Compaq ProLiant 1000 Performance Analysis and Tuning of Raptor's Eagle NT 3.06 - Page 3

Introduction Executive Summary Benchmark Tools

Get Compaq ProLiant 1000 PDF manuals and user guides View all Compaq ProLiant 1000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 3 highlights

278A/0497 WHITE PAPER (cont.) ... INTRODUCTION The intent of this paper is to help answer questions about performance of firewalls so that logical decisions can be made for capacity planning using Raptor's Eagle NT 3.06 firewall product. A base line for a specified firewall system is defined, options are added to the base line, and the load differences and performance are evaluated. This base line is used to determine how each configuration change affects the performance of the firewall from the base line system. This paper starts by describing different benchmarks available, gives a definition of the methodology chosen for the tests and the test bed setup, describes the rationale for determining performance characteristics used in the test, explains test cases based on the characteristics, and evaluates the results. EXECUTIVE SUMMARY This paper uses the NSTL software benchmark methodology to test firewall performance on the Eagle NT 3.06 firewall. A base line test is run and individual hardware and software components are added to the base system and the differences are evaluated. Variable hardware and software components modified in the tests include memory, bus architecture, drive controller, network speed, Raptor's Eagle NT 3.06 HTTP Cache and DNS Lookup switches, the firewall rule base with 100 rules, and NetFlx-3 MaxRecieve buffers. From the sets of test run, the following performance summary resulted: • For hardware configurable tests, upgrading the Network Interface Cards from the EISA bus to the PCI bus achieved very noticeable increases in performance. • The processor scales well with two processors, making dramatic increases in performance as the load increases. • Adding memory increases performance slightly as the load increases. • Network throughput also increased when changed from a 10Mb network to 100Mb network. The firewall was able to process more than 10Mb worth of data through the firewall with both HTTP/FTP and HTTP only transactions, with large loads, and showed expected decreases with normal loads on a 10 Mb network because of higher collision rates. • Software configurable tests with HTTP Cache on, resulted in increased performance in both HTTP/FTP and HTTP only tests. • Tests with the DNS Lookups for HTTP switch turned off, displayed high performance increases for greater loads on HTTP Only tests. • Differences between HTTP/FTP and HTTP only transfers showed increased results for HTTP only transfers, highlighting the added performance enhancements included in Raptor's Eagle NT 3.06 firewall product for HTTP. BENCHMARK TOOLS The popular benchmarking tools available today are used to test webserver or system performance only. Webserver benchmarks can generate loads for static web pages of varying sizes, test webserver processor performance using CGI or ISAPI/NSAPI loads, and calculate the transaction times, throughput, and connections per second. Most benchmarks use a control station for gathering and reporting load data and starting virtual client sessions. Although these benchmarks determine performance and load capacity for webservers, they do not exercise the 3

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
W
HITE
P
APER
(cont.)
3
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
278A/0497
I
NTRODUCTION
The intent of this paper is to help answer questions about performance of firewalls so that logical
decisions can be made for capacity planning using Raptor’s Eagle NT 3.06 firewall product.
A
base line for a specified firewall system is defined, options are added to the base line, and the
load differences and performance are evaluated.
This base line is used to determine how each
configuration change affects the performance of the firewall from the base line system.
This paper starts by describing different benchmarks available, gives a definition of the
methodology chosen for the tests and the test bed setup, describes the rationale for determining
performance characteristics used in the test, explains test cases based on the characteristics, and
evaluates the results.
E
XECUTIVE
S
UMMARY
This paper uses the NSTL software benchmark methodology to test firewall performance on the
Eagle NT 3.06 firewall. A base line test is run and individual hardware and software components
are added to the base system and the differences are evaluated. Variable hardware and software
components modified in the tests include memory, bus architecture, drive controller, network
speed, Raptor’s Eagle NT 3.06 HTTP Cache and DNS Lookup switches, the firewall rule base
with 100 rules, and NetFlx-3 MaxRecieve buffers.
From the sets of test run, the following performance summary resulted:
For hardware configurable tests, upgrading the Network Interface Cards from the EISA bus
to the PCI bus achieved very noticeable increases in performance.
The processor scales well with two processors, making dramatic increases in performance as
the load increases.
Adding memory increases performance slightly as the load increases.
Network throughput also increased when changed from a 10Mb network to 100Mb network.
The firewall was able to process more than 10Mb worth of data through the firewall with
both HTTP/FTP and HTTP only transactions, with large loads, and showed expected
decreases with normal loads on a 10 Mb network because of higher collision rates.
Software configurable tests with HTTP Cache on, resulted in increased performance in both
HTTP/FTP and HTTP only tests.
Tests with the DNS Lookups for HTTP switch turned off, displayed high performance
increases for greater loads on HTTP Only tests.
Differences between HTTP/FTP and HTTP only transfers showed increased results for
HTTP only transfers, highlighting the added performance enhancements included in Raptor’s
Eagle NT 3.06 firewall product for HTTP.
B
ENCHMARK
T
OOLS
The popular benchmarking tools available today are used to test webserver or system
performance only. Webserver benchmarks can generate loads for static web pages of varying
sizes, test webserver processor performance using CGI or ISAPI/NSAPI loads, and calculate the
transaction times, throughput, and connections per second. Most benchmarks use a control station
for gathering and reporting load data and starting virtual client sessions. Although these
benchmarks determine performance and load capacity for webservers, they do not exercise the