2.5.1.1. Different Security Governance Configuration Levels
The following one-to-one tests have been performed by executing an RTI Perftest C++98 Publisher and Subscriber between two nodes, connected to a switch via Ethernet. The communication has been restricted to a single interface and the transport has been set to UDPv4.
These tests are equivalent to the ones performed in the Core Libraries UDPv4 section (Unkeyed, UDPv4 10Gbps Network, C++98), but additionally enabling different Security Profiles (using different Governance configurations). The “Not using security libraries” values in the graphs below are equivalent to the Core Libraries numbers, so you can compare Connext performance with and without the Security Plugins.
Find information about the hardware, network, and command-line parameters after each of the tests.
The graph below shows the one-way latency without load between a Publisher and a Subscriber running in two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
We use the median (50th percentile) instead of the average in order to get a more stable measurement that does not account for spurious outliers. We also calculate the average value and other percentile values, which can be seen in the Detailed Statistics section below.
Detailed Statistics
The following tables contain the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
18 |
1.0 |
17 |
56 |
17 |
18 |
21 |
47 |
56 |
64 |
17 |
1.1 |
16 |
73 |
17 |
18 |
21 |
46 |
73 |
128 |
17 |
1.3 |
16 |
61 |
17 |
18 |
24 |
47 |
61 |
256 |
19 |
1.8 |
17 |
59 |
18 |
20 |
27 |
48 |
59 |
512 |
20 |
7.9 |
17 |
5057 |
19 |
22 |
31 |
50 |
5057 |
1024 |
25 |
4.8 |
18 |
65 |
26 |
28 |
41 |
57 |
65 |
2048 |
29 |
27.3 |
20 |
4871 |
30 |
33 |
41 |
66 |
4871 |
4096 |
31 |
18.9 |
25 |
4868 |
30 |
36 |
51 |
71 |
4868 |
8192 |
43 |
67.9 |
35 |
5031 |
37 |
56 |
68 |
4380 |
5031 |
16384 |
87 |
26.5 |
46 |
169 |
86 |
125 |
138 |
157 |
169 |
32768 |
141 |
20.6 |
70 |
267 |
125 |
172 |
183 |
202 |
267 |
63000 |
186 |
2.6 |
107 |
275 |
186 |
187 |
192 |
215 |
275 |
No protection
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
18 |
1.0 |
17 |
59 |
17 |
18 |
21 |
47 |
59 |
64 |
17 |
1.1 |
16 |
62 |
17 |
18 |
21 |
47 |
62 |
128 |
17 |
1.2 |
16 |
64 |
17 |
18 |
23 |
46 |
64 |
256 |
19 |
1.6 |
17 |
70 |
18 |
20 |
26 |
48 |
70 |
512 |
20 |
2.4 |
18 |
84 |
19 |
22 |
28 |
49 |
84 |
1024 |
25 |
8.2 |
18 |
3296 |
26 |
28 |
41 |
57 |
3296 |
2048 |
29 |
30.1 |
21 |
4899 |
30 |
33 |
41 |
71 |
4899 |
4096 |
31 |
22.4 |
25 |
4965 |
30 |
36 |
54 |
70 |
4965 |
8192 |
43 |
67.4 |
35 |
4871 |
37 |
56 |
68 |
4364 |
4871 |
16384 |
87 |
27.0 |
46 |
168 |
86 |
125 |
138 |
154 |
168 |
32768 |
137 |
19.7 |
74 |
238 |
125 |
168 |
182 |
198 |
238 |
63000 |
162 |
13.7 |
107 |
215 |
159 |
186 |
189 |
208 |
215 |
RTPS Sign
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
24 |
1.2 |
23 |
65 |
24 |
25 |
28 |
54 |
65 |
64 |
24 |
1.2 |
23 |
67 |
24 |
24 |
28 |
54 |
67 |
128 |
24 |
1.2 |
23 |
75 |
24 |
25 |
28 |
54 |
75 |
256 |
25 |
1.5 |
24 |
72 |
25 |
26 |
33 |
56 |
72 |
512 |
26 |
1.7 |
24 |
61 |
25 |
27 |
34 |
55 |
61 |
1024 |
27 |
16.0 |
25 |
4638 |
26 |
29 |
40 |
58 |
4638 |
2048 |
31 |
6.6 |
28 |
3141 |
30 |
33 |
46 |
65 |
3141 |
4096 |
35 |
8.3 |
33 |
4041 |
34 |
38 |
49 |
67 |
4041 |
8192 |
48 |
6.1 |
44 |
158 |
46 |
56 |
76 |
110 |
158 |
16384 |
103 |
29.4 |
57 |
197 |
96 |
143 |
170 |
183 |
197 |
32768 |
167 |
23.2 |
84 |
259 |
172 |
190 |
192 |
223 |
259 |
63000 |
200 |
15.0 |
123 |
308 |
207 |
209 |
212 |
261 |
308 |
RTPS Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
25 |
1.2 |
23 |
62 |
24 |
25 |
28 |
54 |
62 |
64 |
25 |
1.3 |
24 |
94 |
25 |
25 |
29 |
56 |
94 |
128 |
25 |
1.2 |
23 |
85 |
25 |
25 |
29 |
55 |
85 |
256 |
25 |
1.5 |
24 |
68 |
25 |
26 |
33 |
55 |
68 |
512 |
26 |
1.8 |
24 |
68 |
26 |
27 |
35 |
56 |
68 |
1024 |
28 |
15.5 |
26 |
4796 |
27 |
30 |
41 |
60 |
4796 |
2048 |
31 |
4.9 |
28 |
2077 |
30 |
33 |
45 |
65 |
2077 |
4096 |
36 |
9.7 |
34 |
4401 |
35 |
39 |
51 |
68 |
4401 |
8192 |
50 |
12.8 |
46 |
4986 |
48 |
56 |
80 |
116 |
4986 |
16384 |
107 |
31.3 |
60 |
230 |
99 |
148 |
173 |
187 |
230 |
32768 |
182 |
25.3 |
94 |
1308 |
195 |
196 |
200 |
270 |
1308 |
63000 |
212 |
16.9 |
136 |
1322 |
219 |
221 |
227 |
736 |
1322 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
30 |
5.7 |
29 |
3098 |
30 |
30 |
34 |
60 |
3098 |
64 |
30 |
4.1 |
29 |
2164 |
30 |
31 |
35 |
60 |
2164 |
128 |
30 |
5.6 |
29 |
3055 |
30 |
31 |
35 |
60 |
3055 |
256 |
31 |
1.4 |
29 |
70 |
31 |
31 |
36 |
61 |
70 |
512 |
31 |
1.7 |
30 |
77 |
31 |
32 |
40 |
62 |
77 |
1024 |
34 |
2.2 |
32 |
89 |
33 |
35 |
44 |
64 |
89 |
2048 |
36 |
22.9 |
34 |
4736 |
36 |
38 |
46 |
74 |
4736 |
4096 |
43 |
3.2 |
40 |
98 |
42 |
43 |
62 |
74 |
98 |
8192 |
56 |
6.7 |
53 |
2050 |
55 |
58 |
82 |
115 |
2050 |
16384 |
117 |
31.7 |
69 |
213 |
116 |
163 |
185 |
196 |
213 |
32768 |
185 |
21.2 |
98 |
245 |
187 |
208 |
211 |
238 |
245 |
63000 |
229 |
16.5 |
153 |
1318 |
236 |
239 |
247 |
310 |
1318 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
34 |
1.5 |
32 |
77 |
34 |
35 |
40 |
65 |
77 |
64 |
34 |
1.4 |
33 |
75 |
34 |
35 |
40 |
65 |
75 |
128 |
35 |
1.5 |
33 |
78 |
34 |
36 |
40 |
65 |
78 |
256 |
35 |
1.5 |
33 |
78 |
35 |
36 |
41 |
66 |
78 |
512 |
36 |
1.5 |
34 |
77 |
35 |
37 |
42 |
67 |
77 |
1024 |
37 |
6.1 |
35 |
2964 |
37 |
38 |
45 |
69 |
2964 |
2048 |
41 |
20.4 |
39 |
4707 |
40 |
42 |
49 |
75 |
4707 |
4096 |
49 |
4.8 |
45 |
118 |
48 |
50 |
73 |
92 |
118 |
8192 |
64 |
19.3 |
60 |
5067 |
62 |
64 |
105 |
125 |
5067 |
16384 |
128 |
34.1 |
79 |
218 |
127 |
176 |
194 |
208 |
218 |
32768 |
202 |
21.9 |
118 |
264 |
205 |
225 |
229 |
257 |
264 |
63000 |
258 |
19.1 |
182 |
1185 |
267 |
270 |
277 |
319 |
1185 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
28 |
1.3 |
27 |
75 |
28 |
29 |
33 |
59 |
75 |
64 |
28 |
6.6 |
27 |
3703 |
28 |
29 |
33 |
58 |
3703 |
128 |
29 |
1.4 |
28 |
74 |
29 |
30 |
35 |
60 |
74 |
256 |
30 |
1.6 |
28 |
71 |
29 |
31 |
37 |
60 |
71 |
512 |
30 |
14.5 |
28 |
4740 |
30 |
31 |
39 |
61 |
4740 |
1024 |
32 |
7.1 |
30 |
3624 |
31 |
34 |
43 |
67 |
3624 |
2048 |
35 |
3.3 |
32 |
74 |
34 |
38 |
60 |
67 |
74 |
4096 |
41 |
32.9 |
38 |
4705 |
40 |
42 |
52 |
484 |
4705 |
8192 |
54 |
4.4 |
51 |
141 |
53 |
56 |
78 |
112 |
141 |
16384 |
116 |
32.4 |
68 |
216 |
115 |
163 |
182 |
195 |
216 |
32768 |
195 |
24.0 |
102 |
1372 |
206 |
208 |
213 |
280 |
1372 |
63000 |
225 |
17.0 |
151 |
276 |
235 |
238 |
244 |
272 |
276 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13
14# We will use some colors to improve visibility of errors and info messages.
15RED='\033[0;31m'
16GREEN='\033[0;32m'
17YELLOW='\033[0;33m'
18BLUE='\033[0;34m'
19LIGHTBLUE='\033[0;36m'
20NC='\033[0m'
21INFO_TAG="${GREEN}[INFO]:${NC}"
22WARNING_TAG="${YELLOW}[WARNING]:${NC}"
23ERROR_TAG="${RED}[ERROR]:${NC}"
24
25################################################################################
26
27function disable_colors() {
28 export RED=""
29 export GREEN=""
30 export YELLOW=""
31 export NC=""
32 export BLUE=""
33 export LIGHTBLUE=""
34 export INFO_TAG="${GREEN}[INFO]:${NC}"
35 export WARNING_TAG="${YELLOW}[WARNING]:${NC}"
36 export ERROR_TAG="${RED}[ERROR]:${NC}"
37}
38
39function change_domain() {
40 if [[ "$domain" == "1" ]]; then
41 export domain="2"
42 else
43 export domain="1"
44 fi
45}
46
47# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
48function execute_test() {
49
50 local keyed_unkeyed=$1
51 local rel_be=$2
52 local datasizes_test=$3
53 local other_args=$4
54 local name_suffix=$5
55
56 local commands_string_test=$commands_string
57 local tag=""
58
59 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
60 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
61 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
62 else
63 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
64 fi
65
66 if [[ "${rel_be}" == "be" ]]; then
67 commands_string_test="${commands_string_test} -bestEffort"
68 tag="${tag}${YELLOW}BE${NC}]"
69 else
70 tag="${tag}${RED}REL${NC}]"
71 fi
72
73 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
74
75 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
76
77 if [[ "$role" == "pub" ]]; then
78 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
79 fi
80
81 if [[ "$NO_TASKSET" == "" ]]; then
82 if [[ "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
83 export pre_command_string="taskset -c $core"
84 fi
85 fi
86
87 if [[ "$LANGUAGE" == "python" ]]; then
88 export pre_command_string="python3 "
89 fi
90
91 if [[ "$DOCKER" == "1" ]]; then
92 export pre_command_string="taskset -c $core docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
93 executable=""
94 fi
95
96 # Get the aprox time this will take:
97 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
98 total_time=$((total_tests * exec_time))
99
100 touch $output_file
101 local no_headers=""
102 local current_test=0
103 for index in $(seq 1 ${num_reps}); do
104 for DATALEN in ${datasizes_test}; do
105 current_test=$((current_test + 1))
106 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
107 if [[ "$role" == "pub" ]]; then
108 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
109 echo -e ${BLUE}$command${NC}
110 else
111 echo -e ${LIGHTBLUE}$command${NC}
112 fi
113 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
114 sleep 3
115 fi
116 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
117 sleep 5
118 fi
119 if [[ "${get_netstat_info}" == "1" ]]; then
120 echo -e "${INFO_TAG} Getting netstat info before"
121 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
122 fi
123 eval $command >> $output_file;
124 if [[ "${get_netstat_info}" == "1" ]]; then
125 echo -e "${INFO_TAG} Getting netstat info after"
126 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
127 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
128 python3 $script_location/../../../tools/diff_netstat_output.py \
129 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
130 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
131 -d $DATALEN $no_header_netstat \
132 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
133 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
134 no_header_netstat=" -nh"
135 fi
136 no_headers=" -noOutputHeaders"
137
138 change_domain
139 done
140 done
141}
142
143################################################################################
144# PARSE COMMAND LINE OPTIONS:
145
146while [ "$1" != "" ]; do
147 case $1 in
148 --executable)
149 executable=$2
150 shift
151 ;;
152 --docker)
153 DOCKER="1"
154 ;;
155 --output-folder)
156 output_folder=$2
157 shift
158 ;;
159 --sub-folder)
160 sub_folder=$2
161 shift
162 ;;
163 --role)
164 export role=$2
165 shift
166 ;;
167 --core)
168 export core=$2
169 shift
170 ;;
171 --test-kind)
172 export lat_thr=$2
173 shift
174 ;;
175 --interface1)
176 export interface=$2
177 shift
178 ;;
179 --interface2)
180 export interface2=$2
181 shift
182 ;;
183 --ip1)
184 export ip1=$2
185 shift
186 ;;
187 --ip2)
188 export ip2=$2
189 shift
190 ;;
191 --repetitions)
192 export num_reps=$2
193 shift
194 ;;
195 --domain)
196 export domain=$2
197 shift
198 ;;
199 --execution-time)
200 export exec_time=$2
201 shift
202 ;;
203 --transport)
204 export transport=$2
205 shift
206 ;;
207 --datalen)
208 export datalen_input=$2
209 shift
210 ;;
211 --file-suffix)
212 export file_suffix=$2
213 shift
214 ;;
215 --executable-suffix)
216 export executable_suffix=$2
217 shift
218 ;;
219 --extra-arguments)
220 export extra_arguments=$2
221 shift
222 ;;
223 --extra-arguments-pub)
224 export extra_arguments_pub=$2
225 shift
226 ;;
227 --extra-arguments-sub)
228 export extra_arguments_sub=$2
229 shift
230 ;;
231 --skip-no-batching)
232 export skip_no_batching="1"
233 ;;
234 --skip-be)
235 export skip_be_tests="1"
236 ;;
237 --skip-rel)
238 export skip_rel_tests="1"
239 ;;
240 --skip-keyed)
241 export skip_keyed_data="1"
242 ;;
243 --skip-large-data)
244 export skip_large_data="1"
245 ;;
246 --large-data)
247 export large_data="1"
248 ;;
249 --keyed)
250 export skip_unkeyed="1"
251 ;;
252 --unkeyed)
253 export skip_keyed_data="1"
254 ;;
255 --no-batching | --skip-batching)
256 export no_batching_only="1"
257 ;;
258 --reliable)
259 export skip_be_tests="1"
260 ;;
261 --best-effort)
262 export skip_rel_tests="1"
263 ;;
264 --security-gov)
265 export security_only="$2"
266 shift
267 ;;
268 --micro)
269 export micro="1"
270 ;;
271 --cert)
272 export cert="1"
273 ;;
274 --raw | --raw-transport)
275 export raw="1"
276 ;;
277 --tss)
278 export tss="1"
279 ;;
280 --no-colors)
281 export NO_COLORS="1"
282 ;;
283 --language)
284 export LANGUAGE=$2
285 shift
286 ;;
287 --loss-rate)
288 export loss_rate=$2
289 shift
290 ;;
291 --get-netstat-info | --netstat)
292 export get_netstat_info="1"
293 ;;
294 --no-taskset)
295 export NO_TASKSET="1"
296 ;;
297 --reduced-data-sizes-set)
298 export REDUCED_DATA_SIZES_SET="1"
299 ;;
300 *)
301 echo -e "unknown parameter \"$1\""
302 exit 255
303 ;;
304 esac
305 shift
306done
307
308if [[ "$NO_COLORS" == "1" ]]; then
309 disable_colors
310fi
311
312export folder_base="$(dirname "${executable}")"/../../..
313
314if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
315 export folder_base="$(dirname "${executable}")"/../..
316fi
317if [[ $tss == "1" ]]; then
318 export folder_base="$(dirname "${executable}")"/../../../../..
319fi
320
321if [[ "${executable_suffix}" != "" ]]; then
322 export executable="${executable}${executable_suffix}"
323fi
324
325if [[ "${sub_folder}" != "" ]]; then
326 export output_folder="${output_folder}/${sub_folder}"
327fi
328
329echo -e "${INFO_TAG} Perftest executable is: $executable"
330echo -e "${INFO_TAG} Output folder is: $output_folder"
331
332################################################################################
333
334if [[ "$LANGUAGE" == "python" ]]; then
335 export skip_keyed_data="1"
336 export skip_large_data="1"
337 export skip_be_tests="1"
338 export skip_no_batching="1"
339fi
340
341if [[ "${skip_large_data}" == "1" ]]; then
342 export datasizes_extended=${datasizes}
343elif [[ "${large_data}" == "1" ]]; then
344 export datasizes=${datasizes_extended}
345fi
346
347if [[ "${datalen_input}" != "" ]]; then
348 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
349 export datasizes=${datalen_input}
350 export datasizes_extended=${datalen_input}
351 if [[ "${no_batching_only}" != "1" ]]; then
352 export skip_large_data="1"
353 fi
354else
355 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
356 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
357 export datasizes="32 128 512 2048 8192 32768 63000"
358 export datasizes_extended="${datasizes} 102400 1048576 10485760"
359 fi
360fi
361
362if [[ "$role" != "pub" && "$role" != "sub" ]]; then
363 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
364 exit 255
365fi
366
367if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
368 echo -e "${ERROR_TAG} It must be either lat or thr"
369 exit 255
370fi
371
372if [[ "${interface}" == "" ]]; then
373 echo "Using default nics"
374 export nic_publisher=${ip_machine_1}
375 export nic_subscriber=${ip_machine_2}
376elif [[ "${interface}" == "both" ]]; then
377 export nic_publisher="enp1s0f0,eno1"
378 export nic_subscriber="enp1s0f0,eno1"
379 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
380 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
381else
382 export nic_publisher=$interface
383 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
384
385 if [[ "${interface2}" == "" ]]; then
386 export nic_subscriber=$interface
387 else
388 export nic_subscriber=$interface2
389 fi
390 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
391
392 if [[ "${ip1}" != "" ]]; then
393 export ip_publisher=$ip1
394 echo "Using ip_publisher: ${ip_publisher}"
395 fi
396
397 if [[ "${ip2}" != "" ]]; then
398 export ip_subscriber=$ip2
399 echo "Using ip_subscriber: ${ip_subscriber}"
400 fi
401
402fi
403
404export transport_string="-transport $transport"
405
406if [[ "$transport" == "UDPv4" ]]; then
407
408 export transport_string_pub="$transport_string -nic $nic_publisher"
409 export transport_string_sub="$transport_string -nic $nic_subscriber"
410
411 if [[ "$micro" == "1" || "$raw" == "1" || "$cert" == "1" ]]; then
412 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
413 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
414 fi
415
416elif [[ "$transport" == "TCP" ]]; then
417 export transport_string_pub="$transport_string \
418 -nic $nic_publisher \
419 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
420 export transport_string_sub="$transport_string \
421 -nic $nic_subscriber \
422 -peer 0@tcpv4_lan://${ip_publisher}:7400"
423elif [[ "$transport" == "TLS" ]]; then
424 export transport_string_pub="$transport_string \
425 -nic $nic_publisher \
426 -peer tlsv4_lan://${ip_subscriber}:7400"
427 export transport_string_sub="$transport_string \
428 -nic $nic_subscriber \
429 -peer tlsv4_lan://${ip_publisher}:7400"
430elif [[ "$transport" == "UDPv4_WAN" ]]; then
431 export transport_string_pub="$transport_string \
432 -nic $nic_publisher \
433 -transportPublicAddress $ip_publisher:7400"
434 export transport_string_sub="$transport_string \
435 -nic $nic_subscriber \
436 -peer 0@udpv4_wan://${ip_publisher}:7400"
437else
438 export transport_string_pub="$transport_string"
439 export transport_string_sub="$transport_string"
440fi
441
442################################################################################
443
444export pub_string="-pub \
445 ${transport_string_pub} \
446 -noPrintIntervals \
447 -executionTime $exec_time"
448
449if [[ ${lat_thr} == "lat" ]]; then
450 export pub_string="$pub_string \
451 -latencyTest"
452fi
453
454export sub_string="-sub \
455 ${transport_string_sub} \
456 -noPrintIntervals"
457
458if [[ "$role" == "pub" ]]; then
459 echo -e "$INFO_TAG Publisher side running"
460 export commands_string=${pub_string}
461 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
462else
463 echo -e "$INFO_TAG Subscriber side running"
464 export commands_string=${sub_string}
465 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
466fi
467
468###############################################################################
469
470echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
471sudo /set_${lat_thr}_mode.sh
472sleep 5
473
474echo -e "${INFO_TAG} Disabling any loss rate"
475sudo tc qdisc add dev $nic_publisher root netem loss 0%
476sudo tc qdisc del dev $nic_publisher root netem loss 0%
477
478if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
479 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
480 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
481fi
482
483cd $folder_base
484echo -e "${INFO_TAG} Folder Base is: $PWD"
485mkdir -p $output_folder
486
487# Tests that may use batching (when doing throughput tests)
488if [[ ${no_batching_only} != "1" ]]; then
489
490 # UNKEYED
491 if [[ "${skip_unkeyed}" == "" ]]; then
492
493 # RELIABLE
494 if [[ "${skip_rel_tests}" == "" ]]; then
495 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
496 fi
497
498 # BEST EFFORT
499 if [[ "${skip_be_tests}" == "" ]]; then
500 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
501 fi
502 fi
503
504 # KEYED
505 if [[ "${skip_keyed_data}" == "" ]]; then
506
507 # RELIABLE
508 if [[ "${skip_rel_tests}" == "" ]]; then
509 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
510 fi
511
512 # BEST EFFORT
513 if [[ "${skip_be_tests}" == "" ]]; then
514 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
515 fi
516 fi
517
518fi
519
520if [[ "${skip_no_batching}" == "" || "${no_batching_only}" == "1" ]]; then
521 no_batching_tests="1"
522fi
523
524# Tests that will not use batching
525if [[ "${lat_thr}" == "thr" && "${no_batching_tests}" == "1" ]]; then
526
527 if [[ "$role" == "pub" ]]; then
528 export commands_string="${commands_string} -batchSize 0"
529 fi
530
531 # UNKEYED
532 if [[ "${skip_unkeyed}" == "" ]]; then
533
534 # RELIABLE
535 if [[ "${skip_rel_tests}" == "" ]]; then
536 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
537 fi
538
539 # BEST EFFORT
540 if [[ "${skip_be_tests}" == "" ]]; then
541 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
542 fi
543 fi
544
545 # KEYED
546 if [[ "${skip_keyed_data}" == "" ]]; then
547
548 # RELIABLE
549 if [[ "${skip_rel_tests}" == "" ]]; then
550 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
551 fi
552
553 # BEST EFFORT
554 if [[ "${skip_be_tests}" == "" ]]; then
555 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
556 fi
557 fi
558
559fi
560
561if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
562 echo -e "${INFO_TAG} Disabling loss rate"
563 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
564fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-no-batching --skip-be --skip-large-data \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-no-batching --skip-be --skip-large-data \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-no-batching --skip-be --skip-large-data \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-no-batching --skip-be --skip-large-data \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-no-batching --skip-be --skip-large-data \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-no-batching --skip-be --skip-large-data \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-no-batching --skip-be --skip-large-data \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Linux Nodes
Dell R340 Servers (13 Units)
Processor: Intel Xeon E-2278G (3.4-5GHz, 8c/16t, 16MB cache, 2 memory channels @2666MHz)
RAM: 4x 16GB 2666MHz DIMM (64GB RAM)
HD: 480GB SATA SSD
NIC 1: Intel 710 dual port 10Gbps SFP
OS: Ubuntu 20.04 -- gcc 9.3.0
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps interfaces)
The graph below shows the expected throughput behavior when performing a 1-1 communication between two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
By default, RTI Perftest enables batching when performing a Maximum Throughput test. The batching feature allows sending more than one data sample per RTPS packet, improving network performance for small data sizes. See the RTI Connext Core Libraries User’s Manual for more information on batching.
The batch maximum size is set by RTI Perftest to be 8192 bytes; after 8192 bytes, batching is not enabled.
Detailed Statistics
This table contains the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
91878124 |
4588124 |
1174.6 |
0 |
0.00 |
64 |
82005698 |
4094931 |
2096.6 |
0 |
0.00 |
128 |
69318848 |
3461481 |
3544.6 |
0 |
0.00 |
256 |
51400544 |
2567050 |
5257.3 |
0 |
0.00 |
512 |
33976856 |
1696920 |
6950.6 |
0 |
0.00 |
1024 |
20350752 |
1016365 |
8326.1 |
0 |
0.00 |
2048 |
11159360 |
557212 |
9129.4 |
0 |
0.00 |
4096 |
5939081 |
296596 |
9718.9 |
0 |
0.00 |
8192 |
3005076 |
150203 |
9843.8 |
0 |
0.00 |
16384 |
1508811 |
75432 |
9887.0 |
0 |
0.00 |
32768 |
756040 |
37797 |
9908.3 |
0 |
0.00 |
63000 |
393534 |
19674 |
9915.8 |
0 |
0.00 |
No protection
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
91920640 |
4590242 |
1175.1 |
0 |
0.00 |
64 |
82317543 |
4111405 |
2105.0 |
0 |
0.00 |
128 |
69787520 |
3484979 |
3568.6 |
0 |
0.00 |
256 |
52236544 |
2608886 |
5343.0 |
0 |
0.00 |
512 |
34396160 |
1718005 |
7037.0 |
0 |
0.00 |
1024 |
20276384 |
1012773 |
8296.6 |
0 |
0.00 |
2048 |
11279401 |
563209 |
9227.6 |
0 |
0.00 |
4096 |
5937300 |
296540 |
9717.0 |
0 |
0.00 |
8192 |
3005069 |
150211 |
9844.2 |
0 |
0.00 |
16384 |
1508814 |
75431 |
9887.0 |
0 |
0.00 |
32768 |
756054 |
37797 |
9908.3 |
0 |
0.00 |
63000 |
393536 |
19674 |
9915.8 |
0 |
0.00 |
RTPS Sign
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
85943084 |
4291774 |
1098.7 |
0 |
0.00 |
64 |
73294848 |
3659911 |
1873.9 |
0 |
0.00 |
128 |
57975616 |
2894989 |
2964.5 |
0 |
0.00 |
256 |
39863265 |
1990528 |
4076.6 |
0 |
0.00 |
512 |
24563840 |
1226738 |
5024.7 |
0 |
0.00 |
1024 |
10448502 |
695507 |
5697.6 |
0 |
0.00 |
2048 |
7447552 |
371929 |
6093.7 |
0 |
0.00 |
4096 |
2901620 |
193124 |
6328.3 |
0 |
0.00 |
8192 |
2221701 |
110936 |
7270.4 |
0 |
0.00 |
16384 |
1502640 |
75102 |
9843.9 |
0 |
0.00 |
32768 |
754535 |
37714 |
9886.7 |
0 |
0.00 |
63000 |
393131 |
19651 |
9904.6 |
0 |
0.00 |
RTPS Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
84284058 |
4208827 |
1077.5 |
0 |
0.00 |
64 |
71587304 |
3574623 |
1830.2 |
0 |
0.00 |
128 |
55901351 |
2791404 |
2858.4 |
0 |
0.00 |
256 |
28295503 |
1883043 |
3856.5 |
0 |
0.00 |
512 |
17388824 |
1157491 |
4741.1 |
0 |
0.00 |
1024 |
12908664 |
644585 |
5280.4 |
0 |
0.00 |
2048 |
5225424 |
347810 |
5698.5 |
0 |
0.00 |
4096 |
2700048 |
179716 |
5889.0 |
0 |
0.00 |
8192 |
2046181 |
102181 |
6696.5 |
0 |
0.00 |
16384 |
1502090 |
75015 |
9832.4 |
0 |
0.00 |
32768 |
754400 |
37705 |
9884.2 |
0 |
0.00 |
63000 |
393099 |
19649 |
9903.2 |
0 |
0.00 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
80833684 |
4036628 |
1033.4 |
0 |
0.00 |
64 |
66448000 |
3317988 |
1698.8 |
0 |
0.00 |
128 |
50177088 |
2505595 |
2565.7 |
0 |
0.00 |
256 |
32248768 |
1610338 |
3298.0 |
0 |
0.00 |
512 |
19093681 |
953524 |
3905.6 |
0 |
0.00 |
1024 |
10633896 |
531006 |
4350.0 |
0 |
0.00 |
2048 |
5551636 |
277251 |
4542.5 |
0 |
0.00 |
4096 |
2856182 |
142623 |
4673.5 |
0 |
0.00 |
8192 |
1547183 |
77257 |
5063.2 |
0 |
0.00 |
16384 |
1203056 |
60090 |
7876.1 |
0 |
0.00 |
32768 |
753320 |
37640 |
9867.2 |
0 |
0.00 |
63000 |
392793 |
19631 |
9894.3 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
76884609 |
3839203 |
982.8 |
0 |
0.00 |
64 |
60054394 |
2998850 |
1535.4 |
0 |
0.00 |
128 |
42975980 |
2146011 |
2197.5 |
0 |
0.00 |
256 |
28086656 |
1402682 |
2872.7 |
0 |
0.00 |
512 |
15956128 |
796851 |
3263.9 |
0 |
0.00 |
1024 |
8734800 |
436243 |
3573.7 |
0 |
0.00 |
2048 |
4511796 |
225315 |
3691.6 |
0 |
0.00 |
4096 |
2348820 |
117288 |
3843.3 |
0 |
0.00 |
8192 |
1269499 |
63417 |
4156.1 |
0 |
0.00 |
16384 |
950124 |
47463 |
6221.1 |
0 |
0.00 |
32768 |
636761 |
31805 |
8337.5 |
0 |
0.00 |
63000 |
392701 |
19610 |
9883.6 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
81239296 |
4056861 |
1038.6 |
0 |
0.00 |
64 |
66609116 |
3326160 |
1703.0 |
0 |
0.00 |
128 |
48104769 |
2401926 |
2459.6 |
0 |
0.00 |
256 |
33469270 |
1671259 |
3422.7 |
0 |
0.00 |
512 |
14845325 |
988068 |
4047.1 |
0 |
0.00 |
1024 |
8215480 |
546861 |
4479.9 |
0 |
0.00 |
2048 |
5831201 |
291176 |
4770.6 |
0 |
0.00 |
4096 |
2985514 |
149080 |
4885.1 |
0 |
0.00 |
8192 |
1250586 |
83243 |
5455.5 |
0 |
0.00 |
16384 |
1248274 |
62352 |
8172.7 |
0 |
0.00 |
32768 |
753470 |
37642 |
9867.8 |
0 |
0.00 |
63000 |
392799 |
19632 |
9894.6 |
0 |
0.00 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13
14# We will use some colors to improve visibility of errors and info messages.
15RED='\033[0;31m'
16GREEN='\033[0;32m'
17YELLOW='\033[0;33m'
18BLUE='\033[0;34m'
19LIGHTBLUE='\033[0;36m'
20NC='\033[0m'
21INFO_TAG="${GREEN}[INFO]:${NC}"
22WARNING_TAG="${YELLOW}[WARNING]:${NC}"
23ERROR_TAG="${RED}[ERROR]:${NC}"
24
25################################################################################
26
27function disable_colors() {
28 export RED=""
29 export GREEN=""
30 export YELLOW=""
31 export NC=""
32 export BLUE=""
33 export LIGHTBLUE=""
34 export INFO_TAG="${GREEN}[INFO]:${NC}"
35 export WARNING_TAG="${YELLOW}[WARNING]:${NC}"
36 export ERROR_TAG="${RED}[ERROR]:${NC}"
37}
38
39function change_domain() {
40 if [[ "$domain" == "1" ]]; then
41 export domain="2"
42 else
43 export domain="1"
44 fi
45}
46
47# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
48function execute_test() {
49
50 local keyed_unkeyed=$1
51 local rel_be=$2
52 local datasizes_test=$3
53 local other_args=$4
54 local name_suffix=$5
55
56 local commands_string_test=$commands_string
57 local tag=""
58
59 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
60 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
61 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
62 else
63 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
64 fi
65
66 if [[ "${rel_be}" == "be" ]]; then
67 commands_string_test="${commands_string_test} -bestEffort"
68 tag="${tag}${YELLOW}BE${NC}]"
69 else
70 tag="${tag}${RED}REL${NC}]"
71 fi
72
73 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
74
75 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
76
77 if [[ "$role" == "pub" ]]; then
78 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
79 fi
80
81 if [[ "$NO_TASKSET" == "" ]]; then
82 if [[ "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
83 export pre_command_string="taskset -c $core"
84 fi
85 fi
86
87 if [[ "$LANGUAGE" == "python" ]]; then
88 export pre_command_string="python3 "
89 fi
90
91 if [[ "$DOCKER" == "1" ]]; then
92 export pre_command_string="taskset -c $core docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
93 executable=""
94 fi
95
96 # Get the aprox time this will take:
97 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
98 total_time=$((total_tests * exec_time))
99
100 touch $output_file
101 local no_headers=""
102 local current_test=0
103 for index in $(seq 1 ${num_reps}); do
104 for DATALEN in ${datasizes_test}; do
105 current_test=$((current_test + 1))
106 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
107 if [[ "$role" == "pub" ]]; then
108 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
109 echo -e ${BLUE}$command${NC}
110 else
111 echo -e ${LIGHTBLUE}$command${NC}
112 fi
113 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
114 sleep 3
115 fi
116 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
117 sleep 5
118 fi
119 if [[ "${get_netstat_info}" == "1" ]]; then
120 echo -e "${INFO_TAG} Getting netstat info before"
121 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
122 fi
123 eval $command >> $output_file;
124 if [[ "${get_netstat_info}" == "1" ]]; then
125 echo -e "${INFO_TAG} Getting netstat info after"
126 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
127 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
128 python3 $script_location/../../../tools/diff_netstat_output.py \
129 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
130 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
131 -d $DATALEN $no_header_netstat \
132 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
133 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
134 no_header_netstat=" -nh"
135 fi
136 no_headers=" -noOutputHeaders"
137
138 change_domain
139 done
140 done
141}
142
143################################################################################
144# PARSE COMMAND LINE OPTIONS:
145
146while [ "$1" != "" ]; do
147 case $1 in
148 --executable)
149 executable=$2
150 shift
151 ;;
152 --docker)
153 DOCKER="1"
154 ;;
155 --output-folder)
156 output_folder=$2
157 shift
158 ;;
159 --sub-folder)
160 sub_folder=$2
161 shift
162 ;;
163 --role)
164 export role=$2
165 shift
166 ;;
167 --core)
168 export core=$2
169 shift
170 ;;
171 --test-kind)
172 export lat_thr=$2
173 shift
174 ;;
175 --interface1)
176 export interface=$2
177 shift
178 ;;
179 --interface2)
180 export interface2=$2
181 shift
182 ;;
183 --ip1)
184 export ip1=$2
185 shift
186 ;;
187 --ip2)
188 export ip2=$2
189 shift
190 ;;
191 --repetitions)
192 export num_reps=$2
193 shift
194 ;;
195 --domain)
196 export domain=$2
197 shift
198 ;;
199 --execution-time)
200 export exec_time=$2
201 shift
202 ;;
203 --transport)
204 export transport=$2
205 shift
206 ;;
207 --datalen)
208 export datalen_input=$2
209 shift
210 ;;
211 --file-suffix)
212 export file_suffix=$2
213 shift
214 ;;
215 --executable-suffix)
216 export executable_suffix=$2
217 shift
218 ;;
219 --extra-arguments)
220 export extra_arguments=$2
221 shift
222 ;;
223 --extra-arguments-pub)
224 export extra_arguments_pub=$2
225 shift
226 ;;
227 --extra-arguments-sub)
228 export extra_arguments_sub=$2
229 shift
230 ;;
231 --skip-no-batching)
232 export skip_no_batching="1"
233 ;;
234 --skip-be)
235 export skip_be_tests="1"
236 ;;
237 --skip-rel)
238 export skip_rel_tests="1"
239 ;;
240 --skip-keyed)
241 export skip_keyed_data="1"
242 ;;
243 --skip-large-data)
244 export skip_large_data="1"
245 ;;
246 --large-data)
247 export large_data="1"
248 ;;
249 --keyed)
250 export skip_unkeyed="1"
251 ;;
252 --unkeyed)
253 export skip_keyed_data="1"
254 ;;
255 --no-batching | --skip-batching)
256 export no_batching_only="1"
257 ;;
258 --reliable)
259 export skip_be_tests="1"
260 ;;
261 --best-effort)
262 export skip_rel_tests="1"
263 ;;
264 --security-gov)
265 export security_only="$2"
266 shift
267 ;;
268 --micro)
269 export micro="1"
270 ;;
271 --cert)
272 export cert="1"
273 ;;
274 --raw | --raw-transport)
275 export raw="1"
276 ;;
277 --tss)
278 export tss="1"
279 ;;
280 --no-colors)
281 export NO_COLORS="1"
282 ;;
283 --language)
284 export LANGUAGE=$2
285 shift
286 ;;
287 --loss-rate)
288 export loss_rate=$2
289 shift
290 ;;
291 --get-netstat-info | --netstat)
292 export get_netstat_info="1"
293 ;;
294 --no-taskset)
295 export NO_TASKSET="1"
296 ;;
297 --reduced-data-sizes-set)
298 export REDUCED_DATA_SIZES_SET="1"
299 ;;
300 *)
301 echo -e "unknown parameter \"$1\""
302 exit 255
303 ;;
304 esac
305 shift
306done
307
308if [[ "$NO_COLORS" == "1" ]]; then
309 disable_colors
310fi
311
312export folder_base="$(dirname "${executable}")"/../../..
313
314if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
315 export folder_base="$(dirname "${executable}")"/../..
316fi
317if [[ $tss == "1" ]]; then
318 export folder_base="$(dirname "${executable}")"/../../../../..
319fi
320
321if [[ "${executable_suffix}" != "" ]]; then
322 export executable="${executable}${executable_suffix}"
323fi
324
325if [[ "${sub_folder}" != "" ]]; then
326 export output_folder="${output_folder}/${sub_folder}"
327fi
328
329echo -e "${INFO_TAG} Perftest executable is: $executable"
330echo -e "${INFO_TAG} Output folder is: $output_folder"
331
332################################################################################
333
334if [[ "$LANGUAGE" == "python" ]]; then
335 export skip_keyed_data="1"
336 export skip_large_data="1"
337 export skip_be_tests="1"
338 export skip_no_batching="1"
339fi
340
341if [[ "${skip_large_data}" == "1" ]]; then
342 export datasizes_extended=${datasizes}
343elif [[ "${large_data}" == "1" ]]; then
344 export datasizes=${datasizes_extended}
345fi
346
347if [[ "${datalen_input}" != "" ]]; then
348 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
349 export datasizes=${datalen_input}
350 export datasizes_extended=${datalen_input}
351 if [[ "${no_batching_only}" != "1" ]]; then
352 export skip_large_data="1"
353 fi
354else
355 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
356 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
357 export datasizes="32 128 512 2048 8192 32768 63000"
358 export datasizes_extended="${datasizes} 102400 1048576 10485760"
359 fi
360fi
361
362if [[ "$role" != "pub" && "$role" != "sub" ]]; then
363 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
364 exit 255
365fi
366
367if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
368 echo -e "${ERROR_TAG} It must be either lat or thr"
369 exit 255
370fi
371
372if [[ "${interface}" == "" ]]; then
373 echo "Using default nics"
374 export nic_publisher=${ip_machine_1}
375 export nic_subscriber=${ip_machine_2}
376elif [[ "${interface}" == "both" ]]; then
377 export nic_publisher="enp1s0f0,eno1"
378 export nic_subscriber="enp1s0f0,eno1"
379 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
380 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
381else
382 export nic_publisher=$interface
383 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
384
385 if [[ "${interface2}" == "" ]]; then
386 export nic_subscriber=$interface
387 else
388 export nic_subscriber=$interface2
389 fi
390 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
391
392 if [[ "${ip1}" != "" ]]; then
393 export ip_publisher=$ip1
394 echo "Using ip_publisher: ${ip_publisher}"
395 fi
396
397 if [[ "${ip2}" != "" ]]; then
398 export ip_subscriber=$ip2
399 echo "Using ip_subscriber: ${ip_subscriber}"
400 fi
401
402fi
403
404export transport_string="-transport $transport"
405
406if [[ "$transport" == "UDPv4" ]]; then
407
408 export transport_string_pub="$transport_string -nic $nic_publisher"
409 export transport_string_sub="$transport_string -nic $nic_subscriber"
410
411 if [[ "$micro" == "1" || "$raw" == "1" || "$cert" == "1" ]]; then
412 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
413 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
414 fi
415
416elif [[ "$transport" == "TCP" ]]; then
417 export transport_string_pub="$transport_string \
418 -nic $nic_publisher \
419 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
420 export transport_string_sub="$transport_string \
421 -nic $nic_subscriber \
422 -peer 0@tcpv4_lan://${ip_publisher}:7400"
423elif [[ "$transport" == "TLS" ]]; then
424 export transport_string_pub="$transport_string \
425 -nic $nic_publisher \
426 -peer tlsv4_lan://${ip_subscriber}:7400"
427 export transport_string_sub="$transport_string \
428 -nic $nic_subscriber \
429 -peer tlsv4_lan://${ip_publisher}:7400"
430elif [[ "$transport" == "UDPv4_WAN" ]]; then
431 export transport_string_pub="$transport_string \
432 -nic $nic_publisher \
433 -transportPublicAddress $ip_publisher:7400"
434 export transport_string_sub="$transport_string \
435 -nic $nic_subscriber \
436 -peer 0@udpv4_wan://${ip_publisher}:7400"
437else
438 export transport_string_pub="$transport_string"
439 export transport_string_sub="$transport_string"
440fi
441
442################################################################################
443
444export pub_string="-pub \
445 ${transport_string_pub} \
446 -noPrintIntervals \
447 -executionTime $exec_time"
448
449if [[ ${lat_thr} == "lat" ]]; then
450 export pub_string="$pub_string \
451 -latencyTest"
452fi
453
454export sub_string="-sub \
455 ${transport_string_sub} \
456 -noPrintIntervals"
457
458if [[ "$role" == "pub" ]]; then
459 echo -e "$INFO_TAG Publisher side running"
460 export commands_string=${pub_string}
461 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
462else
463 echo -e "$INFO_TAG Subscriber side running"
464 export commands_string=${sub_string}
465 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
466fi
467
468###############################################################################
469
470echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
471sudo /set_${lat_thr}_mode.sh
472sleep 5
473
474echo -e "${INFO_TAG} Disabling any loss rate"
475sudo tc qdisc add dev $nic_publisher root netem loss 0%
476sudo tc qdisc del dev $nic_publisher root netem loss 0%
477
478if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
479 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
480 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
481fi
482
483cd $folder_base
484echo -e "${INFO_TAG} Folder Base is: $PWD"
485mkdir -p $output_folder
486
487# Tests that may use batching (when doing throughput tests)
488if [[ ${no_batching_only} != "1" ]]; then
489
490 # UNKEYED
491 if [[ "${skip_unkeyed}" == "" ]]; then
492
493 # RELIABLE
494 if [[ "${skip_rel_tests}" == "" ]]; then
495 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
496 fi
497
498 # BEST EFFORT
499 if [[ "${skip_be_tests}" == "" ]]; then
500 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
501 fi
502 fi
503
504 # KEYED
505 if [[ "${skip_keyed_data}" == "" ]]; then
506
507 # RELIABLE
508 if [[ "${skip_rel_tests}" == "" ]]; then
509 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
510 fi
511
512 # BEST EFFORT
513 if [[ "${skip_be_tests}" == "" ]]; then
514 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
515 fi
516 fi
517
518fi
519
520if [[ "${skip_no_batching}" == "" || "${no_batching_only}" == "1" ]]; then
521 no_batching_tests="1"
522fi
523
524# Tests that will not use batching
525if [[ "${lat_thr}" == "thr" && "${no_batching_tests}" == "1" ]]; then
526
527 if [[ "$role" == "pub" ]]; then
528 export commands_string="${commands_string} -batchSize 0"
529 fi
530
531 # UNKEYED
532 if [[ "${skip_unkeyed}" == "" ]]; then
533
534 # RELIABLE
535 if [[ "${skip_rel_tests}" == "" ]]; then
536 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
537 fi
538
539 # BEST EFFORT
540 if [[ "${skip_be_tests}" == "" ]]; then
541 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
542 fi
543 fi
544
545 # KEYED
546 if [[ "${skip_keyed_data}" == "" ]]; then
547
548 # RELIABLE
549 if [[ "${skip_rel_tests}" == "" ]]; then
550 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
551 fi
552
553 # BEST EFFORT
554 if [[ "${skip_be_tests}" == "" ]]; then
555 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
556 fi
557 fi
558
559fi
560
561if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
562 echo -e "${INFO_TAG} Disabling loss rate"
563 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
564fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-no-batching --skip-be --skip-large-data \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-no-batching --skip-be --skip-large-data \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-no-batching --skip-be --skip-large-data \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-no-batching --skip-be --skip-large-data \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-no-batching --skip-be --skip-large-data \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-no-batching --skip-be --skip-large-data \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-no-batching --skip-be --skip-large-data \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Linux Nodes
Dell R340 Servers (13 Units)
Processor: Intel Xeon E-2278G (3.4-5GHz, 8c/16t, 16MB cache, 2 memory channels @2666MHz)
RAM: 4x 16GB 2666MHz DIMM (64GB RAM)
HD: 480GB SATA SSD
NIC 1: Intel 710 dual port 10Gbps SFP
OS: Ubuntu 20.04 -- gcc 9.3.0
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps interfaces)
The graph below shows the one-way latency without load between a Publisher and a Subscriber running in two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
We use the median (50th percentile) instead of the average in order to get a more stable measurement that does not account for spurious outliers. We also calculate the average value and other percentile values, which can be seen in the Detailed Statistics section below.
Detailed Statistics
The following tables contain the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
138 |
20.5 |
110 |
1780 |
131 |
164 |
201 |
391 |
1780 |
64 |
142 |
22.3 |
115 |
1634 |
134 |
178 |
208 |
526 |
1634 |
128 |
139 |
20.6 |
113 |
1711 |
133 |
161 |
203 |
544 |
1711 |
256 |
144 |
23.4 |
116 |
1653 |
136 |
179 |
215 |
548 |
1653 |
512 |
153 |
22.5 |
123 |
1362 |
144 |
190 |
223 |
478 |
1362 |
1024 |
171 |
23.7 |
135 |
1709 |
163 |
201 |
246 |
589 |
1709 |
2048 |
220 |
23.2 |
175 |
1466 |
212 |
244 |
300 |
746 |
1466 |
4096 |
243 |
28.0 |
201 |
2452 |
237 |
262 |
361 |
889 |
2452 |
8192 |
311 |
42.2 |
248 |
5301 |
304 |
336 |
422 |
1768 |
5301 |
16384 |
456 |
55.9 |
387 |
6588 |
447 |
490 |
568 |
1732 |
6588 |
32768 |
774 |
49.8 |
692 |
3569 |
765 |
825 |
904 |
1717 |
3569 |
63000 |
1324 |
78.8 |
1185 |
4067 |
1314 |
1382 |
1473 |
4067 |
4067 |
No protection
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
140 |
21.7 |
115 |
1700 |
133 |
163 |
206 |
553 |
1700 |
64 |
141 |
23.1 |
111 |
1975 |
133 |
173 |
206 |
807 |
1975 |
128 |
143 |
41.6 |
119 |
5259 |
134 |
180 |
217 |
1312 |
5259 |
256 |
144 |
23.5 |
117 |
1846 |
136 |
182 |
215 |
544 |
1846 |
512 |
152 |
23.2 |
122 |
1595 |
143 |
188 |
224 |
548 |
1595 |
1024 |
169 |
25.5 |
133 |
1585 |
160 |
206 |
246 |
666 |
1585 |
2048 |
219 |
25.0 |
175 |
2002 |
211 |
247 |
297 |
939 |
2002 |
4096 |
239 |
26.0 |
188 |
1948 |
233 |
259 |
327 |
1280 |
1948 |
8192 |
312 |
33.7 |
274 |
3078 |
305 |
337 |
414 |
1716 |
3078 |
16384 |
462 |
57.0 |
387 |
6649 |
453 |
498 |
573 |
1549 |
6649 |
32768 |
774 |
58.8 |
695 |
3497 |
764 |
825 |
913 |
2900 |
3497 |
63000 |
1324 |
68.4 |
1214 |
3743 |
1315 |
1382 |
1461 |
3743 |
3743 |
RTPS Sign
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
173 |
22.7 |
145 |
1780 |
168 |
189 |
248 |
1250 |
1780 |
64 |
174 |
22.0 |
144 |
1899 |
168 |
190 |
252 |
480 |
1899 |
128 |
179 |
18.8 |
152 |
1515 |
174 |
194 |
252 |
553 |
1515 |
256 |
183 |
47.6 |
150 |
9392 |
178 |
199 |
258 |
696 |
9392 |
512 |
193 |
22.8 |
161 |
2431 |
188 |
209 |
266 |
764 |
2431 |
1024 |
221 |
23.6 |
187 |
1727 |
215 |
242 |
304 |
749 |
1727 |
2048 |
305 |
27.5 |
241 |
1731 |
298 |
334 |
394 |
965 |
1731 |
4096 |
393 |
34.6 |
339 |
1957 |
385 |
429 |
502 |
1128 |
1957 |
8192 |
574 |
45.8 |
477 |
1994 |
564 |
619 |
714 |
1895 |
1994 |
16384 |
947 |
56.4 |
850 |
2548 |
937 |
1011 |
1101 |
2448 |
2548 |
32768 |
1687 |
63.8 |
1452 |
3462 |
1673 |
1754 |
1867 |
3462 |
3462 |
63000 |
3021 |
148.3 |
2516 |
5621 |
3017 |
3192 |
3352 |
5621 |
5621 |
RTPS Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
175 |
19.8 |
147 |
1969 |
170 |
190 |
245 |
593 |
1969 |
64 |
179 |
21.0 |
152 |
1763 |
174 |
194 |
255 |
744 |
1763 |
128 |
184 |
20.6 |
160 |
1486 |
179 |
199 |
255 |
736 |
1486 |
256 |
191 |
20.7 |
169 |
1492 |
185 |
207 |
271 |
594 |
1492 |
512 |
216 |
21.7 |
183 |
1796 |
210 |
233 |
294 |
608 |
1796 |
1024 |
262 |
26.2 |
229 |
1886 |
255 |
283 |
360 |
822 |
1886 |
2048 |
387 |
35.5 |
309 |
1796 |
379 |
421 |
499 |
1365 |
1796 |
4096 |
533 |
34.7 |
461 |
1425 |
526 |
572 |
645 |
1272 |
1425 |
8192 |
879 |
71.0 |
753 |
5152 |
866 |
947 |
1041 |
2218 |
5152 |
16384 |
1539 |
83.7 |
1334 |
3203 |
1532 |
1640 |
1752 |
3203 |
3203 |
32768 |
2847 |
150.8 |
2379 |
7556 |
2836 |
2995 |
3158 |
7556 |
7556 |
63000 |
5080 |
237.2 |
4119 |
9510 |
5126 |
5250 |
5589 |
9510 |
9510 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
213 |
24.8 |
187 |
1842 |
207 |
233 |
303 |
631 |
1842 |
64 |
219 |
22.5 |
190 |
1578 |
213 |
239 |
303 |
682 |
1578 |
128 |
225 |
22.8 |
193 |
1471 |
219 |
244 |
309 |
723 |
1471 |
256 |
244 |
36.9 |
209 |
5527 |
237 |
267 |
330 |
867 |
5527 |
512 |
269 |
30.0 |
232 |
2255 |
263 |
291 |
353 |
1503 |
2255 |
1024 |
331 |
32.2 |
280 |
2182 |
324 |
356 |
433 |
1393 |
2182 |
2048 |
479 |
40.8 |
393 |
2403 |
471 |
515 |
598 |
2225 |
2403 |
4096 |
681 |
52.0 |
563 |
2625 |
671 |
737 |
829 |
2390 |
2625 |
8192 |
1121 |
86.5 |
931 |
6080 |
1113 |
1192 |
1291 |
6080 |
6080 |
16384 |
1966 |
106.2 |
1684 |
4384 |
1963 |
2085 |
2201 |
4384 |
4384 |
32768 |
3804 |
277.8 |
3037 |
6965 |
3779 |
4165 |
4479 |
6965 |
6965 |
63000 |
6571 |
426.1 |
5540 |
9020 |
6514 |
7165 |
7601 |
9020 |
9020 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
242 |
38.2 |
211 |
5737 |
236 |
265 |
332 |
845 |
5737 |
64 |
254 |
35.3 |
216 |
4788 |
247 |
278 |
345 |
928 |
4788 |
128 |
263 |
41.7 |
226 |
5432 |
256 |
288 |
362 |
1745 |
5432 |
256 |
289 |
58.0 |
242 |
6712 |
281 |
313 |
384 |
1960 |
6712 |
512 |
330 |
35.2 |
285 |
2198 |
323 |
358 |
435 |
1765 |
2198 |
1024 |
424 |
34.1 |
362 |
1678 |
415 |
456 |
542 |
1283 |
1678 |
2048 |
640 |
47.7 |
560 |
2426 |
630 |
688 |
783 |
1989 |
2426 |
4096 |
966 |
65.3 |
825 |
3945 |
955 |
1034 |
1130 |
3945 |
3945 |
8192 |
1653 |
78.2 |
1355 |
3305 |
1642 |
1746 |
1841 |
3305 |
3305 |
16384 |
2968 |
161.3 |
2521 |
5857 |
2953 |
3163 |
3343 |
5857 |
5857 |
32768 |
5678 |
191.3 |
4896 |
11004 |
5693 |
5779 |
6054 |
11004 |
11004 |
63000 |
12092 |
1969.3 |
7947 |
17388 |
11860 |
15069 |
16819 |
17388 |
17388 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
203 |
20.9 |
177 |
716 |
197 |
220 |
287 |
604 |
716 |
64 |
202 |
22.9 |
170 |
1944 |
196 |
220 |
284 |
623 |
1944 |
128 |
216 |
24.1 |
188 |
1716 |
211 |
234 |
304 |
739 |
1716 |
256 |
225 |
26.5 |
192 |
3051 |
219 |
244 |
307 |
881 |
3051 |
512 |
255 |
27.5 |
217 |
2246 |
249 |
279 |
355 |
830 |
2246 |
1024 |
312 |
23.4 |
263 |
1232 |
307 |
333 |
400 |
697 |
1232 |
2048 |
467 |
39.5 |
383 |
2252 |
458 |
504 |
593 |
1832 |
2252 |
4096 |
678 |
53.5 |
537 |
2595 |
668 |
733 |
825 |
2570 |
2595 |
8192 |
1107 |
76.0 |
937 |
3775 |
1098 |
1179 |
1289 |
3775 |
3775 |
16384 |
1963 |
106.4 |
1569 |
3616 |
1961 |
2079 |
2202 |
3616 |
3616 |
32768 |
3800 |
269.5 |
2979 |
6400 |
3792 |
4145 |
4412 |
6400 |
6400 |
63000 |
6751 |
520.3 |
5551 |
12264 |
6759 |
7380 |
7920 |
12264 |
12264 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13
14# We will use some colors to improve visibility of errors and info messages.
15RED='\033[0;31m'
16GREEN='\033[0;32m'
17YELLOW='\033[0;33m'
18BLUE='\033[0;34m'
19LIGHTBLUE='\033[0;36m'
20NC='\033[0m'
21INFO_TAG="${GREEN}[INFO]:${NC}"
22WARNING_TAG="${YELLOW}[WARNING]:${NC}"
23ERROR_TAG="${RED}[ERROR]:${NC}"
24
25################################################################################
26
27function disable_colors() {
28 export RED=""
29 export GREEN=""
30 export YELLOW=""
31 export NC=""
32 export BLUE=""
33 export LIGHTBLUE=""
34 export INFO_TAG="${GREEN}[INFO]:${NC}"
35 export WARNING_TAG="${YELLOW}[WARNING]:${NC}"
36 export ERROR_TAG="${RED}[ERROR]:${NC}"
37}
38
39function change_domain() {
40 if [[ "$domain" == "1" ]]; then
41 export domain="2"
42 else
43 export domain="1"
44 fi
45}
46
47# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
48function execute_test() {
49
50 local keyed_unkeyed=$1
51 local rel_be=$2
52 local datasizes_test=$3
53 local other_args=$4
54 local name_suffix=$5
55
56 local commands_string_test=$commands_string
57 local tag=""
58
59 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
60 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
61 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
62 else
63 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
64 fi
65
66 if [[ "${rel_be}" == "be" ]]; then
67 commands_string_test="${commands_string_test} -bestEffort"
68 tag="${tag}${YELLOW}BE${NC}]"
69 else
70 tag="${tag}${RED}REL${NC}]"
71 fi
72
73 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
74
75 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
76
77 if [[ "$role" == "pub" ]]; then
78 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
79 fi
80
81 if [[ "$NO_TASKSET" == "" ]]; then
82 if [[ "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
83 export pre_command_string="taskset -c $core"
84 fi
85 fi
86
87 if [[ "$LANGUAGE" == "python" ]]; then
88 export pre_command_string="python3 "
89 fi
90
91 if [[ "$DOCKER" == "1" ]]; then
92 export pre_command_string="taskset -c $core docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
93 executable=""
94 fi
95
96 # Get the aprox time this will take:
97 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
98 total_time=$((total_tests * exec_time))
99
100 touch $output_file
101 local no_headers=""
102 local current_test=0
103 for index in $(seq 1 ${num_reps}); do
104 for DATALEN in ${datasizes_test}; do
105 current_test=$((current_test + 1))
106 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
107 if [[ "$role" == "pub" ]]; then
108 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
109 echo -e ${BLUE}$command${NC}
110 else
111 echo -e ${LIGHTBLUE}$command${NC}
112 fi
113 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
114 sleep 3
115 fi
116 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
117 sleep 5
118 fi
119 if [[ "${get_netstat_info}" == "1" ]]; then
120 echo -e "${INFO_TAG} Getting netstat info before"
121 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
122 fi
123 eval $command >> $output_file;
124 if [[ "${get_netstat_info}" == "1" ]]; then
125 echo -e "${INFO_TAG} Getting netstat info after"
126 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
127 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
128 python3 $script_location/../../../tools/diff_netstat_output.py \
129 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
130 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
131 -d $DATALEN $no_header_netstat \
132 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
133 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
134 no_header_netstat=" -nh"
135 fi
136 no_headers=" -noOutputHeaders"
137
138 change_domain
139 done
140 done
141}
142
143################################################################################
144# PARSE COMMAND LINE OPTIONS:
145
146while [ "$1" != "" ]; do
147 case $1 in
148 --executable)
149 executable=$2
150 shift
151 ;;
152 --docker)
153 DOCKER="1"
154 ;;
155 --output-folder)
156 output_folder=$2
157 shift
158 ;;
159 --sub-folder)
160 sub_folder=$2
161 shift
162 ;;
163 --role)
164 export role=$2
165 shift
166 ;;
167 --core)
168 export core=$2
169 shift
170 ;;
171 --test-kind)
172 export lat_thr=$2
173 shift
174 ;;
175 --interface1)
176 export interface=$2
177 shift
178 ;;
179 --interface2)
180 export interface2=$2
181 shift
182 ;;
183 --ip1)
184 export ip1=$2
185 shift
186 ;;
187 --ip2)
188 export ip2=$2
189 shift
190 ;;
191 --repetitions)
192 export num_reps=$2
193 shift
194 ;;
195 --domain)
196 export domain=$2
197 shift
198 ;;
199 --execution-time)
200 export exec_time=$2
201 shift
202 ;;
203 --transport)
204 export transport=$2
205 shift
206 ;;
207 --datalen)
208 export datalen_input=$2
209 shift
210 ;;
211 --file-suffix)
212 export file_suffix=$2
213 shift
214 ;;
215 --executable-suffix)
216 export executable_suffix=$2
217 shift
218 ;;
219 --extra-arguments)
220 export extra_arguments=$2
221 shift
222 ;;
223 --extra-arguments-pub)
224 export extra_arguments_pub=$2
225 shift
226 ;;
227 --extra-arguments-sub)
228 export extra_arguments_sub=$2
229 shift
230 ;;
231 --skip-no-batching)
232 export skip_no_batching="1"
233 ;;
234 --skip-be)
235 export skip_be_tests="1"
236 ;;
237 --skip-rel)
238 export skip_rel_tests="1"
239 ;;
240 --skip-keyed)
241 export skip_keyed_data="1"
242 ;;
243 --skip-large-data)
244 export skip_large_data="1"
245 ;;
246 --large-data)
247 export large_data="1"
248 ;;
249 --keyed)
250 export skip_unkeyed="1"
251 ;;
252 --unkeyed)
253 export skip_keyed_data="1"
254 ;;
255 --no-batching | --skip-batching)
256 export no_batching_only="1"
257 ;;
258 --reliable)
259 export skip_be_tests="1"
260 ;;
261 --best-effort)
262 export skip_rel_tests="1"
263 ;;
264 --security-gov)
265 export security_only="$2"
266 shift
267 ;;
268 --micro)
269 export micro="1"
270 ;;
271 --cert)
272 export cert="1"
273 ;;
274 --raw | --raw-transport)
275 export raw="1"
276 ;;
277 --tss)
278 export tss="1"
279 ;;
280 --no-colors)
281 export NO_COLORS="1"
282 ;;
283 --language)
284 export LANGUAGE=$2
285 shift
286 ;;
287 --loss-rate)
288 export loss_rate=$2
289 shift
290 ;;
291 --get-netstat-info | --netstat)
292 export get_netstat_info="1"
293 ;;
294 --no-taskset)
295 export NO_TASKSET="1"
296 ;;
297 --reduced-data-sizes-set)
298 export REDUCED_DATA_SIZES_SET="1"
299 ;;
300 *)
301 echo -e "unknown parameter \"$1\""
302 exit 255
303 ;;
304 esac
305 shift
306done
307
308if [[ "$NO_COLORS" == "1" ]]; then
309 disable_colors
310fi
311
312export folder_base="$(dirname "${executable}")"/../../..
313
314if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
315 export folder_base="$(dirname "${executable}")"/../..
316fi
317if [[ $tss == "1" ]]; then
318 export folder_base="$(dirname "${executable}")"/../../../../..
319fi
320
321if [[ "${executable_suffix}" != "" ]]; then
322 export executable="${executable}${executable_suffix}"
323fi
324
325if [[ "${sub_folder}" != "" ]]; then
326 export output_folder="${output_folder}/${sub_folder}"
327fi
328
329echo -e "${INFO_TAG} Perftest executable is: $executable"
330echo -e "${INFO_TAG} Output folder is: $output_folder"
331
332################################################################################
333
334if [[ "$LANGUAGE" == "python" ]]; then
335 export skip_keyed_data="1"
336 export skip_large_data="1"
337 export skip_be_tests="1"
338 export skip_no_batching="1"
339fi
340
341if [[ "${skip_large_data}" == "1" ]]; then
342 export datasizes_extended=${datasizes}
343elif [[ "${large_data}" == "1" ]]; then
344 export datasizes=${datasizes_extended}
345fi
346
347if [[ "${datalen_input}" != "" ]]; then
348 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
349 export datasizes=${datalen_input}
350 export datasizes_extended=${datalen_input}
351 if [[ "${no_batching_only}" != "1" ]]; then
352 export skip_large_data="1"
353 fi
354else
355 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
356 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
357 export datasizes="32 128 512 2048 8192 32768 63000"
358 export datasizes_extended="${datasizes} 102400 1048576 10485760"
359 fi
360fi
361
362if [[ "$role" != "pub" && "$role" != "sub" ]]; then
363 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
364 exit 255
365fi
366
367if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
368 echo -e "${ERROR_TAG} It must be either lat or thr"
369 exit 255
370fi
371
372if [[ "${interface}" == "" ]]; then
373 echo "Using default nics"
374 export nic_publisher=${ip_machine_1}
375 export nic_subscriber=${ip_machine_2}
376elif [[ "${interface}" == "both" ]]; then
377 export nic_publisher="enp1s0f0,eno1"
378 export nic_subscriber="enp1s0f0,eno1"
379 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
380 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
381else
382 export nic_publisher=$interface
383 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
384
385 if [[ "${interface2}" == "" ]]; then
386 export nic_subscriber=$interface
387 else
388 export nic_subscriber=$interface2
389 fi
390 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
391
392 if [[ "${ip1}" != "" ]]; then
393 export ip_publisher=$ip1
394 echo "Using ip_publisher: ${ip_publisher}"
395 fi
396
397 if [[ "${ip2}" != "" ]]; then
398 export ip_subscriber=$ip2
399 echo "Using ip_subscriber: ${ip_subscriber}"
400 fi
401
402fi
403
404export transport_string="-transport $transport"
405
406if [[ "$transport" == "UDPv4" ]]; then
407
408 export transport_string_pub="$transport_string -nic $nic_publisher"
409 export transport_string_sub="$transport_string -nic $nic_subscriber"
410
411 if [[ "$micro" == "1" || "$raw" == "1" || "$cert" == "1" ]]; then
412 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
413 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
414 fi
415
416elif [[ "$transport" == "TCP" ]]; then
417 export transport_string_pub="$transport_string \
418 -nic $nic_publisher \
419 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
420 export transport_string_sub="$transport_string \
421 -nic $nic_subscriber \
422 -peer 0@tcpv4_lan://${ip_publisher}:7400"
423elif [[ "$transport" == "TLS" ]]; then
424 export transport_string_pub="$transport_string \
425 -nic $nic_publisher \
426 -peer tlsv4_lan://${ip_subscriber}:7400"
427 export transport_string_sub="$transport_string \
428 -nic $nic_subscriber \
429 -peer tlsv4_lan://${ip_publisher}:7400"
430elif [[ "$transport" == "UDPv4_WAN" ]]; then
431 export transport_string_pub="$transport_string \
432 -nic $nic_publisher \
433 -transportPublicAddress $ip_publisher:7400"
434 export transport_string_sub="$transport_string \
435 -nic $nic_subscriber \
436 -peer 0@udpv4_wan://${ip_publisher}:7400"
437else
438 export transport_string_pub="$transport_string"
439 export transport_string_sub="$transport_string"
440fi
441
442################################################################################
443
444export pub_string="-pub \
445 ${transport_string_pub} \
446 -noPrintIntervals \
447 -executionTime $exec_time"
448
449if [[ ${lat_thr} == "lat" ]]; then
450 export pub_string="$pub_string \
451 -latencyTest"
452fi
453
454export sub_string="-sub \
455 ${transport_string_sub} \
456 -noPrintIntervals"
457
458if [[ "$role" == "pub" ]]; then
459 echo -e "$INFO_TAG Publisher side running"
460 export commands_string=${pub_string}
461 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
462else
463 echo -e "$INFO_TAG Subscriber side running"
464 export commands_string=${sub_string}
465 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
466fi
467
468###############################################################################
469
470echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
471sudo /set_${lat_thr}_mode.sh
472sleep 5
473
474echo -e "${INFO_TAG} Disabling any loss rate"
475sudo tc qdisc add dev $nic_publisher root netem loss 0%
476sudo tc qdisc del dev $nic_publisher root netem loss 0%
477
478if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
479 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
480 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
481fi
482
483cd $folder_base
484echo -e "${INFO_TAG} Folder Base is: $PWD"
485mkdir -p $output_folder
486
487# Tests that may use batching (when doing throughput tests)
488if [[ ${no_batching_only} != "1" ]]; then
489
490 # UNKEYED
491 if [[ "${skip_unkeyed}" == "" ]]; then
492
493 # RELIABLE
494 if [[ "${skip_rel_tests}" == "" ]]; then
495 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
496 fi
497
498 # BEST EFFORT
499 if [[ "${skip_be_tests}" == "" ]]; then
500 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
501 fi
502 fi
503
504 # KEYED
505 if [[ "${skip_keyed_data}" == "" ]]; then
506
507 # RELIABLE
508 if [[ "${skip_rel_tests}" == "" ]]; then
509 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
510 fi
511
512 # BEST EFFORT
513 if [[ "${skip_be_tests}" == "" ]]; then
514 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
515 fi
516 fi
517
518fi
519
520if [[ "${skip_no_batching}" == "" || "${no_batching_only}" == "1" ]]; then
521 no_batching_tests="1"
522fi
523
524# Tests that will not use batching
525if [[ "${lat_thr}" == "thr" && "${no_batching_tests}" == "1" ]]; then
526
527 if [[ "$role" == "pub" ]]; then
528 export commands_string="${commands_string} -batchSize 0"
529 fi
530
531 # UNKEYED
532 if [[ "${skip_unkeyed}" == "" ]]; then
533
534 # RELIABLE
535 if [[ "${skip_rel_tests}" == "" ]]; then
536 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
537 fi
538
539 # BEST EFFORT
540 if [[ "${skip_be_tests}" == "" ]]; then
541 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
542 fi
543 fi
544
545 # KEYED
546 if [[ "${skip_keyed_data}" == "" ]]; then
547
548 # RELIABLE
549 if [[ "${skip_rel_tests}" == "" ]]; then
550 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
551 fi
552
553 # BEST EFFORT
554 if [[ "${skip_be_tests}" == "" ]]; then
555 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
556 fi
557 fi
558
559fi
560
561if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
562 echo -e "${INFO_TAG} Disabling loss rate"
563 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
564fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-no-batching --skip-be --skip-large-data \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-no-batching --skip-be --skip-large-data \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-no-batching --skip-be --skip-large-data \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-no-batching --skip-be --skip-large-data \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-no-batching --skip-be --skip-large-data \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-no-batching --skip-be --skip-large-data \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-no-batching --skip-be --skip-large-data \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Raspberry Pi Nodes
Raspberry Pi 4
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps Interfaces)
Wireless Router
Consumer grace wireless router with 1Gbps interface.
The graph below shows the expected throughput behavior when performing a 1-1 communication between two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
By default, RTI Perftest enables batching when performing a Maximum Throughput test. The batching feature allows sending more than one data sample per RTPS packet, improving network performance for small data sizes. See the RTI Connext Core Libraries User’s Manual for more information on batching.
The batch maximum size is set by RTI Perftest to be 8192 bytes; after 8192 bytes, batching is not enabled.
Detailed Statistics
This table contains the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
15212697 |
760411 |
194.7 |
0 |
0.00 |
64 |
12132582 |
606082 |
310.3 |
0 |
0.00 |
128 |
8718400 |
435514 |
446.0 |
0 |
0.00 |
256 |
5334400 |
266468 |
545.7 |
0 |
0.00 |
512 |
3022832 |
150995 |
618.5 |
0 |
0.00 |
1024 |
1609736 |
80420 |
658.8 |
0 |
0.00 |
2048 |
827804 |
41358 |
677.6 |
0 |
0.00 |
4096 |
421094 |
21034 |
689.2 |
0 |
0.00 |
8192 |
224282 |
11203 |
734.3 |
0 |
0.00 |
16384 |
140668 |
7026 |
921.0 |
0 |
0.00 |
32768 |
60839 |
3038 |
796.6 |
0 |
0.00 |
63000 |
37966 |
1896 |
955.7 |
0 |
0.00 |
No protection
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
14957312 |
747445 |
191.3 |
0 |
0.00 |
64 |
12145664 |
606698 |
310.6 |
0 |
0.00 |
128 |
8820472 |
440598 |
451.2 |
0 |
0.00 |
256 |
5339552 |
266717 |
546.2 |
0 |
0.00 |
512 |
3022256 |
150989 |
618.5 |
0 |
0.00 |
1024 |
1601216 |
79997 |
655.3 |
0 |
0.00 |
2048 |
828928 |
41410 |
678.5 |
0 |
0.00 |
4096 |
420013 |
20979 |
687.5 |
0 |
0.00 |
8192 |
225847 |
11283 |
739.5 |
0 |
0.00 |
16384 |
141948 |
7090 |
929.4 |
0 |
0.00 |
32768 |
60253 |
3008 |
788.7 |
0 |
0.00 |
63000 |
37947 |
1895 |
955.1 |
0 |
0.00 |
RTPS Sign
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
11391488 |
569409 |
145.8 |
0 |
0.00 |
64 |
8428621 |
421055 |
215.6 |
0 |
0.00 |
128 |
5442112 |
271864 |
278.4 |
0 |
0.00 |
256 |
3143712 |
157035 |
321.6 |
0 |
0.00 |
512 |
1701536 |
85002 |
348.2 |
0 |
0.00 |
1024 |
889648 |
44440 |
364.1 |
0 |
0.00 |
2048 |
454380 |
22700 |
371.9 |
0 |
0.00 |
4096 |
229245 |
11451 |
375.3 |
0 |
0.00 |
8192 |
118224 |
5905 |
387.0 |
0 |
0.00 |
16384 |
71404 |
3567 |
467.6 |
0 |
0.00 |
32768 |
38336 |
1915 |
502.0 |
0 |
0.00 |
63000 |
21046 |
1051 |
530.1 |
0 |
0.00 |
RTPS Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
8972989 |
448475 |
114.8 |
0 |
0.00 |
64 |
6140269 |
306732 |
157.0 |
0 |
0.00 |
128 |
3780489 |
188851 |
193.4 |
0 |
0.00 |
256 |
2109600 |
105390 |
215.8 |
0 |
0.00 |
512 |
1120208 |
55955 |
229.2 |
0 |
0.00 |
1024 |
576384 |
28794 |
235.9 |
0 |
0.00 |
2048 |
290444 |
14512 |
237.8 |
0 |
0.00 |
4096 |
146530 |
7321 |
239.9 |
0 |
0.00 |
8192 |
75308 |
3762 |
246.6 |
0 |
0.00 |
16384 |
42546 |
2126 |
278.7 |
0 |
0.00 |
32768 |
22068 |
1102 |
289.1 |
0 |
0.00 |
63000 |
10727 |
536 |
270.2 |
0 |
0.00 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
8023296 |
401131 |
102.7 |
0 |
0.00 |
64 |
5239552 |
261723 |
134.0 |
0 |
0.00 |
128 |
3027520 |
151240 |
154.9 |
0 |
0.00 |
256 |
1687552 |
84308 |
172.7 |
0 |
0.00 |
512 |
876240 |
43773 |
179.3 |
0 |
0.00 |
1024 |
448920 |
22425 |
183.7 |
0 |
0.00 |
2048 |
226760 |
11329 |
185.6 |
0 |
0.00 |
4096 |
113790 |
5685 |
186.3 |
0 |
0.00 |
8192 |
57919 |
2894 |
189.7 |
0 |
0.00 |
16384 |
32350 |
1616 |
211.9 |
0 |
0.00 |
32768 |
16571 |
828 |
217.1 |
0 |
0.00 |
63000 |
8385 |
419 |
211.3 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
6026752 |
301255 |
77.1 |
0 |
0.00 |
64 |
3737296 |
186734 |
95.6 |
0 |
0.00 |
128 |
2108672 |
105343 |
107.9 |
0 |
0.00 |
256 |
1139136 |
56911 |
116.6 |
0 |
0.00 |
512 |
587712 |
29360 |
120.3 |
0 |
0.00 |
1024 |
299872 |
14983 |
122.7 |
0 |
0.00 |
2048 |
151016 |
7544 |
123.6 |
0 |
0.00 |
4096 |
75974 |
3796 |
124.4 |
0 |
0.00 |
8192 |
38447 |
1921 |
125.9 |
0 |
0.00 |
16384 |
20928 |
1046 |
137.1 |
0 |
0.00 |
32768 |
10572 |
528 |
138.5 |
0 |
0.00 |
63000 |
5530 |
276 |
139.4 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
7593645 |
379580 |
97.2 |
0 |
0.00 |
64 |
5042816 |
251932 |
129.0 |
0 |
0.00 |
128 |
2985482 |
149137 |
152.7 |
0 |
0.00 |
256 |
1671712 |
83516 |
171.0 |
0 |
0.00 |
512 |
875680 |
43743 |
179.2 |
0 |
0.00 |
1024 |
449848 |
22472 |
184.1 |
0 |
0.00 |
2048 |
228184 |
11400 |
186.8 |
0 |
0.00 |
4096 |
114892 |
5740 |
188.1 |
0 |
0.00 |
8192 |
58427 |
2919 |
191.3 |
0 |
0.00 |
16384 |
32512 |
1624 |
212.9 |
0 |
0.00 |
32768 |
16762 |
837 |
219.6 |
0 |
0.00 |
63000 |
7922 |
396 |
199.7 |
0 |
0.00 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13
14# We will use some colors to improve visibility of errors and info messages.
15RED='\033[0;31m'
16GREEN='\033[0;32m'
17YELLOW='\033[0;33m'
18BLUE='\033[0;34m'
19LIGHTBLUE='\033[0;36m'
20NC='\033[0m'
21INFO_TAG="${GREEN}[INFO]:${NC}"
22WARNING_TAG="${YELLOW}[WARNING]:${NC}"
23ERROR_TAG="${RED}[ERROR]:${NC}"
24
25################################################################################
26
27function disable_colors() {
28 export RED=""
29 export GREEN=""
30 export YELLOW=""
31 export NC=""
32 export BLUE=""
33 export LIGHTBLUE=""
34 export INFO_TAG="${GREEN}[INFO]:${NC}"
35 export WARNING_TAG="${YELLOW}[WARNING]:${NC}"
36 export ERROR_TAG="${RED}[ERROR]:${NC}"
37}
38
39function change_domain() {
40 if [[ "$domain" == "1" ]]; then
41 export domain="2"
42 else
43 export domain="1"
44 fi
45}
46
47# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
48function execute_test() {
49
50 local keyed_unkeyed=$1
51 local rel_be=$2
52 local datasizes_test=$3
53 local other_args=$4
54 local name_suffix=$5
55
56 local commands_string_test=$commands_string
57 local tag=""
58
59 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
60 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
61 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
62 else
63 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
64 fi
65
66 if [[ "${rel_be}" == "be" ]]; then
67 commands_string_test="${commands_string_test} -bestEffort"
68 tag="${tag}${YELLOW}BE${NC}]"
69 else
70 tag="${tag}${RED}REL${NC}]"
71 fi
72
73 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
74
75 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
76
77 if [[ "$role" == "pub" ]]; then
78 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
79 fi
80
81 if [[ "$NO_TASKSET" == "" ]]; then
82 if [[ "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
83 export pre_command_string="taskset -c $core"
84 fi
85 fi
86
87 if [[ "$LANGUAGE" == "python" ]]; then
88 export pre_command_string="python3 "
89 fi
90
91 if [[ "$DOCKER" == "1" ]]; then
92 export pre_command_string="taskset -c $core docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
93 executable=""
94 fi
95
96 # Get the aprox time this will take:
97 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
98 total_time=$((total_tests * exec_time))
99
100 touch $output_file
101 local no_headers=""
102 local current_test=0
103 for index in $(seq 1 ${num_reps}); do
104 for DATALEN in ${datasizes_test}; do
105 current_test=$((current_test + 1))
106 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
107 if [[ "$role" == "pub" ]]; then
108 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
109 echo -e ${BLUE}$command${NC}
110 else
111 echo -e ${LIGHTBLUE}$command${NC}
112 fi
113 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
114 sleep 3
115 fi
116 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
117 sleep 5
118 fi
119 if [[ "${get_netstat_info}" == "1" ]]; then
120 echo -e "${INFO_TAG} Getting netstat info before"
121 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
122 fi
123 eval $command >> $output_file;
124 if [[ "${get_netstat_info}" == "1" ]]; then
125 echo -e "${INFO_TAG} Getting netstat info after"
126 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
127 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
128 python3 $script_location/../../../tools/diff_netstat_output.py \
129 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
130 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
131 -d $DATALEN $no_header_netstat \
132 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
133 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
134 no_header_netstat=" -nh"
135 fi
136 no_headers=" -noOutputHeaders"
137
138 change_domain
139 done
140 done
141}
142
143################################################################################
144# PARSE COMMAND LINE OPTIONS:
145
146while [ "$1" != "" ]; do
147 case $1 in
148 --executable)
149 executable=$2
150 shift
151 ;;
152 --docker)
153 DOCKER="1"
154 ;;
155 --output-folder)
156 output_folder=$2
157 shift
158 ;;
159 --sub-folder)
160 sub_folder=$2
161 shift
162 ;;
163 --role)
164 export role=$2
165 shift
166 ;;
167 --core)
168 export core=$2
169 shift
170 ;;
171 --test-kind)
172 export lat_thr=$2
173 shift
174 ;;
175 --interface1)
176 export interface=$2
177 shift
178 ;;
179 --interface2)
180 export interface2=$2
181 shift
182 ;;
183 --ip1)
184 export ip1=$2
185 shift
186 ;;
187 --ip2)
188 export ip2=$2
189 shift
190 ;;
191 --repetitions)
192 export num_reps=$2
193 shift
194 ;;
195 --domain)
196 export domain=$2
197 shift
198 ;;
199 --execution-time)
200 export exec_time=$2
201 shift
202 ;;
203 --transport)
204 export transport=$2
205 shift
206 ;;
207 --datalen)
208 export datalen_input=$2
209 shift
210 ;;
211 --file-suffix)
212 export file_suffix=$2
213 shift
214 ;;
215 --executable-suffix)
216 export executable_suffix=$2
217 shift
218 ;;
219 --extra-arguments)
220 export extra_arguments=$2
221 shift
222 ;;
223 --extra-arguments-pub)
224 export extra_arguments_pub=$2
225 shift
226 ;;
227 --extra-arguments-sub)
228 export extra_arguments_sub=$2
229 shift
230 ;;
231 --skip-no-batching)
232 export skip_no_batching="1"
233 ;;
234 --skip-be)
235 export skip_be_tests="1"
236 ;;
237 --skip-rel)
238 export skip_rel_tests="1"
239 ;;
240 --skip-keyed)
241 export skip_keyed_data="1"
242 ;;
243 --skip-large-data)
244 export skip_large_data="1"
245 ;;
246 --large-data)
247 export large_data="1"
248 ;;
249 --keyed)
250 export skip_unkeyed="1"
251 ;;
252 --unkeyed)
253 export skip_keyed_data="1"
254 ;;
255 --no-batching | --skip-batching)
256 export no_batching_only="1"
257 ;;
258 --reliable)
259 export skip_be_tests="1"
260 ;;
261 --best-effort)
262 export skip_rel_tests="1"
263 ;;
264 --security-gov)
265 export security_only="$2"
266 shift
267 ;;
268 --micro)
269 export micro="1"
270 ;;
271 --cert)
272 export cert="1"
273 ;;
274 --raw | --raw-transport)
275 export raw="1"
276 ;;
277 --tss)
278 export tss="1"
279 ;;
280 --no-colors)
281 export NO_COLORS="1"
282 ;;
283 --language)
284 export LANGUAGE=$2
285 shift
286 ;;
287 --loss-rate)
288 export loss_rate=$2
289 shift
290 ;;
291 --get-netstat-info | --netstat)
292 export get_netstat_info="1"
293 ;;
294 --no-taskset)
295 export NO_TASKSET="1"
296 ;;
297 --reduced-data-sizes-set)
298 export REDUCED_DATA_SIZES_SET="1"
299 ;;
300 *)
301 echo -e "unknown parameter \"$1\""
302 exit 255
303 ;;
304 esac
305 shift
306done
307
308if [[ "$NO_COLORS" == "1" ]]; then
309 disable_colors
310fi
311
312export folder_base="$(dirname "${executable}")"/../../..
313
314if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
315 export folder_base="$(dirname "${executable}")"/../..
316fi
317if [[ $tss == "1" ]]; then
318 export folder_base="$(dirname "${executable}")"/../../../../..
319fi
320
321if [[ "${executable_suffix}" != "" ]]; then
322 export executable="${executable}${executable_suffix}"
323fi
324
325if [[ "${sub_folder}" != "" ]]; then
326 export output_folder="${output_folder}/${sub_folder}"
327fi
328
329echo -e "${INFO_TAG} Perftest executable is: $executable"
330echo -e "${INFO_TAG} Output folder is: $output_folder"
331
332################################################################################
333
334if [[ "$LANGUAGE" == "python" ]]; then
335 export skip_keyed_data="1"
336 export skip_large_data="1"
337 export skip_be_tests="1"
338 export skip_no_batching="1"
339fi
340
341if [[ "${skip_large_data}" == "1" ]]; then
342 export datasizes_extended=${datasizes}
343elif [[ "${large_data}" == "1" ]]; then
344 export datasizes=${datasizes_extended}
345fi
346
347if [[ "${datalen_input}" != "" ]]; then
348 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
349 export datasizes=${datalen_input}
350 export datasizes_extended=${datalen_input}
351 if [[ "${no_batching_only}" != "1" ]]; then
352 export skip_large_data="1"
353 fi
354else
355 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
356 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
357 export datasizes="32 128 512 2048 8192 32768 63000"
358 export datasizes_extended="${datasizes} 102400 1048576 10485760"
359 fi
360fi
361
362if [[ "$role" != "pub" && "$role" != "sub" ]]; then
363 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
364 exit 255
365fi
366
367if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
368 echo -e "${ERROR_TAG} It must be either lat or thr"
369 exit 255
370fi
371
372if [[ "${interface}" == "" ]]; then
373 echo "Using default nics"
374 export nic_publisher=${ip_machine_1}
375 export nic_subscriber=${ip_machine_2}
376elif [[ "${interface}" == "both" ]]; then
377 export nic_publisher="enp1s0f0,eno1"
378 export nic_subscriber="enp1s0f0,eno1"
379 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
380 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
381else
382 export nic_publisher=$interface
383 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
384
385 if [[ "${interface2}" == "" ]]; then
386 export nic_subscriber=$interface
387 else
388 export nic_subscriber=$interface2
389 fi
390 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
391
392 if [[ "${ip1}" != "" ]]; then
393 export ip_publisher=$ip1
394 echo "Using ip_publisher: ${ip_publisher}"
395 fi
396
397 if [[ "${ip2}" != "" ]]; then
398 export ip_subscriber=$ip2
399 echo "Using ip_subscriber: ${ip_subscriber}"
400 fi
401
402fi
403
404export transport_string="-transport $transport"
405
406if [[ "$transport" == "UDPv4" ]]; then
407
408 export transport_string_pub="$transport_string -nic $nic_publisher"
409 export transport_string_sub="$transport_string -nic $nic_subscriber"
410
411 if [[ "$micro" == "1" || "$raw" == "1" || "$cert" == "1" ]]; then
412 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
413 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
414 fi
415
416elif [[ "$transport" == "TCP" ]]; then
417 export transport_string_pub="$transport_string \
418 -nic $nic_publisher \
419 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
420 export transport_string_sub="$transport_string \
421 -nic $nic_subscriber \
422 -peer 0@tcpv4_lan://${ip_publisher}:7400"
423elif [[ "$transport" == "TLS" ]]; then
424 export transport_string_pub="$transport_string \
425 -nic $nic_publisher \
426 -peer tlsv4_lan://${ip_subscriber}:7400"
427 export transport_string_sub="$transport_string \
428 -nic $nic_subscriber \
429 -peer tlsv4_lan://${ip_publisher}:7400"
430elif [[ "$transport" == "UDPv4_WAN" ]]; then
431 export transport_string_pub="$transport_string \
432 -nic $nic_publisher \
433 -transportPublicAddress $ip_publisher:7400"
434 export transport_string_sub="$transport_string \
435 -nic $nic_subscriber \
436 -peer 0@udpv4_wan://${ip_publisher}:7400"
437else
438 export transport_string_pub="$transport_string"
439 export transport_string_sub="$transport_string"
440fi
441
442################################################################################
443
444export pub_string="-pub \
445 ${transport_string_pub} \
446 -noPrintIntervals \
447 -executionTime $exec_time"
448
449if [[ ${lat_thr} == "lat" ]]; then
450 export pub_string="$pub_string \
451 -latencyTest"
452fi
453
454export sub_string="-sub \
455 ${transport_string_sub} \
456 -noPrintIntervals"
457
458if [[ "$role" == "pub" ]]; then
459 echo -e "$INFO_TAG Publisher side running"
460 export commands_string=${pub_string}
461 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
462else
463 echo -e "$INFO_TAG Subscriber side running"
464 export commands_string=${sub_string}
465 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
466fi
467
468###############################################################################
469
470echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
471sudo /set_${lat_thr}_mode.sh
472sleep 5
473
474echo -e "${INFO_TAG} Disabling any loss rate"
475sudo tc qdisc add dev $nic_publisher root netem loss 0%
476sudo tc qdisc del dev $nic_publisher root netem loss 0%
477
478if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
479 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
480 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
481fi
482
483cd $folder_base
484echo -e "${INFO_TAG} Folder Base is: $PWD"
485mkdir -p $output_folder
486
487# Tests that may use batching (when doing throughput tests)
488if [[ ${no_batching_only} != "1" ]]; then
489
490 # UNKEYED
491 if [[ "${skip_unkeyed}" == "" ]]; then
492
493 # RELIABLE
494 if [[ "${skip_rel_tests}" == "" ]]; then
495 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
496 fi
497
498 # BEST EFFORT
499 if [[ "${skip_be_tests}" == "" ]]; then
500 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
501 fi
502 fi
503
504 # KEYED
505 if [[ "${skip_keyed_data}" == "" ]]; then
506
507 # RELIABLE
508 if [[ "${skip_rel_tests}" == "" ]]; then
509 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
510 fi
511
512 # BEST EFFORT
513 if [[ "${skip_be_tests}" == "" ]]; then
514 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
515 fi
516 fi
517
518fi
519
520if [[ "${skip_no_batching}" == "" || "${no_batching_only}" == "1" ]]; then
521 no_batching_tests="1"
522fi
523
524# Tests that will not use batching
525if [[ "${lat_thr}" == "thr" && "${no_batching_tests}" == "1" ]]; then
526
527 if [[ "$role" == "pub" ]]; then
528 export commands_string="${commands_string} -batchSize 0"
529 fi
530
531 # UNKEYED
532 if [[ "${skip_unkeyed}" == "" ]]; then
533
534 # RELIABLE
535 if [[ "${skip_rel_tests}" == "" ]]; then
536 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
537 fi
538
539 # BEST EFFORT
540 if [[ "${skip_be_tests}" == "" ]]; then
541 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
542 fi
543 fi
544
545 # KEYED
546 if [[ "${skip_keyed_data}" == "" ]]; then
547
548 # RELIABLE
549 if [[ "${skip_rel_tests}" == "" ]]; then
550 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
551 fi
552
553 # BEST EFFORT
554 if [[ "${skip_be_tests}" == "" ]]; then
555 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
556 fi
557 fi
558
559fi
560
561if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
562 echo -e "${INFO_TAG} Disabling loss rate"
563 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
564fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-no-batching --skip-be --skip-large-data \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-no-batching --skip-be --skip-large-data \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-no-batching --skip-be --skip-large-data \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-no-batching --skip-be --skip-large-data \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-no-batching --skip-be --skip-large-data \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-no-batching --skip-be --skip-large-data \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-no-batching --skip-be --skip-large-data \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Raspberry Pi Nodes
Raspberry Pi 4
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps Interfaces)
Wireless Router
Consumer grace wireless router with 1Gbps interface.