6.2.1.1. LightWeight Security PSK vs HMAC Only vs Full Security PSK

In RTI Connext 7.1 we introduced Pre-Shared Key Protection (PSK)` to secure the RTPS communication. This PSK can be leveraged in two ways: As a part of RTI Security Plugins, protecting bootstrapping communications before authentication is successfully concluded or as a dedicated library named RTI Lightweight Security Plugins, where PSK` is the only option and protects the entirety of the communication. PSK can be configured to use various cryptographic algorithms: AES128 or AES256 in either GMAC (for integrity) or GCM (for both integrity and confidentiality) modes.

In RTI Connext 7.1 we deprecated HMAC-only mode which is scheduled to be superseded in the next release with Lightweight Security. It supports non-configurable HMAC-SHA256 which only protects data integrity without its confidentiality.

Charts below compare performance of different Lightweight Security’s AES256 GCM and GMAC algorithms with HMAC-only and a non-secure scenario. In all tests PSK performs better than HMAC-only.

Perftest Scripts

To produce these tests, we executed RTI Perftest for C++98. The scripts used to execute the tests can be found here:

  1#!/bin/bash
  2filename=$0
  3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
  4
  5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
  6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
  7
  8export domain="2"
  9export exec_time=20
 10export num_reps=1
 11export instance_number=100000
 12export core=0
 13export run_batching_tests="1"
 14export run_no_batching_tests="1"
 15
 16# We will use some colors to improve visibility of errors and info messages.
 17RED='\033[0;31m'
 18GREEN='\033[0;32m'
 19YELLOW='\033[0;33m'
 20BLUE='\033[0;34m'
 21LIGHTBLUE='\033[0;36m'
 22NC='\033[0m'
 23INFO_TAG="${GREEN}[INFO][$role]:${NC}"
 24WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
 25ERROR_TAG="${RED}[ERROR][$role]:${NC}"
 26
 27################################################################################
 28
 29function disable_colors() {
 30    export RED=""
 31    export GREEN=""
 32    export YELLOW=""
 33    export NC=""
 34    export BLUE=""
 35    export LIGHTBLUE=""
 36    export INFO_TAG="${GREEN}[INFO][$role]:${NC}"
 37    export WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
 38    export ERROR_TAG="${RED}[ERROR][$role]:${NC}"
 39}
 40
 41function change_domain() {
 42    if [[ "$domain" == "1" ]]; then
 43        export domain="2"
 44    else
 45        export domain="1"
 46    fi
 47}
 48
 49# Function to process and append lines to the output file
 50function append_to_output_file() {
 51    local line=${1?line required}; readonly line
 52    local append=$(echo "${2?append required}" | tr -s ' '); readonly append
 53    local file=${3?file required}; readonly file
 54    if [[ "${line: -1}" == $'\n' ]]; then
 55        line="${line::-1}"
 56    fi
 57    echo "${line}${append}" >> "$file"
 58}
 59
 60# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
 61function execute_test() {
 62
 63    local keyed_unkeyed=$1
 64    local rel_be=$2
 65    local datasizes_test=$3
 66    local other_args=$4
 67    local name_suffix=$5
 68
 69    local commands_string_test=$commands_string
 70    local tag=""
 71
 72    if [[ "${keyed_unkeyed}" == "keyed" ]]; then
 73        commands_string_test="${commands_string_test} -keyed -instances $instance_number"
 74        tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
 75    else
 76        tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
 77    fi
 78
 79    if [[ "${rel_be}" == "be" ]]; then
 80        commands_string_test="${commands_string_test} -bestEffort"
 81        tag="${tag}${YELLOW}BE${NC}]"
 82    else
 83        tag="${tag}${RED}REL${NC}]"
 84    fi
 85
 86    # If batch_size is set, we will add it to the command line of the publisher side.
 87    if [[ "$batch_size" != "" && "$role" == "pub" ]]; then
 88        commands_string_test="${commands_string_test} -batchSize $batch_size"
 89    fi
 90
 91    tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
 92
 93    local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
 94
 95    if [[ "$role" == "pub" ]]; then
 96        echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
 97    fi
 98
 99    if [[ "$thread_cpu_affinity" != "" ]]; then
100        commands_string_test="${commands_string_test} -threadCPUAffinity $thread_cpu_affinity"
101    fi
102
103    local pre_command_string=""
104
105    if [[ "$thread_priorities" != "" ]]; then
106        echo -e "${WARNING_TAG} Thread priorities enabled, this requires using sudo"
107        # When using sudo, the LD_LIBRARY_PATH is emptied, hence we need to set it again in the command itself
108        export LD_LIBRARY_PATH_COPIED="$LD_LIBRARY_PATH"
109        pre_command_string="sudo LD_LIBRARY_PATH=$LD_LIBRARY_PATH_COPIED "
110        commands_string_test="${commands_string_test} -threadPriorities $thread_priorities"
111    fi
112
113    if [[ "$no_taskset" == "" && "$thread_cpu_affinity" == "" && "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
114        pre_command_string="$pre_command_string taskset -c $core"
115    fi
116
117    if [[ "$LANGUAGE" == "python" ]]; then
118        pre_command_string="$pre_command_string python3 "
119    fi
120
121    if [[ "$DOCKER" == "1" ]]; then
122        pre_command_string="$pre_command_string docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
123        executable=""
124    fi
125
126    # Get the aprox time this will take:
127    total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
128    total_time=$((total_tests * exec_time))
129
130    touch $output_file
131    local no_headers=""
132    local current_test=0
133    for index in $(seq 1 ${num_reps}); do
134        for DATALEN in ${datasizes_test}; do
135            current_test=$((current_test + 1))
136
137            if [[ ! -s $output_file ]]; then
138                echo -e "${INFO_TAG} Output file is empty, filling the header."
139                no_headers=""
140            else
141                echo -e "${INFO_TAG} Output file is not empty."
142                no_headers=" -noOutputHeaders"
143            fi
144
145            export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
146            if [[ "$role" == "pub" ]]; then
147                echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
148                echo -e ${BLUE}$command${NC}
149            else
150                echo -e ${LIGHTBLUE}$command${NC}
151            fi
152
153            # In certain cases we need to wait a bit before running the test, this is
154            # because the previous test might not be finished on the other side yet, or because the
155            # discovery mechanism does not work like in connext DDS.
156            if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
157                sleep 3
158            fi
159            if [[ "$raw" == "1" && "$role" == "sub" ]]; then
160                sleep 5
161            fi
162
163            # Gather netstat info before running the test
164            if [[ "${get_netstat_info}" == "1" ]]; then
165                echo -e "${INFO_TAG} Getting netstat info before"
166                netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
167            fi
168
169            # Execute the command and capture the output
170            if [[ $LANGUAGE == "c++98" || $LANGUAGE == "" ]]; then
171                echo -e "${INFO_TAG} Using C++98, using -outputFile option"
172                touch ${output_file}_tmp_line
173                chmod 777 ${output_file}_tmp_line
174                eval $command -outputFile ${output_file}_tmp_line
175            else
176                eval $command > ${output_file}_tmp_line
177            fi
178
179            number_of_lines=$(wc -l < ${output_file}_tmp_line)
180            echo -e "${INFO_TAG} Size of the output text: $number_of_lines lines"
181
182            # Check if this is the first test for this output file.
183            local is_first_test=0
184            if [[ ! -s $output_file ]]; then
185                is_first_test=1
186            fi
187            local expected_lines=$((is_first_test+1))
188
189            if [[ $number_of_lines -ne ${expected_lines} ]]; then
190                echo -e "${WARNING_TAG} The output text should have ${expected_lines} lines, but it has ${number_of_lines}."
191                echo -e "${RED} The content is: \n\"\"\""
192                cat ${output_file}_tmp_line
193                echo -e "\"\"\""
194                echo -e "Not adding it to the output file. ${NC}"
195            else
196                if [[ $number_of_lines -gt 1 ]]; then
197                    header_line=$(head -n 1 "${output_file}_tmp_line")
198                    echo -e "${INFO_TAG} Header line is: $header_line"
199                fi
200                result_line=$(tail -n 1 "${output_file}_tmp_line")
201                echo -e "${INFO_TAG} Result line is: $result_line"
202
203                # If this is the first test, we need to add the header line to the output file
204                if [[ $is_first_test -eq 1 ]]; then
205                    append_to_output_file "$header_line" ", command-line" $output_file
206                fi
207
208                command=$(echo $command | sed 's/,/:comma:/g')
209                # Remove the `"` characters from the command line
210                command=$(echo $command | sed 's/\"//g')
211
212                # Append the result line to the output file
213                append_to_output_file "$result_line" ", $command" $output_file
214            fi
215
216            # Always remove the temporary file
217            rm -rf ${output_file}_tmp_line
218
219            # Gather netstat info after running the test
220            if [[ "${get_netstat_info}" == "1" ]]; then
221                echo -e "${INFO_TAG} Getting netstat info after"
222                netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
223                touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
224                python3 $script_location/../../../tools/diff_netstat_output.py \
225                    -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
226                    -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
227                    -d $DATALEN $no_header_netstat \
228                    -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
229                rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
230                no_header_netstat=" -nh"
231            fi
232
233            change_domain
234        done
235    done
236}
237
238################################################################################
239# PARSE COMMAND LINE OPTIONS:
240
241while [ "$1" != "" ]; do
242    case $1 in
243        --executable)
244            executable=$2
245            shift
246            ;;
247        --docker)
248            DOCKER="1"
249            ;;
250        --output-folder)
251            output_folder=$2
252            shift
253            ;;
254        --role)
255            export role=$2
256            shift
257            ;;
258        --core)
259            export core=$2
260            shift
261            ;;
262        --assign-core-list | --thread-cpu-affinity)
263            export thread_cpu_affinity=$2
264            shift
265            ;;
266        --assign-thread-priorities | --thread-priorities)
267            export thread_priorities=$2
268            shift
269            ;;
270        --test-kind)
271            export lat_thr=$2
272            shift
273            ;;
274        --interface1)
275            export interface=$2
276            shift
277            ;;
278        --interface2)
279            export interface2=$2
280            shift
281            ;;
282        --ip1)
283            export ip1=$2
284            shift
285            ;;
286        --ip2)
287            export ip2=$2
288            shift
289            ;;
290        --repetitions)
291            export num_reps=$2
292            shift
293            ;;
294        --domain)
295            export domain=$2
296            shift
297            ;;
298        --execution-time)
299            export exec_time=$2
300            shift
301            ;;
302        --transport)
303            export transport=$2
304            shift
305            ;;
306        --datalen)
307            export datalen_input=$2
308            shift
309            ;;
310        --file-suffix)
311            export file_suffix=$2
312            shift
313            ;;
314        --folder-suffix)
315            export folder_suffix=$2
316            shift
317            ;;
318        --sub-folder)
319            sub_folder=$2
320            shift
321            ;;
322        --executable-suffix)
323            export executable_suffix=$2
324            shift
325            ;;
326        --extra-arguments)
327            export extra_arguments=$2
328            shift
329            ;;
330        --extra-arguments-pub)
331            export extra_arguments_pub=$2
332            shift
333            ;;
334        --extra-arguments-sub)
335            export extra_arguments_sub=$2
336            shift
337            ;;
338        --skip-be)
339            export skip_be_tests="1"
340            ;;
341        --skip-rel)
342            export skip_rel_tests="1"
343            ;;
344        --skip-keyed)
345            export skip_keyed_data="1"
346            ;;
347        --skip-large-data)
348            export skip_large_data="1"
349            ;;
350        --large-data)
351            export large_data="1"
352            ;;
353        --keyed)
354            export skip_unkeyed="1"
355            ;;
356        --unkeyed)
357            export skip_keyed_data="1"
358            ;;
359        --no-batching | --skip-batching)
360            export run_batching_tests="0"
361            export run_no_batching_tests="1"
362            ;;
363        --skip-no-batching)
364            export run_batching_tests="1"
365            export run_no_batching_tests="0"
366            ;;
367        --batch-size)
368            export batch_size=$2
369            shift
370            ;;
371        --reliable)
372            export skip_be_tests="1"
373            ;;
374        --best-effort)
375            export skip_rel_tests="1"
376            ;;
377        --security-gov)
378            export security_only="$2"
379            shift
380            ;;
381        --micro)
382            export micro="1"
383            ;;
384        --cert)
385            export cert="1"
386            ;;
387        --raw | --raw-transport)
388            export raw="1"
389            ;;
390        --tss)
391            export tss="1"
392            ;;
393        --no-colors)
394            export NO_COLORS="1"
395            ;;
396        --language)
397            export LANGUAGE=$2
398            shift
399            ;;
400        --loss-rate)
401            export loss_rate=$2
402            shift
403            ;;
404        --get-netstat-info | --netstat)
405            export get_netstat_info="1"
406            ;;
407        --reduced-data-sizes-set)
408            export REDUCED_DATA_SIZES_SET="1"
409            ;;
410        --dont-change-tuned-settings)
411            export dont_change_tuned_settings="1"
412            ;;
413        --no-taskset)
414            export no_taskset=1
415            ;;
416        *)
417            echo -e "unknown parameter \"$1\""
418            exit 255
419            ;;
420    esac
421    shift
422done
423
424if [[ "$NO_COLORS" == "1" ]]; then
425    disable_colors
426fi
427
428export folder_base="$(dirname "${executable}")"/../../..
429
430if [[ $LANGUAGE == "java"  || "$LANGUAGE" == "cs" ]]; then
431    export folder_base="$(dirname "${executable}")"/../..
432fi
433if [[ $tss == "1" ]]; then
434    export folder_base="$(dirname "${executable}")"/../../../../..
435fi
436
437if [[ "${executable_suffix}" != "" ]]; then
438    export executable="${executable}${executable_suffix}"
439fi
440
441if [[ -n "${folder_suffix}" ]]; then
442    export output_folder="${output_folder}${folder_suffix}"
443fi
444
445if [[ -n "${sub_folder}" ]]; then
446    export output_folder="${output_folder}/${sub_folder}"
447fi
448
449echo -e "${INFO_TAG} Perftest executable is: $executable"
450echo -e "${INFO_TAG} Output folder is: $output_folder"
451
452################################################################################
453
454if [[ "$LANGUAGE" == "python" ]]; then
455    export skip_keyed_data="1"
456    export skip_large_data="1"
457    export skip_be_tests="1"
458    export run_no_batching_tests="0"
459fi
460
461if [[ "${skip_large_data}" == "1" ]]; then
462    export datasizes_extended=${datasizes}
463elif [[ "${large_data}" == "1" ]]; then
464    export datasizes=${datasizes_extended}
465fi
466
467if [[ "${datalen_input}" != "" ]]; then
468    echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
469    export datasizes=${datalen_input}
470    export datasizes_extended=${datalen_input}
471    if [[ "${run_no_batching_tests}" == "1" && "${run_batching_tests}" == "0" ]]; then
472        export skip_large_data="1"
473    fi
474else 
475    if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
476        echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
477        export datasizes="32 128 512 2048 8192 32768 63000"
478        export datasizes_extended="${datasizes} 102400 1048576 10485760"
479    fi
480fi
481
482if [[ "$role" != "pub" && "$role" != "sub" ]]; then
483    echo -e "${ERROR_TAG} It must be either publisher or subscriber"
484    exit 255
485fi
486
487if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
488    echo -e "${ERROR_TAG} It must be either lat or thr"
489    exit 255
490fi
491
492if [[ "${interface}" == "" ]]; then
493    echo "Using default nics"
494    export nic_publisher=${ip_machine_1}
495    export nic_subscriber=${ip_machine_2}
496elif [[ "${interface}" == "both" ]]; then
497    export nic_publisher="enp1s0f0,eno1"
498    export nic_subscriber="enp1s0f0,eno1"
499    echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
500    echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
501else
502    export nic_publisher=$interface
503    echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
504
505    if [[ "${interface2}" == "" ]]; then
506        export nic_subscriber=$interface
507    else
508        export nic_subscriber=$interface2
509    fi
510    echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
511
512    if [[ "${ip1}" != "" ]]; then
513        export ip_publisher=$ip1
514        echo "Using ip_publisher: ${ip_publisher}"
515    fi
516
517    if [[ "${ip2}" != "" ]]; then
518        export ip_subscriber=$ip2
519        echo "Using ip_subscriber: ${ip_subscriber}"
520    fi
521
522fi
523
524export transport_string="-transport $transport"
525
526if [[ "$transport" == "UDPv4" ]]; then
527
528    export transport_string_pub="$transport_string -nic $nic_publisher"
529    export transport_string_sub="$transport_string -nic $nic_subscriber"
530
531    if [[ "$raw" == "1" ]]; then
532        export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
533        export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
534    fi
535
536    if [[ "$micro" == "1" || "$cert" == "1" ]]; then
537        export transport_string_pub="$transport_string_pub -peer _udp://${ip_subscriber}"
538        export transport_string_sub="$transport_string_sub -peer _udp://${ip_publisher}"
539    fi
540
541elif [[ "$transport" == "TCP" ]]; then
542    export transport_string_pub="$transport_string \
543        -nic $nic_publisher \
544        -peer 0@tcpv4_lan://${ip_subscriber}:7400"
545    export transport_string_sub="$transport_string \
546        -nic $nic_subscriber \
547        -peer 0@tcpv4_lan://${ip_publisher}:7400"
548elif [[ "$transport" == "TLS" ]]; then
549    export transport_string_pub="$transport_string \
550        -nic $nic_publisher \
551        -peer tlsv4_lan://${ip_subscriber}:7400"
552    export transport_string_sub="$transport_string \
553        -nic $nic_subscriber \
554        -peer tlsv4_lan://${ip_publisher}:7400"
555elif [[ "$transport" == "UDPv4_WAN" ]]; then
556    export transport_string_pub="$transport_string \
557        -nic $nic_publisher \
558        -transportPublicAddress $ip_publisher:7400"
559    export transport_string_sub="$transport_string \
560        -nic $nic_subscriber \
561        -peer 0@udpv4_wan://${ip_publisher}:7400"
562else
563    export transport_string_pub="$transport_string"
564    export transport_string_sub="$transport_string"
565fi
566
567################################################################################
568
569export pub_string="-pub \
570        ${transport_string_pub} \
571        -noPrintIntervals \
572        -executionTime $exec_time"
573
574if [[ ${lat_thr} == "lat" ]]; then
575    export pub_string="$pub_string \
576        -latencyTest"
577fi
578
579export sub_string="-sub \
580        ${transport_string_sub} \
581        -noPrintIntervals"
582
583if [[ "$role" == "pub" ]]; then
584    echo -e "$INFO_TAG Publisher side running"
585    export commands_string=${pub_string}
586    export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
587else
588    echo -e "$INFO_TAG Subscriber side running"
589    export commands_string=${sub_string}
590    export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
591fi
592
593###############################################################################
594
595if [[ "$dont_change_tuned_settings" != "1" ]]; then
596    echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
597    sudo /set_${lat_thr}_mode.sh
598    sleep 5
599fi
600
601echo -e "${INFO_TAG} Disabling any loss rate"
602sudo tc qdisc add dev $nic_publisher root netem loss 0%
603sudo tc qdisc del dev $nic_publisher root netem loss 0%
604
605if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
606    echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
607    sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
608fi
609
610cd $folder_base
611echo -e "${INFO_TAG} Folder Base is: $PWD"
612mkdir -p $output_folder
613
614if [[ "${batch_size}" != "" ]]; then
615    if [[ "${lat_thr}" == "thr" ]]; then
616        if [[ "${batch_size}" -eq 0 ]]; then
617            echo -e "${INFO_TAG} Batch size is set to 0"
618            export run_batching_tests="0"
619            export run_no_batching_tests="1"
620        else
621            echo -e "${INFO_TAG} Batch size is set to ${batch_size}"
622            export run_batching_tests="1"
623            export run_no_batching_tests="0"
624        fi
625    else
626        echo -e "${INFO_TAG} Batch size is set to ${batch_size}. This value will be ignored for latency tests."
627        unset batch_size
628    fi
629fi
630
631# Tests that may use batching (when doing throughput tests). Also Latency tests.
632if [[ ${run_batching_tests} == "1" ]]; then
633
634    # UNKEYED
635    if [[ "${skip_unkeyed}" == "" ]]; then
636
637        # RELIABLE
638        if [[ "${skip_rel_tests}" == "" ]]; then
639            execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
640        fi
641
642        # BEST EFFORT
643        if [[ "${skip_be_tests}" == "" ]]; then
644            execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
645        fi
646    fi
647
648    # KEYED
649    if [[ "${skip_keyed_data}" == "" ]]; then
650
651        # RELIABLE
652        if [[ "${skip_rel_tests}" == "" ]]; then
653            execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
654        fi
655
656        # BEST EFFORT
657        if [[ "${skip_be_tests}" == "" ]]; then
658            execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
659        fi
660    fi
661
662fi
663
664# Tests that will not use batching
665if [[ "${lat_thr}" == "thr" && "${run_no_batching_tests}" == "1" ]]; then
666
667    if [[ "$role" == "pub" ]]; then
668        export commands_string="${commands_string} -batchSize 0"
669    fi
670
671    # UNKEYED
672    if [[ "${skip_unkeyed}" == "" ]]; then
673
674        # RELIABLE
675        if [[ "${skip_rel_tests}" == "" ]]; then
676            execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
677        fi
678
679        # BEST EFFORT
680        if [[ "${skip_be_tests}" == "" ]]; then
681            execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
682        fi
683    fi
684
685    # KEYED
686    if [[ "${skip_keyed_data}" == "" ]]; then
687
688        # RELIABLE
689        if [[ "${skip_rel_tests}" == "" ]]; then
690            execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
691        fi
692
693        # BEST EFFORT
694        if [[ "${skip_be_tests}" == "" ]]; then
695            execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
696        fi
697    fi
698
699fi
700
701if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
702    echo -e "${INFO_TAG} Disabling loss rate"
703    sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
704fi

1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7"${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
8    --skip-no-batching --skip-be --skip-keyed --skip-large-data \
9    --extra-arguments "-secureRtpsHmacOnly str:JaviTheBest"

 1#!/bin/bash
 2filename=$0
 3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
 4
 5export input_params=$@
 6
 7"${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
 8    --skip-no-batching --skip-be --skip-keyed --skip-large-data \
 9    --extra-arguments "-securePSK data:,1:SecretKey -secureGovernanceFile resource/secure/signed_PerftestGovernance_RtpsNoneDiscoveryNonePresharedProtectionSign.xml"
10
11# "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
12#     --skip-no-batching --skip-be --skip-keyed --skip-large-data \
13#     --extra-arguments "-securePSK str:1:SecretKey"

Security Profiles

Test Hardware

The following hardware was used to perform these tests:

Linux Nodes

Dell R340 Servers (13 Units)
Processor: Intel Xeon E-2278G (3.4-5GHz, 8c/16t, 16MB cache, 2 memory channels @2666MHz)
RAM: 4x 16GB 2666MHz DIMM (64GB RAM)
HD: 480GB SATA SSD
NIC 1: Intel 710 dual port 10Gbps SFP
OS: Ubuntu 20.04 -- gcc 9.3.0

Switch

Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps interfaces)