Internet-Draft | Multiple IP Addresses | August 2024 |
Lencse & Shima | Expires 3 March 2025 | [Page] |
RFC 2544 has defined a benchmarking methodology for network interconnect devices. Its test frame format contained fixed IP addresses and fixed port numbers. RFC 4814 introduced pseudorandom port numbers, but it kept the usage of a single source and destination IP address pair when a single destination network is used. This limitation may cause an issue when the device under test uses Receive-Side Scaling (RSS) mechanism in the packet processing flow. RSS has two types of implementations: the first one only includes the IP addresses, whereas the second one also includes the port numbers into the tuple used for hashing. Benchmarking tests that use a single IP address pair and RFC 4814 pseudorandom port numbers are biased against the first type of RSS implementation, because in this case, the traffic is not distributed among the processing elements. This document recommends the usage of pseudorandom IP addresses in a similar manner as RFC 4814 did it with the port numbers.¶
If accepted, this document updates all affected RFCs, including RFC 2544, RFC 4814, RFC 5180, RFC 8219.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 3 March 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
[RFC2544] has defined a comprehensive benchmarking methodology for network interconnect devices, which is still in use. It was amended by several RFCs which, however, did not formally update it. [RFC4814] introduced pseudorandom port numbers (instead of fixed ones). [RFC5180] addressed IPv6 specificities and also added technology updates, but declared IPv6 transition technologies out of its scope. [RFC8219] addressed the IPv6 transition technologies.¶
Receive-Side Scaling (RSS) aims to distribute the workload caused by packet arrivals among the CPU cores evenly to achieve high performance. It has two types of implementations: the first one only includes the IP addresses, whereas the second one also includes the port numbers into the tuple used for hashing. [RFC4814] compliant testers work properly in the second case, however, pseudorandom port numbers cannot provide entropy if the Device Under Test (DUT) follows the first type of RSS implementation, therefore, these devices produce poor benchmarking results in [RFC4814] compliant laboratory tests, whereas they can exhibit high performance in production environments where the usage of multiple IP addresses ensures the entropy for the proper operation of their RSS implementation. Therefore, the conditions of laboratory tests should be improved to ensure unbiased performance testing. To that end, this document examines how the usage of multiple IP addresses can be introduced in the performance testing of network interconnect devices using IPv4 or IPv6 addresses observing the limitations of the ranges of special purpose IPv4 and IPv6 addresses reserved for benchmarking measurements. Practical recommendations are given for the usage of pseudorandom source and destination IP addresses in the case of both IPv4 and IPv6 following the approach of RFC 4814 regarding the port numbers and also considering the effect of the growing number of ARP or NDP table entries.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The 198.18.0.0/15 IPv4 address range was reserved for benchmarking tests. It is divided into two halves: 198.18.0.0/16 and 198.19.0.0/16 are to be used on the two sides of the test setup. Considering the requirement of [RFC2544] regarding the IP addresses, the test suite SHOULD be first run with a single source and destination address pair. Then the destination networks should be random using the 16-23 bits of the above mentioned network addresses. The Device Under Test (DUT) is assigned the first address of each network (198.18.R.1/24 and 198.19.R.1/24, where R is pseudorandom in the 0-255 interval) and the Tester can be assigned e.g., the second address from each networks (198.18.R.2/24 and 198.19.R.2/24).¶
The above framework imposes serious limitations to the design of how multiple IP addresses can be used. It means that when e.g., the very first networks (198.18.0.0/24 and 198.19.0.0/24) are used at each side of the test setup, the maximum range of the IP addresses assigned to the Tester can be 198.18.0.2/24-198.18.0.254/24 and 198.19.0.2/24-198.19.0.254/24 as shown in Figure 1. When 256 destination networks are used, then the 16-23 bits identifying the destination networks also contribute to the entropy provided to the hash function. When only a single destination network is used, then the 16-23 bits can also be leveraged for generating a higher number of IP addresses, thus their ranges can be: 198.18.0.2/16-198.18.255.254/16 and 198.19.0.2/16-198.19.255.254/16 as shown in Figure 2.¶
The 2001:2::/48 IPv6 address range, which was reserved for benchmarking tests, is large enough. If it is split into two halves to be used on the two sides of the test setup as 2001:2::/49 and 2001:2:8000::/49, the ranges are abundant. Even if their first /56 subnets (2001:2::/56 and 2001:2:8000::/56) are enough to ensure 256 networks on each side of the test setup. As these networks are of /64 size, their host ID parts are vastly abundant. For convenience considerations, we recommend the usage of their 96-111 bits to generate potentially 65536 different IP addresses as shown in Figure 3 in the case when a single destination network is used. (And the 256 destination networks can be described by the 56-63 bits as mentioned before.)¶
On the one hand, the more IP addresses are used, the more entropy is ensured and thus the most even distribution of the load over the processing elements can be expected. However, one the other hand, the usage of multiple IP addresses has its costs: multiple Address Resolution Protocol (ARP for IPv4) or Neighbor Discovery Protocol (NDP, for IPv6) table entries are used. Increasing them over a few thousands may have a deteriorating effect on the performance of the DUT.¶
It is noted that under the typical operating conditions, a router is not connected directly to a high number of devices. If it is a backbone router, then it is connected directly to several other routers. If it is a local router, then it is connected directly to a single upstream router (or at most a few of them) and (through a switch) to the local hosts, the number of which is unlikely to be higher than a few thousands. In both cases, a high number of different IP addresses may provide entropy for hashing without causing pressure to the ARP or NDP tables of the router.¶
The optimal number of different IP addresses to be used in laboratory tests is still a research topic.¶
As a proof of concept, the recommended solution has been implemented in siitperf [SIITPERF]. Multiple IPv4 and IPv6 addresses are supported from commit number 165cb7f on September 6, 2023.¶
To demonstrate the effectiveness of the solution, OpenBSD was chosen as the operating system of the DUT. It uses the first type of RSS solution: only the IP addresses are used by the hash function. It was examined how much difference the usage of multiple IP addresses makes in the IPv4 and IPv6 throughput performance. It should be noted that IP packet forwarding under OpenBSD was single threaded until version 7.1. The ChangeLog of OpenBSD 7.2 [OBSD72CL] states that "Activated parallel IP forwarding, starting 4 softnet tasks but limiting the usage to the number of CPUs."¶
The test setup for the IPv4 and IPv6 measurements was according to Figure 2 and Figure 3, respectively. However, only 1000 different IP addresses were used at each side of the test setups to limit the potential performance degradation caused by the high number of ARP or NDP table entries.¶
The DUT was a Dell PowerEdge R730 server with two 3.2GHz Intel Xeon E5-2667 v3 CPUs having 8 cores each, 8x16GB 2133MHz DDR4 SDRAM (accessed quad channel), and Intel X540-T2 10GbE network adapter. Hyper-threading was switched off in the BIOS.¶
All tests were executed 10 times and the median, minimum and maximum values of the throughput results were calculated. In the case of IPv4 packet forwarding, the usage of pseudorandom IP addresses caused a very significant (more than 3-fold) performance increase compared to the case when fixed IP addresses were used. In the case of IPv6, the throughput values were significantly lower, and the increase caused by the usage of pseudorandom IP addresses was only about 50%, but it is still a well visible difference. All the details of the measurements can be found in [LEN2024].¶
Stateful technologies like stateful NAT44 or stateful NAT64 are out of scope of this document. They are covered by [I-D.ietf-bmwg-benchmarking-stateful].¶
This document does not make any request to IANA.¶