Date: Thu, 6 Nov 2014 16:22:42 +0100 From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= <olivier@cochard.me> To: Hooman Fazaeli <hoomanfazaeli@gmail.com> Cc: "Andrey V. Elsukov" <ae@freebsd.org>, "Alexander V. Chernikov" <melifaro@freebsd.org>, John-Mark Gurney <jmg@funkthat.com>, "freebsd-net@freebsd.org" <net@freebsd.org> Subject: Re: IPSEC in GENERIC [was: Re: netmap in GENERIC, by default, on HEAD] Message-ID: <CA%2Bq%2BTcrfSM4H=gP_YR9dnYPfDMEuAO5AWRy7RYeRS52T9UZ9_w@mail.gmail.com> In-Reply-To: <545B89DC.2090305@gmail.com> References: <92D22BEA-DDE5-4C6E-855C-B8CACB0319AC@neville-neil.com> <545A5C4D.3050603@FreeBSD.org> <03107CAB-445B-4BA9-8F50-69143E360010@neville-neil.com> <CA%2Bq%2BTcpFrufGV3Wj8QTH1CX6aBVuu_nw9gGD-pg99p270219RQ@mail.gmail.com> <545B89DC.2090305@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Nov 6, 2014 at 3:46 PM, Hooman Fazaeli <hoomanfazaeli@gmail.com> wrote: > > => This permit me to obtain the maximum PPS forwarded by the server. >> > May be off-topic: How much PPS and on which hardware? > It seems I'm not clear: My question is just "What is the correct methodology for benching IPSec performance ?" There is a RFC 2544 and RFC 3222 that explain methodologies for benching routers (packet forwarding) and RFC 3511 for benching firewall... but what about IPSec ? I didn't see any impact by enabling IPSec on the kernel (just enabling and not using it) on my benchs, but others people measured huge impact: Then my methodology is wrong. This is why I would to know if we could define a reproducible methodology for "benching IPSec" (packet size distribution, number of SA/SP, etc...).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2Bq%2BTcrfSM4H=gP_YR9dnYPfDMEuAO5AWRy7RYeRS52T9UZ9_w>