-
Notifications
You must be signed in to change notification settings - Fork 131
Testing with pktgen
Networking stress test with pktgen. Pktgen have limitations, as it can generate UDP packets only (thus TCP is untested), and it can only inject outgoing packets into the device. To avoid second limitation I use KVM virtual box (where is loaded ipt_NETFLOW.ko which needs to be tested).
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether YY:YY:YY:YY:YY:YY brd ff:ff:ff:ff:ff:ff
inet XX.X.XXX.XX/24 brd xx.x.xxx.255 scope global eth0
Pktgen generate UDP packets so system will naturally send ICMP replies, which can saturate unnecessarily your intranet, to avoid these replies we should drop pktgen traffic after it's accounted in NETFLOW:
virtual# iptables -I INPUT -s 10.0.0.0/8 -j DROP
virtual# iptables -I OUTPUT -d 10.0.0.0/8 -j DROP
After that's done insert NETFLOW target so it goes before DROP target in INPUT chain.
75: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether YY:YY:YY:YY:YY:YY brd ff:ff:ff:ff:ff:ff
pktgen script:
#!/bin/bash
pgset() {
echo "$@"
ctl=$1
shift
echo "$@" > /proc/net/pktgen/$ctl
}
set -e
pgset kpktgend_0 rem_device_all
pgset kpktgend_0 add_device vnet2
pgset vnet2 count 0
pgset vnet2 flag IPSRC_RND
pgset vnet2 pkt_size 300
pgset vnet2 src_min 10.0.0.1
pgset vnet2 src_max 10.1.0.1
pgset vnet2 dst XX.X.XXX.XX
pgset vnet2 dst_mac YY:YY:YY:YY:YY:YY
pgset pgctrl start
Note that vnet2, XX.X.XXX.XX, and YY:YY:YY:YY:YY:YY should be replaced with appropriate strings.
This script will generate UDP packets on vnet2 device (which is device if particular virtual machine), source will be random IPs in the network 10.0.0.0/16, destination will be virtual box's IP XX.X.XXX.XX.
Useful links:
It could be useful to do something like this:
virtual# head /sys/class/net/*/queues/rx-*/rps_cpus
virtual# echo f > /sys/class/net/eth0/queues/rx-0/rps_cpus