Firewall Wizards mailing list archives
RE: tests about latency
From: Paul Robertson <proberts () patriot net>
Date: Fri, 12 Sep 2003 07:12:05 -0400 (EDT)
On Fri, 12 Sep 2003, Neale Banks wrote:
Ob FW: Whilst obviously anything that's not simply routed (e.g. proxied protocols) would be a completely different kettle of fish, to what extent could one then reasonably generalise the results obtained from ping tests (i.e. ICMP packets) to other protocols?
Not well at all, ICMP handling is generally a special case for most stacks/devices. Also, some devices prioritize different protocols, and ICMP datagrams tend to be self-contained, not requiring things like sequence number checking. Finally, the size of the ICMP datagram can make a huge difference even on the same platform, as can the type- how the stack is written may affect which ICMP type codes get handled more quickly, for instance. I wouldn't base any conclusions of overall performance, let alone per-protocol performance on just an ICMP test. Performance testing is difficult to get right, and the numbers change for most devices with minor changes to the packets you're generating. Sizes, fragments, windows for TCP, and the like all make different devices do different things, _especially_ if you're trying to make a security decision based upon the packets. For instance, how many out of sequence packets will a device buffer before making the other end retransmit packets? Are those buffers packet-size specific? If we fill up a different sized buffer, will it affect overall performance for the other buffers, and how? The best you can hope to do is get a representative sample of traffic out of wherever you want to put the device, then recreate a similar mix and test with each piece. Everything else is a guess, and probably a poorly educated one unless you completely understand the characteristics of the hardware, stack and testing going on. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: tests about latency TSimons (Sep 05)
- RE: tests about latency Neale Banks (Sep 12)
- RE: tests about latency Paul Robertson (Sep 12)
- Large number of packets on TCP/12159 David Vernon (Sep 14)
- Re: tests about latency Mikael Olsson (Sep 14)
- Re: tests about latency Christopher Hicks (Sep 14)
- RE: tests about latency Paul Robertson (Sep 12)
- <Possible follow-ups>
- RE: tests about latency Andrea Pasquinucci (Sep 14)
- RE: tests about latency Neale Banks (Sep 12)