe-ip4base-policy-outbound-nocrypto-ndrpdr

RFC4301: SPD lookup performance

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 for IPv4 routing.

  • [Cfg] DUT configuration: DUT1 is configured with IPv4 routing, two static IPv4 /24 route entries, one SPD on each outbound interface in each direction and 100 SPD entry(ies) in each SPD. Only outbound traffic is matched and only the last rule is the matching rule. DUT1 tested with Intel-XL710.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains two L3 flow-groups (flow-group per direction, 253 flows per flow-group) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. The DUT does SPD lookup with only the lowest priority rule matching the traffic. The action of the matching rule is BYPASS. No encryption or authentication is done.

  • [Ref] Applicable standard specifications: RFC4301 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec100spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  2.25       1.51 
 2.  2.31       1.55 
  
 3.   10   12   13        11   12   26  
 4.   36   63   74        43   59   70  
 5.   58  106  115        59  108  114  

 64b-2t2c-ethip4ipsec100spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  4.50       3.02 
 2.  4.61       3.10 
  
 3.   11   23   36        12   27   35  
 4.   24   39   45        34   47   57  
 5.   41   57   72        36   53   63  

 64b-4t4c-ethip4ipsec100spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  8.93       6.00 
 2.  9.30       6.25 
  
 3.   10   35   46        10   22   33  
 4.   24   38   52        20   33   42  
 5.   40   54   67        43   58   68

2n1l-40ge2p1xl710-ethip4ipsec1spe-cache-ip4base-policy-outbound-nocrypto-ndrpdr

RFC4301: SPD lookup performance

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 for IPv4 routing.

  • [Cfg] DUT configuration: DUT1 is configured with IPv4 routing, two static IPv4 /24 route entries, one SPD on each outbound interface in each direction and 1 SPD entry(ies) in each SPD. Only outbound traffic is matched and only the last rule is the matching rule. SPD flow-cache for IPv4 outbound traffic is enabled. DUT1 is tested with Intel-XL710.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains two L3 flow-groups (flow-group per direction, 253 flows per flow-group) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. The DUT does SPD lookup with only the lowest priority rule matching the traffic. The action of the matching rule is BYPASS. No encryption or authentication is done.

  • [Ref] Applicable standard specifications: RFC4301 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec1spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1.  4.06       2.73 
 2.  4.18       2.81 
  
 3.   10   25   38        10   21   35  
 4.   21   42   54        12   42   54  
 5.   32   55   72        32   50   63  

 64b-2t2c-ethip4ipsec1spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1.  8.21       5.52 
 2.  8.59       5.77 
  
 3.   10   37   49        10   20   32  
 4.   18   30   41        20   36   46  
 5.   32   45   58        38   54   61  

 64b-4t4c-ethip4ipsec1spe-cache- 
 ip4base-policy-outbound-nocrypto-ndrpdr 

 1. 13.27       8.92 
 2. 16.96      11.40 
  
 3.   11   35   42        10   28   40  
 4.   18   27   38        21   30   39  
 5.   42   55   72        41   54   68

2n1l-40ge2p1xl710-ethip4ipsec1spe-ip4base-policy-outbound-nocrypto-ndrpdr

RFC4301: SPD lookup performance

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 for IPv4 routing.

  • [Cfg] DUT configuration: DUT1 is configured with IPv4 routing, two static IPv4 /24 route entries, one SPD on each outbound interface in each direction and 1 SPD entry(ies) in each SPD. Only outbound traffic is matched and only the last rule is the matching rule. DUT1 tested with Intel-XL710.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains two L3 flow-groups (flow-group per direction, 253 flows per flow-group) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. The DUT does SPD lookup with only the lowest priority rule matching the traffic. The action of the matching rule is BYPASS. No encryption or authentication is done.

  • [Ref] Applicable standard specifications: RFC4301 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec1spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  3.98       2.67 
 2.  4.93       3.31 
  
 3.   10   13   29        10   13   32  
 4.   24   49   67        11   42   49  
 5.   29   49   59        35   55   70  

 64b-2t2c-ethip4ipsec1spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1.  9.73       6.54 
 2. 10.03       6.74 
  
 3.   10   24   42        10   17   41  
 4.   18   28   38        20   31   43  
 5.   30   41   52        27   36   43  

 64b-4t4c-ethip4ipsec1spe-ip4base- 
 policy-outbound-nocrypto-ndrpdr 

 1. 18.51      12.44 
 2. 20.06      13.48 
  
 3.   12   29   44        12   29   40  
 4.   23   29   39        17   26   33  
 5.   31   41   52        31   40   52

2n1l-40ge2p1xl710-ethip4ipsec1tnlsw-ip4base-policy-aes256gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec1tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  1.88       2.08 
 2.  2.18       2.40 

 64b-2t2c-ethip4ipsec1tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  2.17       2.39 
 2.  2.21       2.44 

 64b-4t4c-ethip4ipsec1tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  2.17       2.39 
 2.  2.20       2.43

2n1l-40ge2p1xl710-ethip4ipsec40tnlsw-ip4base-policy-aes256gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 64b-1t1c-ethip4ipsec40tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  1.73       1.91 
 2.  1.77       1.96 

 64b-2t2c-ethip4ipsec40tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  3.27       3.60 
 2.  3.59       3.97 

 64b-4t4c-ethip4ipsec40tnlsw-ip4base- 
 policy-aes256gcm-udir-ndrpdr 

 1.  6.66       7.36 
 2.  7.44       8.21

2n1l-40ge2p1xl710-ethip4ipsec4tnlsw-ip4base-int-aes128cbc-hmac512sha-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.11       1.39 
 2.  0.11       1.39 

 1518b-2t2c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.22       2.79 
 2.  0.22       2.81 

 1518b-4t4c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.43       5.60 
 2.  0.44       5.66 

 imix-1t1c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.25       0.89 
 2.  0.25       0.90 

 imix-2t2c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.50       1.80 
 2.  0.50       1.80 

 imix-4t4c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128cbc-hmac512sha-udir-ndrpdr 

 1.  0.99       3.57 
 2.  0.99       3.59

2n1l-40ge2p1xl710-ethip4ipsec4tnlsw-ip4base-int-aes128gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  0.53       6.76 
 2.  0.53       6.79 

 1518b-2t2c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.06      13.49 
 2.  1.06      13.56 

 1518b-4t4c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.92      24.50 
 2.  1.92      24.50 

 imix-1t1c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  1.41       4.82 
 2.  1.44       4.92 

 imix-2t2c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  2.79       9.56 
 2.  2.88       9.86 

 imix-4t4c-ethip4ipsec4tnlsw-ip4base- 
 int-aes128gcm-udir-ndrpdr 

 1.  5.68      19.46 
 2.  5.77      19.75

2n1l-40ge2p1xl710-ethip4ipsec4tnlsw-ip4base-int-aes256gcm-udir-ndrpdr

RFC2544: Pkt throughput IPv4 IPsec tunnel mode.

  • [Top] Network Topologies: TG-DUT1-TG 2-node circular topology with single links between nodes.

  • [Enc] Packet Encapsulations: Eth-IPv4 on TG-DUT1, Eth-IPv4-IPSec on DUT1-TG.

  • [Cfg] DUT configuration: DUT1 is configured with multiple IPsec tunnels between it and TG. DUT gets IPv4 traffic from TG, encrypts it and sends back to TG.

  • [Ver] TG verification: TG finds and reports throughput NDR (Non Drop Rate) with zero packet loss tolerance and throughput PDR (Partial Drop Rate) with non-zero packet loss tolerance (LT) expressed in percentage of packets transmitted. NDR and PDR are discovered for different Ethernet L2 frame sizes using MLRsearch library.

Test packets are generated by TG on links to DUTs. TG traffic profile contains one L3 flow-groups (number of flows per flow-group equals to number of IPSec tunnels) with all packets containing Ethernet header, IPv4 header with IP protocol=61 and static payload. MAC addresses are matching MAC addresses of the TG node interfaces. Incrementing of IP.dst (IPv4 destination address) field is applied to the stream.

  • [Ref] Applicable standard specifications: RFC4303 and RFC2544.

 Test Name 

 Throughput: 
 1.  Mpps       Gbps (NDR) 
 2.  Mpps       Gbps (PDR) 
 
 One-Way Latency Percentiles in uSec at %PDR load, 
 one set per each direction: 
 3.  P50  P90  P99       P50  P90  P99 (10% PDR) 
 4.  P50  P90  P99       P50  P90  P99 (50% PDR) 
 5.  P50  P90  P99       P50  P90  P99 (90% PDR) 

 1518b-1t1c-ethip4ipsec4tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  0.40       5.10 
 2.  0.40       5.12 

 1518b-2t2c-ethip4ipsec4tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  0.80      10.22 
 2.  0.81      10.27 

 1518b-4t4c-ethip4ipsec4tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  1.60      20.34 
 2.  1.61      20.54 

 imix-1t1c-ethip4ipsec4tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  1.15       3.93 
 2.  1.21       4.15 

 imix-2t2c-ethip4ipsec4tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  2.40       8.22 
 2.  2.43       8.30 

 imix-4t4c-ethip4ipsec4tnlsw-ip4base- 
 int-aes256gcm-udir-ndrpdr 

 1.  4.82      16.51 
 2.  4.87      16.68