1.5.1.1. Different Security Governance Configuration Levels
The following one-to-one tests have been performed by executing an RTI Perftest C++98 Publisher and Subscriber between two nodes, connected to a switch via Ethernet. The communication has been restricted to a single interface and the transport has been set to UDPv4.
These tests are equivalent to the ones performed in the Core Libraries UDPv4 section (Unkeyed, UDPv4 10Gbps Network, C++98), but additionally enabling different Security Profiles (using different Governance configurations). The “Not using security libraries” values in the graphs below are equivalent to the Core Libraries numbers, so you can compare Connext performance with and without the Security Plugins.
Find information about the hardware, network, and command-line parameters after each of the tests.
The graph below shows the one-way latency without load between a Publisher and a Subscriber running in two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
We use the median (50th percentile) instead of the average in order to get a more stable measurement that does not account for spurious outliers. We also calculate the average value and other percentile values, which can be seen in the Detailed Statistics section below.
Detailed Statistics
The following tables contain the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
18 |
1.0 |
17 |
56 |
17 |
18 |
21 |
47 |
56 |
64 |
17 |
1.1 |
16 |
73 |
17 |
18 |
21 |
46 |
73 |
128 |
17 |
1.3 |
16 |
61 |
17 |
18 |
24 |
47 |
61 |
256 |
19 |
1.8 |
17 |
59 |
18 |
20 |
27 |
48 |
59 |
512 |
20 |
7.9 |
17 |
5057 |
19 |
22 |
31 |
50 |
5057 |
1024 |
25 |
4.8 |
18 |
65 |
26 |
28 |
41 |
57 |
65 |
2048 |
29 |
27.3 |
20 |
4871 |
30 |
33 |
41 |
66 |
4871 |
4096 |
31 |
18.9 |
25 |
4868 |
30 |
36 |
51 |
71 |
4868 |
8192 |
43 |
67.9 |
35 |
5031 |
37 |
56 |
68 |
4380 |
5031 |
16384 |
87 |
26.5 |
46 |
169 |
86 |
125 |
138 |
157 |
169 |
32768 |
141 |
20.6 |
70 |
267 |
125 |
172 |
183 |
202 |
267 |
63000 |
186 |
2.6 |
107 |
275 |
186 |
187 |
192 |
215 |
275 |
No protection
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
18 |
1.0 |
17 |
59 |
17 |
18 |
21 |
47 |
59 |
64 |
17 |
1.1 |
16 |
62 |
17 |
18 |
21 |
47 |
62 |
128 |
17 |
1.2 |
16 |
64 |
17 |
18 |
23 |
46 |
64 |
256 |
19 |
1.6 |
17 |
70 |
18 |
20 |
26 |
48 |
70 |
512 |
20 |
2.4 |
18 |
84 |
19 |
22 |
28 |
49 |
84 |
1024 |
25 |
8.2 |
18 |
3296 |
26 |
28 |
41 |
57 |
3296 |
2048 |
29 |
30.1 |
21 |
4899 |
30 |
33 |
41 |
71 |
4899 |
4096 |
31 |
22.4 |
25 |
4965 |
30 |
36 |
54 |
70 |
4965 |
8192 |
43 |
67.4 |
35 |
4871 |
37 |
56 |
68 |
4364 |
4871 |
16384 |
87 |
27.0 |
46 |
168 |
86 |
125 |
138 |
154 |
168 |
32768 |
137 |
19.7 |
74 |
238 |
125 |
168 |
182 |
198 |
238 |
63000 |
162 |
13.7 |
107 |
215 |
159 |
186 |
189 |
208 |
215 |
RTPS Sign
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
24 |
1.2 |
23 |
65 |
24 |
25 |
28 |
54 |
65 |
64 |
24 |
1.2 |
23 |
67 |
24 |
24 |
28 |
54 |
67 |
128 |
24 |
1.2 |
23 |
75 |
24 |
25 |
28 |
54 |
75 |
256 |
25 |
1.5 |
24 |
72 |
25 |
26 |
33 |
56 |
72 |
512 |
26 |
1.7 |
24 |
61 |
25 |
27 |
34 |
55 |
61 |
1024 |
27 |
16.0 |
25 |
4638 |
26 |
29 |
40 |
58 |
4638 |
2048 |
31 |
6.6 |
28 |
3141 |
30 |
33 |
46 |
65 |
3141 |
4096 |
35 |
8.3 |
33 |
4041 |
34 |
38 |
49 |
67 |
4041 |
8192 |
48 |
6.1 |
44 |
158 |
46 |
56 |
76 |
110 |
158 |
16384 |
103 |
29.4 |
57 |
197 |
96 |
143 |
170 |
183 |
197 |
32768 |
167 |
23.2 |
84 |
259 |
172 |
190 |
192 |
223 |
259 |
63000 |
200 |
15.0 |
123 |
308 |
207 |
209 |
212 |
261 |
308 |
RTPS Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
25 |
1.2 |
23 |
62 |
24 |
25 |
28 |
54 |
62 |
64 |
25 |
1.3 |
24 |
94 |
25 |
25 |
29 |
56 |
94 |
128 |
25 |
1.2 |
23 |
85 |
25 |
25 |
29 |
55 |
85 |
256 |
25 |
1.5 |
24 |
68 |
25 |
26 |
33 |
55 |
68 |
512 |
26 |
1.8 |
24 |
68 |
26 |
27 |
35 |
56 |
68 |
1024 |
28 |
15.5 |
26 |
4796 |
27 |
30 |
41 |
60 |
4796 |
2048 |
31 |
4.9 |
28 |
2077 |
30 |
33 |
45 |
65 |
2077 |
4096 |
36 |
9.7 |
34 |
4401 |
35 |
39 |
51 |
68 |
4401 |
8192 |
50 |
12.8 |
46 |
4986 |
48 |
56 |
80 |
116 |
4986 |
16384 |
107 |
31.3 |
60 |
230 |
99 |
148 |
173 |
187 |
230 |
32768 |
182 |
25.3 |
94 |
1308 |
195 |
196 |
200 |
270 |
1308 |
63000 |
212 |
16.9 |
136 |
1322 |
219 |
221 |
227 |
736 |
1322 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
30 |
5.7 |
29 |
3098 |
30 |
30 |
34 |
60 |
3098 |
64 |
30 |
4.1 |
29 |
2164 |
30 |
31 |
35 |
60 |
2164 |
128 |
30 |
5.6 |
29 |
3055 |
30 |
31 |
35 |
60 |
3055 |
256 |
31 |
1.4 |
29 |
70 |
31 |
31 |
36 |
61 |
70 |
512 |
31 |
1.7 |
30 |
77 |
31 |
32 |
40 |
62 |
77 |
1024 |
34 |
2.2 |
32 |
89 |
33 |
35 |
44 |
64 |
89 |
2048 |
36 |
22.9 |
34 |
4736 |
36 |
38 |
46 |
74 |
4736 |
4096 |
43 |
3.2 |
40 |
98 |
42 |
43 |
62 |
74 |
98 |
8192 |
56 |
6.7 |
53 |
2050 |
55 |
58 |
82 |
115 |
2050 |
16384 |
117 |
31.7 |
69 |
213 |
116 |
163 |
185 |
196 |
213 |
32768 |
185 |
21.2 |
98 |
245 |
187 |
208 |
211 |
238 |
245 |
63000 |
229 |
16.5 |
153 |
1318 |
236 |
239 |
247 |
310 |
1318 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
34 |
1.5 |
32 |
77 |
34 |
35 |
40 |
65 |
77 |
64 |
34 |
1.4 |
33 |
75 |
34 |
35 |
40 |
65 |
75 |
128 |
35 |
1.5 |
33 |
78 |
34 |
36 |
40 |
65 |
78 |
256 |
35 |
1.5 |
33 |
78 |
35 |
36 |
41 |
66 |
78 |
512 |
36 |
1.5 |
34 |
77 |
35 |
37 |
42 |
67 |
77 |
1024 |
37 |
6.1 |
35 |
2964 |
37 |
38 |
45 |
69 |
2964 |
2048 |
41 |
20.4 |
39 |
4707 |
40 |
42 |
49 |
75 |
4707 |
4096 |
49 |
4.8 |
45 |
118 |
48 |
50 |
73 |
92 |
118 |
8192 |
64 |
19.3 |
60 |
5067 |
62 |
64 |
105 |
125 |
5067 |
16384 |
128 |
34.1 |
79 |
218 |
127 |
176 |
194 |
208 |
218 |
32768 |
202 |
21.9 |
118 |
264 |
205 |
225 |
229 |
257 |
264 |
63000 |
258 |
19.1 |
182 |
1185 |
267 |
270 |
277 |
319 |
1185 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
28 |
1.3 |
27 |
75 |
28 |
29 |
33 |
59 |
75 |
64 |
28 |
6.6 |
27 |
3703 |
28 |
29 |
33 |
58 |
3703 |
128 |
29 |
1.4 |
28 |
74 |
29 |
30 |
35 |
60 |
74 |
256 |
30 |
1.6 |
28 |
71 |
29 |
31 |
37 |
60 |
71 |
512 |
30 |
14.5 |
28 |
4740 |
30 |
31 |
39 |
61 |
4740 |
1024 |
32 |
7.1 |
30 |
3624 |
31 |
34 |
43 |
67 |
3624 |
2048 |
35 |
3.3 |
32 |
74 |
34 |
38 |
60 |
67 |
74 |
4096 |
41 |
32.9 |
38 |
4705 |
40 |
42 |
52 |
484 |
4705 |
8192 |
54 |
4.4 |
51 |
141 |
53 |
56 |
78 |
112 |
141 |
16384 |
116 |
32.4 |
68 |
216 |
115 |
163 |
182 |
195 |
216 |
32768 |
195 |
24.0 |
102 |
1372 |
206 |
208 |
213 |
280 |
1372 |
63000 |
225 |
17.0 |
151 |
276 |
235 |
238 |
244 |
272 |
276 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13export run_batching_tests="1"
14export run_no_batching_tests="1"
15
16# We will use some colors to improve visibility of errors and info messages.
17RED='\033[0;31m'
18GREEN='\033[0;32m'
19YELLOW='\033[0;33m'
20BLUE='\033[0;34m'
21LIGHTBLUE='\033[0;36m'
22NC='\033[0m'
23INFO_TAG="${GREEN}[INFO][$role]:${NC}"
24WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
25ERROR_TAG="${RED}[ERROR][$role]:${NC}"
26
27################################################################################
28
29function disable_colors() {
30 export RED=""
31 export GREEN=""
32 export YELLOW=""
33 export NC=""
34 export BLUE=""
35 export LIGHTBLUE=""
36 export INFO_TAG="${GREEN}[INFO][$role]:${NC}"
37 export WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
38 export ERROR_TAG="${RED}[ERROR][$role]:${NC}"
39}
40
41function change_domain() {
42 if [[ "$domain" == "1" ]]; then
43 export domain="2"
44 else
45 export domain="1"
46 fi
47}
48
49# Function to process and append lines to the output file
50function append_to_output_file() {
51 local line=${1?line required}; readonly line
52 local append=$(echo "${2?append required}" | tr -s ' '); readonly append
53 local file=${3?file required}; readonly file
54 if [[ "${line: -1}" == $'\n' ]]; then
55 line="${line::-1}"
56 fi
57 echo "${line}${append}" >> "$file"
58}
59
60# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
61function execute_test() {
62
63 local keyed_unkeyed=$1
64 local rel_be=$2
65 local datasizes_test=$3
66 local other_args=$4
67 local name_suffix=$5
68
69 local commands_string_test=$commands_string
70 local tag=""
71
72 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
73 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
74 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
75 else
76 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
77 fi
78
79 if [[ "${rel_be}" == "be" ]]; then
80 commands_string_test="${commands_string_test} -bestEffort"
81 tag="${tag}${YELLOW}BE${NC}]"
82 else
83 tag="${tag}${RED}REL${NC}]"
84 fi
85
86 # If batch_size is set, we will add it to the command line of the publisher side.
87 if [[ "$batch_size" != "" && "$role" == "pub" ]]; then
88 commands_string_test="${commands_string_test} -batchSize $batch_size"
89 fi
90
91 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
92
93 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
94
95 if [[ "$role" == "pub" ]]; then
96 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
97 fi
98
99 if [[ "$thread_cpu_affinity" != "" ]]; then
100 commands_string_test="${commands_string_test} -threadCPUAffinity $thread_cpu_affinity"
101 fi
102
103 local pre_command_string=""
104
105 if [[ "$thread_priorities" != "" ]]; then
106 echo -e "${WARNING_TAG} Thread priorities enabled, this requires using sudo"
107 # When using sudo, the LD_LIBRARY_PATH is emptied, hence we need to set it again in the command itself
108 export LD_LIBRARY_PATH_COPIED="$LD_LIBRARY_PATH"
109 pre_command_string="sudo LD_LIBRARY_PATH=$LD_LIBRARY_PATH_COPIED "
110 commands_string_test="${commands_string_test} -threadPriorities $thread_priorities"
111 fi
112
113 if [[ "$pin_memory" != "" ]]; then
114 commands_string_test="${commands_string_test} -pinMemory"
115 fi
116
117 if [[ "$no_taskset" == "" && "$thread_cpu_affinity" == "" && "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
118 pre_command_string="$pre_command_string taskset -c $core"
119 fi
120
121 if [[ "$LANGUAGE" == "python" ]]; then
122 pre_command_string="$pre_command_string python3 "
123 fi
124
125 if [[ "$DOCKER" == "1" ]]; then
126 pre_command_string="$pre_command_string docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
127 executable=""
128 fi
129
130 # Get the aprox time this will take:
131 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
132 total_time=$((total_tests * exec_time))
133
134 touch $output_file
135 local no_headers=""
136 local current_test=0
137 for index in $(seq 1 ${num_reps}); do
138 for DATALEN in ${datasizes_test}; do
139 current_test=$((current_test + 1))
140
141 if [[ ! -s $output_file ]]; then
142 echo -e "${INFO_TAG} Output file is empty, filling the header."
143 no_headers=""
144 else
145 echo -e "${INFO_TAG} Output file is not empty."
146 no_headers=" -noOutputHeaders"
147 fi
148
149 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
150 if [[ "$role" == "pub" ]]; then
151 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
152 echo -e ${BLUE}$command${NC}
153 else
154 echo -e ${LIGHTBLUE}$command${NC}
155 fi
156
157 # In certain cases we need to wait a bit before running the test, this is
158 # because the previous test might not be finished on the other side yet, or because the
159 # discovery mechanism does not work like in connext DDS.
160 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
161 sleep 3
162 fi
163 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
164 sleep 5
165 fi
166
167 # Gather netstat info before running the test
168 if [[ "${get_netstat_info}" == "1" ]]; then
169 echo -e "${INFO_TAG} Getting netstat info before"
170 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
171 fi
172
173 # Execute the command and capture the output
174 if [[ $LANGUAGE == "c++98" || $LANGUAGE == "" ]]; then
175 echo -e "${INFO_TAG} Using C++98, using -outputFile option"
176 touch ${output_file}_tmp_line
177 chmod 777 ${output_file}_tmp_line
178 eval $command -outputFile ${output_file}_tmp_line
179 else
180 eval $command > ${output_file}_tmp_line
181 fi
182
183 number_of_lines=$(wc -l < ${output_file}_tmp_line)
184 echo -e "${INFO_TAG} Size of the output text: $number_of_lines lines"
185
186 # Check if this is the first test for this output file.
187 local is_first_test=0
188 if [[ ! -s $output_file ]]; then
189 is_first_test=1
190 fi
191 local expected_lines=$((is_first_test+1))
192
193 if [[ $number_of_lines -ne ${expected_lines} ]]; then
194 echo -e "${WARNING_TAG} The output text should have ${expected_lines} lines, but it has ${number_of_lines}."
195 echo -e "${RED} The content is: \n\"\"\""
196 cat ${output_file}_tmp_line
197 echo -e "\"\"\""
198 echo -e "Not adding it to the output file. ${NC}"
199 else
200 if [[ $number_of_lines -gt 1 ]]; then
201 header_line=$(head -n 1 "${output_file}_tmp_line")
202 echo -e "${INFO_TAG} Header line is: $header_line"
203 fi
204 result_line=$(tail -n 1 "${output_file}_tmp_line")
205 echo -e "${INFO_TAG} Result line is: $result_line"
206
207 # If this is the first test, we need to add the header line to the output file
208 if [[ $is_first_test -eq 1 ]]; then
209 append_to_output_file "$header_line" ", command-line" $output_file
210 fi
211
212 command=$(echo $command | sed 's/,/:comma:/g')
213 # Remove the `"` characters from the command line
214 command=$(echo $command | sed 's/\"//g')
215
216 # Append the result line to the output file
217 append_to_output_file "$result_line" ", $command" $output_file
218 fi
219
220 # Always remove the temporary file
221 rm -rf ${output_file}_tmp_line
222
223 # Gather netstat info after running the test
224 if [[ "${get_netstat_info}" == "1" ]]; then
225 echo -e "${INFO_TAG} Getting netstat info after"
226 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
227 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
228 python3 $script_location/../../../tools/diff_netstat_output.py \
229 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
230 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
231 -d $DATALEN $no_header_netstat \
232 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
233 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
234 no_header_netstat=" -nh"
235 fi
236
237 change_domain
238 done
239 done
240}
241
242################################################################################
243# PARSE COMMAND LINE OPTIONS:
244
245while [ "$1" != "" ]; do
246 case $1 in
247 --executable)
248 executable=$2
249 shift
250 ;;
251 --docker)
252 DOCKER="1"
253 ;;
254 --output-folder)
255 output_folder=$2
256 shift
257 ;;
258 --role)
259 export role=$2
260 shift
261 ;;
262 --core)
263 export core=$2
264 shift
265 ;;
266 --assign-core-list | --thread-cpu-affinity)
267 export thread_cpu_affinity=$2
268 shift
269 ;;
270 --assign-thread-priorities | --thread-priorities)
271 export thread_priorities=$2
272 shift
273 ;;
274 --pin-memory)
275 export pin_memory="1"
276 ;;
277 --test-kind)
278 export lat_thr=$2
279 shift
280 ;;
281 --interface1)
282 export interface=$2
283 shift
284 ;;
285 --interface2)
286 export interface2=$2
287 shift
288 ;;
289 --ip1)
290 export ip1=$2
291 shift
292 ;;
293 --ip2)
294 export ip2=$2
295 shift
296 ;;
297 --repetitions)
298 export num_reps=$2
299 shift
300 ;;
301 --domain)
302 export domain=$2
303 shift
304 ;;
305 --execution-time)
306 export exec_time=$2
307 shift
308 ;;
309 --transport)
310 export transport=$2
311 shift
312 ;;
313 --datalen)
314 export datalen_input=$2
315 shift
316 ;;
317 --file-suffix)
318 export file_suffix=$2
319 shift
320 ;;
321 --folder-suffix)
322 export folder_suffix=$2
323 shift
324 ;;
325 --sub-folder)
326 sub_folder=$2
327 shift
328 ;;
329 --executable-suffix)
330 export executable_suffix=$2
331 shift
332 ;;
333 --extra-arguments)
334 export extra_arguments=$2
335 shift
336 ;;
337 --extra-arguments-pub)
338 export extra_arguments_pub=$2
339 shift
340 ;;
341 --extra-arguments-sub)
342 export extra_arguments_sub=$2
343 shift
344 ;;
345 --skip-be)
346 export skip_be_tests="1"
347 ;;
348 --skip-rel)
349 export skip_rel_tests="1"
350 ;;
351 --skip-keyed)
352 export skip_keyed_data="1"
353 ;;
354 --skip-large-data)
355 export skip_large_data="1"
356 ;;
357 --large-data)
358 export large_data="1"
359 ;;
360 --keyed)
361 export skip_unkeyed="1"
362 ;;
363 --unkeyed)
364 export skip_keyed_data="1"
365 ;;
366 --no-batching | --skip-batching)
367 export run_batching_tests="0"
368 export run_no_batching_tests="1"
369 ;;
370 --skip-no-batching)
371 export run_batching_tests="1"
372 export run_no_batching_tests="0"
373 ;;
374 --batch-size)
375 export batch_size=$2
376 shift
377 ;;
378 --reliable)
379 export skip_be_tests="1"
380 ;;
381 --best-effort)
382 export skip_rel_tests="1"
383 ;;
384 --security-gov)
385 export security_only="$2"
386 shift
387 ;;
388 --micro)
389 export micro="1"
390 ;;
391 --cert)
392 export cert="1"
393 ;;
394 --raw | --raw-transport)
395 export raw="1"
396 ;;
397 --tss)
398 export tss="1"
399 ;;
400 --no-colors)
401 export NO_COLORS="1"
402 ;;
403 --language)
404 export LANGUAGE=$2
405 shift
406 ;;
407 --loss-rate)
408 export loss_rate=$2
409 shift
410 ;;
411 --get-netstat-info | --netstat)
412 export get_netstat_info="1"
413 ;;
414 --reduced-data-sizes-set)
415 export REDUCED_DATA_SIZES_SET="1"
416 ;;
417 --dont-change-tuned-settings)
418 export dont_change_tuned_settings="1"
419 ;;
420 --no-taskset)
421 export no_taskset=1
422 ;;
423 *)
424 echo -e "unknown parameter \"$1\""
425 exit 255
426 ;;
427 esac
428 shift
429done
430
431if [[ "$NO_COLORS" == "1" ]]; then
432 disable_colors
433fi
434
435export folder_base="$(dirname "${executable}")"/../../..
436
437if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
438 export folder_base="$(dirname "${executable}")"/../..
439fi
440if [[ $tss == "1" ]]; then
441 export folder_base="$(dirname "${executable}")"/../../../../..
442fi
443
444if [[ "${executable_suffix}" != "" ]]; then
445 export executable="${executable}${executable_suffix}"
446fi
447
448if [[ -n "${folder_suffix}" ]]; then
449 export output_folder="${output_folder}${folder_suffix}"
450fi
451
452if [[ -n "${sub_folder}" ]]; then
453 export output_folder="${output_folder}/${sub_folder}"
454fi
455
456echo -e "${INFO_TAG} Perftest executable is: $executable"
457echo -e "${INFO_TAG} Output folder is: $output_folder"
458
459################################################################################
460
461if [[ "$LANGUAGE" == "python" ]]; then
462 export skip_keyed_data="1"
463 export skip_large_data="1"
464 export skip_be_tests="1"
465 export run_no_batching_tests="0"
466fi
467
468if [[ "${skip_large_data}" == "1" ]]; then
469 export datasizes_extended=${datasizes}
470elif [[ "${large_data}" == "1" ]]; then
471 export datasizes=${datasizes_extended}
472fi
473
474if [[ "${datalen_input}" != "" ]]; then
475 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
476 export datasizes=${datalen_input}
477 export datasizes_extended=${datalen_input}
478 if [[ "${run_no_batching_tests}" == "1" && "${run_batching_tests}" == "0" ]]; then
479 export skip_large_data="1"
480 fi
481else
482 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
483 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
484 export datasizes="32 128 512 2048 8192 32768 63000"
485 export datasizes_extended="${datasizes} 102400 1048576 10485760"
486 fi
487fi
488
489if [[ "$role" != "pub" && "$role" != "sub" ]]; then
490 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
491 exit 255
492fi
493
494if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
495 echo -e "${ERROR_TAG} It must be either lat or thr"
496 exit 255
497fi
498
499if [[ "${interface}" == "" ]]; then
500 echo "Using default nics"
501 export nic_publisher=${ip_machine_1}
502 export nic_subscriber=${ip_machine_2}
503elif [[ "${interface}" == "both" ]]; then
504 export nic_publisher="enp1s0f0,eno1"
505 export nic_subscriber="enp1s0f0,eno1"
506 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
507 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
508else
509 export nic_publisher=$interface
510 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
511
512 if [[ "${interface2}" == "" ]]; then
513 export nic_subscriber=$interface
514 else
515 export nic_subscriber=$interface2
516 fi
517 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
518
519 if [[ "${ip1}" != "" ]]; then
520 export ip_publisher=$ip1
521 echo "Using ip_publisher: ${ip_publisher}"
522 fi
523
524 if [[ "${ip2}" != "" ]]; then
525 export ip_subscriber=$ip2
526 echo "Using ip_subscriber: ${ip_subscriber}"
527 fi
528
529fi
530
531export transport_string="-transport $transport"
532
533if [[ "$transport" == "UDPv4" ]]; then
534
535 export transport_string_pub="$transport_string -nic $nic_publisher"
536 export transport_string_sub="$transport_string -nic $nic_subscriber"
537
538 if [[ "$raw" == "1" ]]; then
539 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
540 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
541 fi
542
543 if [[ "$micro" == "1" || "$cert" == "1" ]]; then
544 export transport_string_pub="$transport_string_pub -peer _udp://${ip_subscriber}"
545 export transport_string_sub="$transport_string_sub -peer _udp://${ip_publisher}"
546 fi
547
548elif [[ "$transport" == "TCP" ]]; then
549 export transport_string_pub="$transport_string \
550 -nic $nic_publisher \
551 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
552 export transport_string_sub="$transport_string \
553 -nic $nic_subscriber \
554 -peer 0@tcpv4_lan://${ip_publisher}:7400"
555elif [[ "$transport" == "TLS" ]]; then
556 export transport_string_pub="$transport_string \
557 -nic $nic_publisher \
558 -peer tlsv4_lan://${ip_subscriber}:7400"
559 export transport_string_sub="$transport_string \
560 -nic $nic_subscriber \
561 -peer tlsv4_lan://${ip_publisher}:7400"
562elif [[ "$transport" == "UDPv4_WAN" ]]; then
563 export transport_string_pub="$transport_string \
564 -nic $nic_publisher \
565 -transportPublicAddress $ip_publisher:7400"
566 export transport_string_sub="$transport_string \
567 -nic $nic_subscriber \
568 -peer 0@udpv4_wan://${ip_publisher}:7400"
569else
570 export transport_string_pub="$transport_string"
571 export transport_string_sub="$transport_string"
572fi
573
574################################################################################
575
576export pub_string="-pub \
577 ${transport_string_pub} \
578 -noPrintIntervals \
579 -executionTime $exec_time"
580
581if [[ ${lat_thr} == "lat" ]]; then
582 export pub_string="$pub_string \
583 -latencyTest"
584fi
585
586export sub_string="-sub \
587 ${transport_string_sub} \
588 -noPrintIntervals"
589
590if [[ "$role" == "pub" ]]; then
591 echo -e "$INFO_TAG Publisher side running"
592 export commands_string=${pub_string}
593 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
594else
595 echo -e "$INFO_TAG Subscriber side running"
596 export commands_string=${sub_string}
597 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
598fi
599
600###############################################################################
601
602if [[ "$dont_change_tuned_settings" != "1" ]]; then
603 echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
604 sudo /set_${lat_thr}_mode.sh
605 sleep 5
606fi
607
608echo -e "${INFO_TAG} Disabling any loss rate"
609sudo tc qdisc add dev $nic_publisher root netem loss 0%
610sudo tc qdisc del dev $nic_publisher root netem loss 0%
611
612if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
613 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
614 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
615fi
616
617cd $folder_base
618echo -e "${INFO_TAG} Folder Base is: $PWD"
619mkdir -p $output_folder
620
621if [[ "${batch_size}" != "" ]]; then
622 if [[ "${lat_thr}" == "thr" ]]; then
623 if [[ "${batch_size}" -eq 0 ]]; then
624 echo -e "${INFO_TAG} Batch size is set to 0"
625 export run_batching_tests="0"
626 export run_no_batching_tests="1"
627 else
628 echo -e "${INFO_TAG} Batch size is set to ${batch_size}"
629 export run_batching_tests="1"
630 export run_no_batching_tests="0"
631 fi
632 else
633 echo -e "${INFO_TAG} Batch size is set to ${batch_size}. This value will be ignored for latency tests."
634 unset batch_size
635 fi
636fi
637
638# Tests that may use batching (when doing throughput tests). Also Latency tests.
639if [[ ${run_batching_tests} == "1" ]]; then
640
641 # UNKEYED
642 if [[ "${skip_unkeyed}" == "" ]]; then
643
644 # RELIABLE
645 if [[ "${skip_rel_tests}" == "" ]]; then
646 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
647 fi
648
649 # BEST EFFORT
650 if [[ "${skip_be_tests}" == "" ]]; then
651 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
652 fi
653 fi
654
655 # KEYED
656 if [[ "${skip_keyed_data}" == "" ]]; then
657
658 # RELIABLE
659 if [[ "${skip_rel_tests}" == "" ]]; then
660 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
661 fi
662
663 # BEST EFFORT
664 if [[ "${skip_be_tests}" == "" ]]; then
665 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
666 fi
667 fi
668
669fi
670
671# Tests that will not use batching
672if [[ "${lat_thr}" == "thr" && "${run_no_batching_tests}" == "1" ]]; then
673
674 if [[ "$role" == "pub" ]]; then
675 export commands_string="${commands_string} -batchSize 0"
676 fi
677
678 # UNKEYED
679 if [[ "${skip_unkeyed}" == "" ]]; then
680
681 # RELIABLE
682 if [[ "${skip_rel_tests}" == "" ]]; then
683 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
684 fi
685
686 # BEST EFFORT
687 if [[ "${skip_be_tests}" == "" ]]; then
688 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
689 fi
690 fi
691
692 # KEYED
693 if [[ "${skip_keyed_data}" == "" ]]; then
694
695 # RELIABLE
696 if [[ "${skip_rel_tests}" == "" ]]; then
697 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
698 fi
699
700 # BEST EFFORT
701 if [[ "${skip_be_tests}" == "" ]]; then
702 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
703 fi
704 fi
705
706fi
707
708if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
709 echo -e "${INFO_TAG} Disabling loss rate"
710 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
711fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-be --skip-no-batching \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-be --skip-no-batching \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-be --skip-no-batching \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-be --skip-no-batching \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-be --skip-no-batching \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-be --skip-no-batching \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-be --skip-no-batching \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Linux Nodes
Dell R340 Servers (13 Units)
Processor: Intel Xeon E-2278G (3.4-5GHz, 8c/16t, 16MB cache, 2 memory channels @2666MHz)
RAM: 4x 16GB 2666MHz DIMM (64GB RAM)
HD: 480GB SATA SSD
NIC 1: Intel 710 dual port 10Gbps SFP
OS: Ubuntu 20.04 -- gcc 9.3.0
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps interfaces)
The graph below shows the expected throughput behavior when performing a 1-1 communication between two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
By default, RTI Perftest enables batching when performing a Maximum Throughput test. The batching feature allows sending more than one data sample per RTPS packet, improving network performance for small data sizes. See the RTI Connext Core Libraries User’s Manual for more information on batching.
The batch maximum size is set by RTI Perftest to be 8192 bytes; after 8192 bytes, batching is not enabled.
Detailed Statistics
This table contains the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
91878124 |
4588124 |
1174.6 |
0 |
0.00 |
64 |
82005698 |
4094931 |
2096.6 |
0 |
0.00 |
128 |
69318848 |
3461481 |
3544.6 |
0 |
0.00 |
256 |
51400544 |
2567050 |
5257.3 |
0 |
0.00 |
512 |
33976856 |
1696920 |
6950.6 |
0 |
0.00 |
1024 |
20350752 |
1016365 |
8326.1 |
0 |
0.00 |
2048 |
11159360 |
557212 |
9129.4 |
0 |
0.00 |
4096 |
5939081 |
296596 |
9718.9 |
0 |
0.00 |
8192 |
3005076 |
150203 |
9843.8 |
0 |
0.00 |
16384 |
1508811 |
75432 |
9887.0 |
0 |
0.00 |
32768 |
756040 |
37797 |
9908.3 |
0 |
0.00 |
63000 |
393534 |
19674 |
9915.8 |
0 |
0.00 |
No protection
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
91920640 |
4590242 |
1175.1 |
0 |
0.00 |
64 |
82317543 |
4111405 |
2105.0 |
0 |
0.00 |
128 |
69787520 |
3484979 |
3568.6 |
0 |
0.00 |
256 |
52236544 |
2608886 |
5343.0 |
0 |
0.00 |
512 |
34396160 |
1718005 |
7037.0 |
0 |
0.00 |
1024 |
20276384 |
1012773 |
8296.6 |
0 |
0.00 |
2048 |
11279401 |
563209 |
9227.6 |
0 |
0.00 |
4096 |
5937300 |
296540 |
9717.0 |
0 |
0.00 |
8192 |
3005069 |
150211 |
9844.2 |
0 |
0.00 |
16384 |
1508814 |
75431 |
9887.0 |
0 |
0.00 |
32768 |
756054 |
37797 |
9908.3 |
0 |
0.00 |
63000 |
393536 |
19674 |
9915.8 |
0 |
0.00 |
RTPS Sign
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
85943084 |
4291774 |
1098.7 |
0 |
0.00 |
64 |
73294848 |
3659911 |
1873.9 |
0 |
0.00 |
128 |
57975616 |
2894989 |
2964.5 |
0 |
0.00 |
256 |
39863265 |
1990528 |
4076.6 |
0 |
0.00 |
512 |
24563840 |
1226738 |
5024.7 |
0 |
0.00 |
1024 |
10448502 |
695507 |
5697.6 |
0 |
0.00 |
2048 |
7447552 |
371929 |
6093.7 |
0 |
0.00 |
4096 |
2901620 |
193124 |
6328.3 |
0 |
0.00 |
8192 |
2221701 |
110936 |
7270.4 |
0 |
0.00 |
16384 |
1502640 |
75102 |
9843.9 |
0 |
0.00 |
32768 |
754535 |
37714 |
9886.7 |
0 |
0.00 |
63000 |
393131 |
19651 |
9904.6 |
0 |
0.00 |
RTPS Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
84284058 |
4208827 |
1077.5 |
0 |
0.00 |
64 |
71587304 |
3574623 |
1830.2 |
0 |
0.00 |
128 |
55901351 |
2791404 |
2858.4 |
0 |
0.00 |
256 |
28295503 |
1883043 |
3856.5 |
0 |
0.00 |
512 |
17388824 |
1157491 |
4741.1 |
0 |
0.00 |
1024 |
12908664 |
644585 |
5280.4 |
0 |
0.00 |
2048 |
5225424 |
347810 |
5698.5 |
0 |
0.00 |
4096 |
2700048 |
179716 |
5889.0 |
0 |
0.00 |
8192 |
2046181 |
102181 |
6696.5 |
0 |
0.00 |
16384 |
1502090 |
75015 |
9832.4 |
0 |
0.00 |
32768 |
754400 |
37705 |
9884.2 |
0 |
0.00 |
63000 |
393099 |
19649 |
9903.2 |
0 |
0.00 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
80833684 |
4036628 |
1033.4 |
0 |
0.00 |
64 |
66448000 |
3317988 |
1698.8 |
0 |
0.00 |
128 |
50177088 |
2505595 |
2565.7 |
0 |
0.00 |
256 |
32248768 |
1610338 |
3298.0 |
0 |
0.00 |
512 |
19093681 |
953524 |
3905.6 |
0 |
0.00 |
1024 |
10633896 |
531006 |
4350.0 |
0 |
0.00 |
2048 |
5551636 |
277251 |
4542.5 |
0 |
0.00 |
4096 |
2856182 |
142623 |
4673.5 |
0 |
0.00 |
8192 |
1547183 |
77257 |
5063.2 |
0 |
0.00 |
16384 |
1203056 |
60090 |
7876.1 |
0 |
0.00 |
32768 |
753320 |
37640 |
9867.2 |
0 |
0.00 |
63000 |
392793 |
19631 |
9894.3 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
76884609 |
3839203 |
982.8 |
0 |
0.00 |
64 |
60054394 |
2998850 |
1535.4 |
0 |
0.00 |
128 |
42975980 |
2146011 |
2197.5 |
0 |
0.00 |
256 |
28086656 |
1402682 |
2872.7 |
0 |
0.00 |
512 |
15956128 |
796851 |
3263.9 |
0 |
0.00 |
1024 |
8734800 |
436243 |
3573.7 |
0 |
0.00 |
2048 |
4511796 |
225315 |
3691.6 |
0 |
0.00 |
4096 |
2348820 |
117288 |
3843.3 |
0 |
0.00 |
8192 |
1269499 |
63417 |
4156.1 |
0 |
0.00 |
16384 |
950124 |
47463 |
6221.1 |
0 |
0.00 |
32768 |
636761 |
31805 |
8337.5 |
0 |
0.00 |
63000 |
392701 |
19610 |
9883.6 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
81239296 |
4056861 |
1038.6 |
0 |
0.00 |
64 |
66609116 |
3326160 |
1703.0 |
0 |
0.00 |
128 |
48104769 |
2401926 |
2459.6 |
0 |
0.00 |
256 |
33469270 |
1671259 |
3422.7 |
0 |
0.00 |
512 |
14845325 |
988068 |
4047.1 |
0 |
0.00 |
1024 |
8215480 |
546861 |
4479.9 |
0 |
0.00 |
2048 |
5831201 |
291176 |
4770.6 |
0 |
0.00 |
4096 |
2985514 |
149080 |
4885.1 |
0 |
0.00 |
8192 |
1250586 |
83243 |
5455.5 |
0 |
0.00 |
16384 |
1248274 |
62352 |
8172.7 |
0 |
0.00 |
32768 |
753470 |
37642 |
9867.8 |
0 |
0.00 |
63000 |
392799 |
19632 |
9894.6 |
0 |
0.00 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13export run_batching_tests="1"
14export run_no_batching_tests="1"
15
16# We will use some colors to improve visibility of errors and info messages.
17RED='\033[0;31m'
18GREEN='\033[0;32m'
19YELLOW='\033[0;33m'
20BLUE='\033[0;34m'
21LIGHTBLUE='\033[0;36m'
22NC='\033[0m'
23INFO_TAG="${GREEN}[INFO][$role]:${NC}"
24WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
25ERROR_TAG="${RED}[ERROR][$role]:${NC}"
26
27################################################################################
28
29function disable_colors() {
30 export RED=""
31 export GREEN=""
32 export YELLOW=""
33 export NC=""
34 export BLUE=""
35 export LIGHTBLUE=""
36 export INFO_TAG="${GREEN}[INFO][$role]:${NC}"
37 export WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
38 export ERROR_TAG="${RED}[ERROR][$role]:${NC}"
39}
40
41function change_domain() {
42 if [[ "$domain" == "1" ]]; then
43 export domain="2"
44 else
45 export domain="1"
46 fi
47}
48
49# Function to process and append lines to the output file
50function append_to_output_file() {
51 local line=${1?line required}; readonly line
52 local append=$(echo "${2?append required}" | tr -s ' '); readonly append
53 local file=${3?file required}; readonly file
54 if [[ "${line: -1}" == $'\n' ]]; then
55 line="${line::-1}"
56 fi
57 echo "${line}${append}" >> "$file"
58}
59
60# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
61function execute_test() {
62
63 local keyed_unkeyed=$1
64 local rel_be=$2
65 local datasizes_test=$3
66 local other_args=$4
67 local name_suffix=$5
68
69 local commands_string_test=$commands_string
70 local tag=""
71
72 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
73 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
74 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
75 else
76 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
77 fi
78
79 if [[ "${rel_be}" == "be" ]]; then
80 commands_string_test="${commands_string_test} -bestEffort"
81 tag="${tag}${YELLOW}BE${NC}]"
82 else
83 tag="${tag}${RED}REL${NC}]"
84 fi
85
86 # If batch_size is set, we will add it to the command line of the publisher side.
87 if [[ "$batch_size" != "" && "$role" == "pub" ]]; then
88 commands_string_test="${commands_string_test} -batchSize $batch_size"
89 fi
90
91 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
92
93 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
94
95 if [[ "$role" == "pub" ]]; then
96 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
97 fi
98
99 if [[ "$thread_cpu_affinity" != "" ]]; then
100 commands_string_test="${commands_string_test} -threadCPUAffinity $thread_cpu_affinity"
101 fi
102
103 local pre_command_string=""
104
105 if [[ "$thread_priorities" != "" ]]; then
106 echo -e "${WARNING_TAG} Thread priorities enabled, this requires using sudo"
107 # When using sudo, the LD_LIBRARY_PATH is emptied, hence we need to set it again in the command itself
108 export LD_LIBRARY_PATH_COPIED="$LD_LIBRARY_PATH"
109 pre_command_string="sudo LD_LIBRARY_PATH=$LD_LIBRARY_PATH_COPIED "
110 commands_string_test="${commands_string_test} -threadPriorities $thread_priorities"
111 fi
112
113 if [[ "$pin_memory" != "" ]]; then
114 commands_string_test="${commands_string_test} -pinMemory"
115 fi
116
117 if [[ "$no_taskset" == "" && "$thread_cpu_affinity" == "" && "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
118 pre_command_string="$pre_command_string taskset -c $core"
119 fi
120
121 if [[ "$LANGUAGE" == "python" ]]; then
122 pre_command_string="$pre_command_string python3 "
123 fi
124
125 if [[ "$DOCKER" == "1" ]]; then
126 pre_command_string="$pre_command_string docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
127 executable=""
128 fi
129
130 # Get the aprox time this will take:
131 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
132 total_time=$((total_tests * exec_time))
133
134 touch $output_file
135 local no_headers=""
136 local current_test=0
137 for index in $(seq 1 ${num_reps}); do
138 for DATALEN in ${datasizes_test}; do
139 current_test=$((current_test + 1))
140
141 if [[ ! -s $output_file ]]; then
142 echo -e "${INFO_TAG} Output file is empty, filling the header."
143 no_headers=""
144 else
145 echo -e "${INFO_TAG} Output file is not empty."
146 no_headers=" -noOutputHeaders"
147 fi
148
149 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
150 if [[ "$role" == "pub" ]]; then
151 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
152 echo -e ${BLUE}$command${NC}
153 else
154 echo -e ${LIGHTBLUE}$command${NC}
155 fi
156
157 # In certain cases we need to wait a bit before running the test, this is
158 # because the previous test might not be finished on the other side yet, or because the
159 # discovery mechanism does not work like in connext DDS.
160 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
161 sleep 3
162 fi
163 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
164 sleep 5
165 fi
166
167 # Gather netstat info before running the test
168 if [[ "${get_netstat_info}" == "1" ]]; then
169 echo -e "${INFO_TAG} Getting netstat info before"
170 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
171 fi
172
173 # Execute the command and capture the output
174 if [[ $LANGUAGE == "c++98" || $LANGUAGE == "" ]]; then
175 echo -e "${INFO_TAG} Using C++98, using -outputFile option"
176 touch ${output_file}_tmp_line
177 chmod 777 ${output_file}_tmp_line
178 eval $command -outputFile ${output_file}_tmp_line
179 else
180 eval $command > ${output_file}_tmp_line
181 fi
182
183 number_of_lines=$(wc -l < ${output_file}_tmp_line)
184 echo -e "${INFO_TAG} Size of the output text: $number_of_lines lines"
185
186 # Check if this is the first test for this output file.
187 local is_first_test=0
188 if [[ ! -s $output_file ]]; then
189 is_first_test=1
190 fi
191 local expected_lines=$((is_first_test+1))
192
193 if [[ $number_of_lines -ne ${expected_lines} ]]; then
194 echo -e "${WARNING_TAG} The output text should have ${expected_lines} lines, but it has ${number_of_lines}."
195 echo -e "${RED} The content is: \n\"\"\""
196 cat ${output_file}_tmp_line
197 echo -e "\"\"\""
198 echo -e "Not adding it to the output file. ${NC}"
199 else
200 if [[ $number_of_lines -gt 1 ]]; then
201 header_line=$(head -n 1 "${output_file}_tmp_line")
202 echo -e "${INFO_TAG} Header line is: $header_line"
203 fi
204 result_line=$(tail -n 1 "${output_file}_tmp_line")
205 echo -e "${INFO_TAG} Result line is: $result_line"
206
207 # If this is the first test, we need to add the header line to the output file
208 if [[ $is_first_test -eq 1 ]]; then
209 append_to_output_file "$header_line" ", command-line" $output_file
210 fi
211
212 command=$(echo $command | sed 's/,/:comma:/g')
213 # Remove the `"` characters from the command line
214 command=$(echo $command | sed 's/\"//g')
215
216 # Append the result line to the output file
217 append_to_output_file "$result_line" ", $command" $output_file
218 fi
219
220 # Always remove the temporary file
221 rm -rf ${output_file}_tmp_line
222
223 # Gather netstat info after running the test
224 if [[ "${get_netstat_info}" == "1" ]]; then
225 echo -e "${INFO_TAG} Getting netstat info after"
226 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
227 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
228 python3 $script_location/../../../tools/diff_netstat_output.py \
229 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
230 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
231 -d $DATALEN $no_header_netstat \
232 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
233 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
234 no_header_netstat=" -nh"
235 fi
236
237 change_domain
238 done
239 done
240}
241
242################################################################################
243# PARSE COMMAND LINE OPTIONS:
244
245while [ "$1" != "" ]; do
246 case $1 in
247 --executable)
248 executable=$2
249 shift
250 ;;
251 --docker)
252 DOCKER="1"
253 ;;
254 --output-folder)
255 output_folder=$2
256 shift
257 ;;
258 --role)
259 export role=$2
260 shift
261 ;;
262 --core)
263 export core=$2
264 shift
265 ;;
266 --assign-core-list | --thread-cpu-affinity)
267 export thread_cpu_affinity=$2
268 shift
269 ;;
270 --assign-thread-priorities | --thread-priorities)
271 export thread_priorities=$2
272 shift
273 ;;
274 --pin-memory)
275 export pin_memory="1"
276 ;;
277 --test-kind)
278 export lat_thr=$2
279 shift
280 ;;
281 --interface1)
282 export interface=$2
283 shift
284 ;;
285 --interface2)
286 export interface2=$2
287 shift
288 ;;
289 --ip1)
290 export ip1=$2
291 shift
292 ;;
293 --ip2)
294 export ip2=$2
295 shift
296 ;;
297 --repetitions)
298 export num_reps=$2
299 shift
300 ;;
301 --domain)
302 export domain=$2
303 shift
304 ;;
305 --execution-time)
306 export exec_time=$2
307 shift
308 ;;
309 --transport)
310 export transport=$2
311 shift
312 ;;
313 --datalen)
314 export datalen_input=$2
315 shift
316 ;;
317 --file-suffix)
318 export file_suffix=$2
319 shift
320 ;;
321 --folder-suffix)
322 export folder_suffix=$2
323 shift
324 ;;
325 --sub-folder)
326 sub_folder=$2
327 shift
328 ;;
329 --executable-suffix)
330 export executable_suffix=$2
331 shift
332 ;;
333 --extra-arguments)
334 export extra_arguments=$2
335 shift
336 ;;
337 --extra-arguments-pub)
338 export extra_arguments_pub=$2
339 shift
340 ;;
341 --extra-arguments-sub)
342 export extra_arguments_sub=$2
343 shift
344 ;;
345 --skip-be)
346 export skip_be_tests="1"
347 ;;
348 --skip-rel)
349 export skip_rel_tests="1"
350 ;;
351 --skip-keyed)
352 export skip_keyed_data="1"
353 ;;
354 --skip-large-data)
355 export skip_large_data="1"
356 ;;
357 --large-data)
358 export large_data="1"
359 ;;
360 --keyed)
361 export skip_unkeyed="1"
362 ;;
363 --unkeyed)
364 export skip_keyed_data="1"
365 ;;
366 --no-batching | --skip-batching)
367 export run_batching_tests="0"
368 export run_no_batching_tests="1"
369 ;;
370 --skip-no-batching)
371 export run_batching_tests="1"
372 export run_no_batching_tests="0"
373 ;;
374 --batch-size)
375 export batch_size=$2
376 shift
377 ;;
378 --reliable)
379 export skip_be_tests="1"
380 ;;
381 --best-effort)
382 export skip_rel_tests="1"
383 ;;
384 --security-gov)
385 export security_only="$2"
386 shift
387 ;;
388 --micro)
389 export micro="1"
390 ;;
391 --cert)
392 export cert="1"
393 ;;
394 --raw | --raw-transport)
395 export raw="1"
396 ;;
397 --tss)
398 export tss="1"
399 ;;
400 --no-colors)
401 export NO_COLORS="1"
402 ;;
403 --language)
404 export LANGUAGE=$2
405 shift
406 ;;
407 --loss-rate)
408 export loss_rate=$2
409 shift
410 ;;
411 --get-netstat-info | --netstat)
412 export get_netstat_info="1"
413 ;;
414 --reduced-data-sizes-set)
415 export REDUCED_DATA_SIZES_SET="1"
416 ;;
417 --dont-change-tuned-settings)
418 export dont_change_tuned_settings="1"
419 ;;
420 --no-taskset)
421 export no_taskset=1
422 ;;
423 *)
424 echo -e "unknown parameter \"$1\""
425 exit 255
426 ;;
427 esac
428 shift
429done
430
431if [[ "$NO_COLORS" == "1" ]]; then
432 disable_colors
433fi
434
435export folder_base="$(dirname "${executable}")"/../../..
436
437if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
438 export folder_base="$(dirname "${executable}")"/../..
439fi
440if [[ $tss == "1" ]]; then
441 export folder_base="$(dirname "${executable}")"/../../../../..
442fi
443
444if [[ "${executable_suffix}" != "" ]]; then
445 export executable="${executable}${executable_suffix}"
446fi
447
448if [[ -n "${folder_suffix}" ]]; then
449 export output_folder="${output_folder}${folder_suffix}"
450fi
451
452if [[ -n "${sub_folder}" ]]; then
453 export output_folder="${output_folder}/${sub_folder}"
454fi
455
456echo -e "${INFO_TAG} Perftest executable is: $executable"
457echo -e "${INFO_TAG} Output folder is: $output_folder"
458
459################################################################################
460
461if [[ "$LANGUAGE" == "python" ]]; then
462 export skip_keyed_data="1"
463 export skip_large_data="1"
464 export skip_be_tests="1"
465 export run_no_batching_tests="0"
466fi
467
468if [[ "${skip_large_data}" == "1" ]]; then
469 export datasizes_extended=${datasizes}
470elif [[ "${large_data}" == "1" ]]; then
471 export datasizes=${datasizes_extended}
472fi
473
474if [[ "${datalen_input}" != "" ]]; then
475 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
476 export datasizes=${datalen_input}
477 export datasizes_extended=${datalen_input}
478 if [[ "${run_no_batching_tests}" == "1" && "${run_batching_tests}" == "0" ]]; then
479 export skip_large_data="1"
480 fi
481else
482 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
483 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
484 export datasizes="32 128 512 2048 8192 32768 63000"
485 export datasizes_extended="${datasizes} 102400 1048576 10485760"
486 fi
487fi
488
489if [[ "$role" != "pub" && "$role" != "sub" ]]; then
490 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
491 exit 255
492fi
493
494if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
495 echo -e "${ERROR_TAG} It must be either lat or thr"
496 exit 255
497fi
498
499if [[ "${interface}" == "" ]]; then
500 echo "Using default nics"
501 export nic_publisher=${ip_machine_1}
502 export nic_subscriber=${ip_machine_2}
503elif [[ "${interface}" == "both" ]]; then
504 export nic_publisher="enp1s0f0,eno1"
505 export nic_subscriber="enp1s0f0,eno1"
506 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
507 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
508else
509 export nic_publisher=$interface
510 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
511
512 if [[ "${interface2}" == "" ]]; then
513 export nic_subscriber=$interface
514 else
515 export nic_subscriber=$interface2
516 fi
517 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
518
519 if [[ "${ip1}" != "" ]]; then
520 export ip_publisher=$ip1
521 echo "Using ip_publisher: ${ip_publisher}"
522 fi
523
524 if [[ "${ip2}" != "" ]]; then
525 export ip_subscriber=$ip2
526 echo "Using ip_subscriber: ${ip_subscriber}"
527 fi
528
529fi
530
531export transport_string="-transport $transport"
532
533if [[ "$transport" == "UDPv4" ]]; then
534
535 export transport_string_pub="$transport_string -nic $nic_publisher"
536 export transport_string_sub="$transport_string -nic $nic_subscriber"
537
538 if [[ "$raw" == "1" ]]; then
539 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
540 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
541 fi
542
543 if [[ "$micro" == "1" || "$cert" == "1" ]]; then
544 export transport_string_pub="$transport_string_pub -peer _udp://${ip_subscriber}"
545 export transport_string_sub="$transport_string_sub -peer _udp://${ip_publisher}"
546 fi
547
548elif [[ "$transport" == "TCP" ]]; then
549 export transport_string_pub="$transport_string \
550 -nic $nic_publisher \
551 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
552 export transport_string_sub="$transport_string \
553 -nic $nic_subscriber \
554 -peer 0@tcpv4_lan://${ip_publisher}:7400"
555elif [[ "$transport" == "TLS" ]]; then
556 export transport_string_pub="$transport_string \
557 -nic $nic_publisher \
558 -peer tlsv4_lan://${ip_subscriber}:7400"
559 export transport_string_sub="$transport_string \
560 -nic $nic_subscriber \
561 -peer tlsv4_lan://${ip_publisher}:7400"
562elif [[ "$transport" == "UDPv4_WAN" ]]; then
563 export transport_string_pub="$transport_string \
564 -nic $nic_publisher \
565 -transportPublicAddress $ip_publisher:7400"
566 export transport_string_sub="$transport_string \
567 -nic $nic_subscriber \
568 -peer 0@udpv4_wan://${ip_publisher}:7400"
569else
570 export transport_string_pub="$transport_string"
571 export transport_string_sub="$transport_string"
572fi
573
574################################################################################
575
576export pub_string="-pub \
577 ${transport_string_pub} \
578 -noPrintIntervals \
579 -executionTime $exec_time"
580
581if [[ ${lat_thr} == "lat" ]]; then
582 export pub_string="$pub_string \
583 -latencyTest"
584fi
585
586export sub_string="-sub \
587 ${transport_string_sub} \
588 -noPrintIntervals"
589
590if [[ "$role" == "pub" ]]; then
591 echo -e "$INFO_TAG Publisher side running"
592 export commands_string=${pub_string}
593 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
594else
595 echo -e "$INFO_TAG Subscriber side running"
596 export commands_string=${sub_string}
597 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
598fi
599
600###############################################################################
601
602if [[ "$dont_change_tuned_settings" != "1" ]]; then
603 echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
604 sudo /set_${lat_thr}_mode.sh
605 sleep 5
606fi
607
608echo -e "${INFO_TAG} Disabling any loss rate"
609sudo tc qdisc add dev $nic_publisher root netem loss 0%
610sudo tc qdisc del dev $nic_publisher root netem loss 0%
611
612if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
613 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
614 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
615fi
616
617cd $folder_base
618echo -e "${INFO_TAG} Folder Base is: $PWD"
619mkdir -p $output_folder
620
621if [[ "${batch_size}" != "" ]]; then
622 if [[ "${lat_thr}" == "thr" ]]; then
623 if [[ "${batch_size}" -eq 0 ]]; then
624 echo -e "${INFO_TAG} Batch size is set to 0"
625 export run_batching_tests="0"
626 export run_no_batching_tests="1"
627 else
628 echo -e "${INFO_TAG} Batch size is set to ${batch_size}"
629 export run_batching_tests="1"
630 export run_no_batching_tests="0"
631 fi
632 else
633 echo -e "${INFO_TAG} Batch size is set to ${batch_size}. This value will be ignored for latency tests."
634 unset batch_size
635 fi
636fi
637
638# Tests that may use batching (when doing throughput tests). Also Latency tests.
639if [[ ${run_batching_tests} == "1" ]]; then
640
641 # UNKEYED
642 if [[ "${skip_unkeyed}" == "" ]]; then
643
644 # RELIABLE
645 if [[ "${skip_rel_tests}" == "" ]]; then
646 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
647 fi
648
649 # BEST EFFORT
650 if [[ "${skip_be_tests}" == "" ]]; then
651 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
652 fi
653 fi
654
655 # KEYED
656 if [[ "${skip_keyed_data}" == "" ]]; then
657
658 # RELIABLE
659 if [[ "${skip_rel_tests}" == "" ]]; then
660 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
661 fi
662
663 # BEST EFFORT
664 if [[ "${skip_be_tests}" == "" ]]; then
665 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
666 fi
667 fi
668
669fi
670
671# Tests that will not use batching
672if [[ "${lat_thr}" == "thr" && "${run_no_batching_tests}" == "1" ]]; then
673
674 if [[ "$role" == "pub" ]]; then
675 export commands_string="${commands_string} -batchSize 0"
676 fi
677
678 # UNKEYED
679 if [[ "${skip_unkeyed}" == "" ]]; then
680
681 # RELIABLE
682 if [[ "${skip_rel_tests}" == "" ]]; then
683 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
684 fi
685
686 # BEST EFFORT
687 if [[ "${skip_be_tests}" == "" ]]; then
688 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
689 fi
690 fi
691
692 # KEYED
693 if [[ "${skip_keyed_data}" == "" ]]; then
694
695 # RELIABLE
696 if [[ "${skip_rel_tests}" == "" ]]; then
697 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
698 fi
699
700 # BEST EFFORT
701 if [[ "${skip_be_tests}" == "" ]]; then
702 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
703 fi
704 fi
705
706fi
707
708if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
709 echo -e "${INFO_TAG} Disabling loss rate"
710 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
711fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-be --skip-no-batching \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-be --skip-no-batching \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-be --skip-no-batching \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-be --skip-no-batching \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-be --skip-no-batching \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-be --skip-no-batching \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-be --skip-no-batching \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Linux Nodes
Dell R340 Servers (13 Units)
Processor: Intel Xeon E-2278G (3.4-5GHz, 8c/16t, 16MB cache, 2 memory channels @2666MHz)
RAM: 4x 16GB 2666MHz DIMM (64GB RAM)
HD: 480GB SATA SSD
NIC 1: Intel 710 dual port 10Gbps SFP
OS: Ubuntu 20.04 -- gcc 9.3.0
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps interfaces)
The graph below shows the one-way latency without load between a Publisher and a Subscriber running in two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
We use the median (50th percentile) instead of the average in order to get a more stable measurement that does not account for spurious outliers. We also calculate the average value and other percentile values, which can be seen in the Detailed Statistics section below.
Detailed Statistics
The following tables contain the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
138 |
20.5 |
110 |
1780 |
131 |
164 |
201 |
391 |
1780 |
64 |
142 |
22.3 |
115 |
1634 |
134 |
178 |
208 |
526 |
1634 |
128 |
139 |
20.6 |
113 |
1711 |
133 |
161 |
203 |
544 |
1711 |
256 |
144 |
23.4 |
116 |
1653 |
136 |
179 |
215 |
548 |
1653 |
512 |
153 |
22.5 |
123 |
1362 |
144 |
190 |
223 |
478 |
1362 |
1024 |
171 |
23.7 |
135 |
1709 |
163 |
201 |
246 |
589 |
1709 |
2048 |
220 |
23.2 |
175 |
1466 |
212 |
244 |
300 |
746 |
1466 |
4096 |
243 |
28.0 |
201 |
2452 |
237 |
262 |
361 |
889 |
2452 |
8192 |
311 |
42.2 |
248 |
5301 |
304 |
336 |
422 |
1768 |
5301 |
16384 |
456 |
55.9 |
387 |
6588 |
447 |
490 |
568 |
1732 |
6588 |
32768 |
774 |
49.8 |
692 |
3569 |
765 |
825 |
904 |
1717 |
3569 |
63000 |
1324 |
78.8 |
1185 |
4067 |
1314 |
1382 |
1473 |
4067 |
4067 |
No protection
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
140 |
21.7 |
115 |
1700 |
133 |
163 |
206 |
553 |
1700 |
64 |
141 |
23.1 |
111 |
1975 |
133 |
173 |
206 |
807 |
1975 |
128 |
143 |
41.6 |
119 |
5259 |
134 |
180 |
217 |
1312 |
5259 |
256 |
144 |
23.5 |
117 |
1846 |
136 |
182 |
215 |
544 |
1846 |
512 |
152 |
23.2 |
122 |
1595 |
143 |
188 |
224 |
548 |
1595 |
1024 |
169 |
25.5 |
133 |
1585 |
160 |
206 |
246 |
666 |
1585 |
2048 |
219 |
25.0 |
175 |
2002 |
211 |
247 |
297 |
939 |
2002 |
4096 |
239 |
26.0 |
188 |
1948 |
233 |
259 |
327 |
1280 |
1948 |
8192 |
312 |
33.7 |
274 |
3078 |
305 |
337 |
414 |
1716 |
3078 |
16384 |
462 |
57.0 |
387 |
6649 |
453 |
498 |
573 |
1549 |
6649 |
32768 |
774 |
58.8 |
695 |
3497 |
764 |
825 |
913 |
2900 |
3497 |
63000 |
1324 |
68.4 |
1214 |
3743 |
1315 |
1382 |
1461 |
3743 |
3743 |
RTPS Sign
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
173 |
22.7 |
145 |
1780 |
168 |
189 |
248 |
1250 |
1780 |
64 |
174 |
22.0 |
144 |
1899 |
168 |
190 |
252 |
480 |
1899 |
128 |
179 |
18.8 |
152 |
1515 |
174 |
194 |
252 |
553 |
1515 |
256 |
183 |
47.6 |
150 |
9392 |
178 |
199 |
258 |
696 |
9392 |
512 |
193 |
22.8 |
161 |
2431 |
188 |
209 |
266 |
764 |
2431 |
1024 |
221 |
23.6 |
187 |
1727 |
215 |
242 |
304 |
749 |
1727 |
2048 |
305 |
27.5 |
241 |
1731 |
298 |
334 |
394 |
965 |
1731 |
4096 |
393 |
34.6 |
339 |
1957 |
385 |
429 |
502 |
1128 |
1957 |
8192 |
574 |
45.8 |
477 |
1994 |
564 |
619 |
714 |
1895 |
1994 |
16384 |
947 |
56.4 |
850 |
2548 |
937 |
1011 |
1101 |
2448 |
2548 |
32768 |
1687 |
63.8 |
1452 |
3462 |
1673 |
1754 |
1867 |
3462 |
3462 |
63000 |
3021 |
148.3 |
2516 |
5621 |
3017 |
3192 |
3352 |
5621 |
5621 |
RTPS Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
175 |
19.8 |
147 |
1969 |
170 |
190 |
245 |
593 |
1969 |
64 |
179 |
21.0 |
152 |
1763 |
174 |
194 |
255 |
744 |
1763 |
128 |
184 |
20.6 |
160 |
1486 |
179 |
199 |
255 |
736 |
1486 |
256 |
191 |
20.7 |
169 |
1492 |
185 |
207 |
271 |
594 |
1492 |
512 |
216 |
21.7 |
183 |
1796 |
210 |
233 |
294 |
608 |
1796 |
1024 |
262 |
26.2 |
229 |
1886 |
255 |
283 |
360 |
822 |
1886 |
2048 |
387 |
35.5 |
309 |
1796 |
379 |
421 |
499 |
1365 |
1796 |
4096 |
533 |
34.7 |
461 |
1425 |
526 |
572 |
645 |
1272 |
1425 |
8192 |
879 |
71.0 |
753 |
5152 |
866 |
947 |
1041 |
2218 |
5152 |
16384 |
1539 |
83.7 |
1334 |
3203 |
1532 |
1640 |
1752 |
3203 |
3203 |
32768 |
2847 |
150.8 |
2379 |
7556 |
2836 |
2995 |
3158 |
7556 |
7556 |
63000 |
5080 |
237.2 |
4119 |
9510 |
5126 |
5250 |
5589 |
9510 |
9510 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
213 |
24.8 |
187 |
1842 |
207 |
233 |
303 |
631 |
1842 |
64 |
219 |
22.5 |
190 |
1578 |
213 |
239 |
303 |
682 |
1578 |
128 |
225 |
22.8 |
193 |
1471 |
219 |
244 |
309 |
723 |
1471 |
256 |
244 |
36.9 |
209 |
5527 |
237 |
267 |
330 |
867 |
5527 |
512 |
269 |
30.0 |
232 |
2255 |
263 |
291 |
353 |
1503 |
2255 |
1024 |
331 |
32.2 |
280 |
2182 |
324 |
356 |
433 |
1393 |
2182 |
2048 |
479 |
40.8 |
393 |
2403 |
471 |
515 |
598 |
2225 |
2403 |
4096 |
681 |
52.0 |
563 |
2625 |
671 |
737 |
829 |
2390 |
2625 |
8192 |
1121 |
86.5 |
931 |
6080 |
1113 |
1192 |
1291 |
6080 |
6080 |
16384 |
1966 |
106.2 |
1684 |
4384 |
1963 |
2085 |
2201 |
4384 |
4384 |
32768 |
3804 |
277.8 |
3037 |
6965 |
3779 |
4165 |
4479 |
6965 |
6965 |
63000 |
6571 |
426.1 |
5540 |
9020 |
6514 |
7165 |
7601 |
9020 |
9020 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
242 |
38.2 |
211 |
5737 |
236 |
265 |
332 |
845 |
5737 |
64 |
254 |
35.3 |
216 |
4788 |
247 |
278 |
345 |
928 |
4788 |
128 |
263 |
41.7 |
226 |
5432 |
256 |
288 |
362 |
1745 |
5432 |
256 |
289 |
58.0 |
242 |
6712 |
281 |
313 |
384 |
1960 |
6712 |
512 |
330 |
35.2 |
285 |
2198 |
323 |
358 |
435 |
1765 |
2198 |
1024 |
424 |
34.1 |
362 |
1678 |
415 |
456 |
542 |
1283 |
1678 |
2048 |
640 |
47.7 |
560 |
2426 |
630 |
688 |
783 |
1989 |
2426 |
4096 |
966 |
65.3 |
825 |
3945 |
955 |
1034 |
1130 |
3945 |
3945 |
8192 |
1653 |
78.2 |
1355 |
3305 |
1642 |
1746 |
1841 |
3305 |
3305 |
16384 |
2968 |
161.3 |
2521 |
5857 |
2953 |
3163 |
3343 |
5857 |
5857 |
32768 |
5678 |
191.3 |
4896 |
11004 |
5693 |
5779 |
6054 |
11004 |
11004 |
63000 |
12092 |
1969.3 |
7947 |
17388 |
11860 |
15069 |
16819 |
17388 |
17388 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Ave (μs) |
Std (μs) |
Min (μs) |
Max (μs) |
50% (μs) |
90% (μs) |
99% (μs) |
99.99% (μs) |
99.9999% (μs) |
|---|---|---|---|---|---|---|---|---|---|
32 |
203 |
20.9 |
177 |
716 |
197 |
220 |
287 |
604 |
716 |
64 |
202 |
22.9 |
170 |
1944 |
196 |
220 |
284 |
623 |
1944 |
128 |
216 |
24.1 |
188 |
1716 |
211 |
234 |
304 |
739 |
1716 |
256 |
225 |
26.5 |
192 |
3051 |
219 |
244 |
307 |
881 |
3051 |
512 |
255 |
27.5 |
217 |
2246 |
249 |
279 |
355 |
830 |
2246 |
1024 |
312 |
23.4 |
263 |
1232 |
307 |
333 |
400 |
697 |
1232 |
2048 |
467 |
39.5 |
383 |
2252 |
458 |
504 |
593 |
1832 |
2252 |
4096 |
678 |
53.5 |
537 |
2595 |
668 |
733 |
825 |
2570 |
2595 |
8192 |
1107 |
76.0 |
937 |
3775 |
1098 |
1179 |
1289 |
3775 |
3775 |
16384 |
1963 |
106.4 |
1569 |
3616 |
1961 |
2079 |
2202 |
3616 |
3616 |
32768 |
3800 |
269.5 |
2979 |
6400 |
3792 |
4145 |
4412 |
6400 |
6400 |
63000 |
6751 |
520.3 |
5551 |
12264 |
6759 |
7380 |
7920 |
12264 |
12264 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13export run_batching_tests="1"
14export run_no_batching_tests="1"
15
16# We will use some colors to improve visibility of errors and info messages.
17RED='\033[0;31m'
18GREEN='\033[0;32m'
19YELLOW='\033[0;33m'
20BLUE='\033[0;34m'
21LIGHTBLUE='\033[0;36m'
22NC='\033[0m'
23INFO_TAG="${GREEN}[INFO][$role]:${NC}"
24WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
25ERROR_TAG="${RED}[ERROR][$role]:${NC}"
26
27################################################################################
28
29function disable_colors() {
30 export RED=""
31 export GREEN=""
32 export YELLOW=""
33 export NC=""
34 export BLUE=""
35 export LIGHTBLUE=""
36 export INFO_TAG="${GREEN}[INFO][$role]:${NC}"
37 export WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
38 export ERROR_TAG="${RED}[ERROR][$role]:${NC}"
39}
40
41function change_domain() {
42 if [[ "$domain" == "1" ]]; then
43 export domain="2"
44 else
45 export domain="1"
46 fi
47}
48
49# Function to process and append lines to the output file
50function append_to_output_file() {
51 local line=${1?line required}; readonly line
52 local append=$(echo "${2?append required}" | tr -s ' '); readonly append
53 local file=${3?file required}; readonly file
54 if [[ "${line: -1}" == $'\n' ]]; then
55 line="${line::-1}"
56 fi
57 echo "${line}${append}" >> "$file"
58}
59
60# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
61function execute_test() {
62
63 local keyed_unkeyed=$1
64 local rel_be=$2
65 local datasizes_test=$3
66 local other_args=$4
67 local name_suffix=$5
68
69 local commands_string_test=$commands_string
70 local tag=""
71
72 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
73 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
74 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
75 else
76 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
77 fi
78
79 if [[ "${rel_be}" == "be" ]]; then
80 commands_string_test="${commands_string_test} -bestEffort"
81 tag="${tag}${YELLOW}BE${NC}]"
82 else
83 tag="${tag}${RED}REL${NC}]"
84 fi
85
86 # If batch_size is set, we will add it to the command line of the publisher side.
87 if [[ "$batch_size" != "" && "$role" == "pub" ]]; then
88 commands_string_test="${commands_string_test} -batchSize $batch_size"
89 fi
90
91 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
92
93 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
94
95 if [[ "$role" == "pub" ]]; then
96 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
97 fi
98
99 if [[ "$thread_cpu_affinity" != "" ]]; then
100 commands_string_test="${commands_string_test} -threadCPUAffinity $thread_cpu_affinity"
101 fi
102
103 local pre_command_string=""
104
105 if [[ "$thread_priorities" != "" ]]; then
106 echo -e "${WARNING_TAG} Thread priorities enabled, this requires using sudo"
107 # When using sudo, the LD_LIBRARY_PATH is emptied, hence we need to set it again in the command itself
108 export LD_LIBRARY_PATH_COPIED="$LD_LIBRARY_PATH"
109 pre_command_string="sudo LD_LIBRARY_PATH=$LD_LIBRARY_PATH_COPIED "
110 commands_string_test="${commands_string_test} -threadPriorities $thread_priorities"
111 fi
112
113 if [[ "$pin_memory" != "" ]]; then
114 commands_string_test="${commands_string_test} -pinMemory"
115 fi
116
117 if [[ "$no_taskset" == "" && "$thread_cpu_affinity" == "" && "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
118 pre_command_string="$pre_command_string taskset -c $core"
119 fi
120
121 if [[ "$LANGUAGE" == "python" ]]; then
122 pre_command_string="$pre_command_string python3 "
123 fi
124
125 if [[ "$DOCKER" == "1" ]]; then
126 pre_command_string="$pre_command_string docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
127 executable=""
128 fi
129
130 # Get the aprox time this will take:
131 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
132 total_time=$((total_tests * exec_time))
133
134 touch $output_file
135 local no_headers=""
136 local current_test=0
137 for index in $(seq 1 ${num_reps}); do
138 for DATALEN in ${datasizes_test}; do
139 current_test=$((current_test + 1))
140
141 if [[ ! -s $output_file ]]; then
142 echo -e "${INFO_TAG} Output file is empty, filling the header."
143 no_headers=""
144 else
145 echo -e "${INFO_TAG} Output file is not empty."
146 no_headers=" -noOutputHeaders"
147 fi
148
149 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
150 if [[ "$role" == "pub" ]]; then
151 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
152 echo -e ${BLUE}$command${NC}
153 else
154 echo -e ${LIGHTBLUE}$command${NC}
155 fi
156
157 # In certain cases we need to wait a bit before running the test, this is
158 # because the previous test might not be finished on the other side yet, or because the
159 # discovery mechanism does not work like in connext DDS.
160 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
161 sleep 3
162 fi
163 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
164 sleep 5
165 fi
166
167 # Gather netstat info before running the test
168 if [[ "${get_netstat_info}" == "1" ]]; then
169 echo -e "${INFO_TAG} Getting netstat info before"
170 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
171 fi
172
173 # Execute the command and capture the output
174 if [[ $LANGUAGE == "c++98" || $LANGUAGE == "" ]]; then
175 echo -e "${INFO_TAG} Using C++98, using -outputFile option"
176 touch ${output_file}_tmp_line
177 chmod 777 ${output_file}_tmp_line
178 eval $command -outputFile ${output_file}_tmp_line
179 else
180 eval $command > ${output_file}_tmp_line
181 fi
182
183 number_of_lines=$(wc -l < ${output_file}_tmp_line)
184 echo -e "${INFO_TAG} Size of the output text: $number_of_lines lines"
185
186 # Check if this is the first test for this output file.
187 local is_first_test=0
188 if [[ ! -s $output_file ]]; then
189 is_first_test=1
190 fi
191 local expected_lines=$((is_first_test+1))
192
193 if [[ $number_of_lines -ne ${expected_lines} ]]; then
194 echo -e "${WARNING_TAG} The output text should have ${expected_lines} lines, but it has ${number_of_lines}."
195 echo -e "${RED} The content is: \n\"\"\""
196 cat ${output_file}_tmp_line
197 echo -e "\"\"\""
198 echo -e "Not adding it to the output file. ${NC}"
199 else
200 if [[ $number_of_lines -gt 1 ]]; then
201 header_line=$(head -n 1 "${output_file}_tmp_line")
202 echo -e "${INFO_TAG} Header line is: $header_line"
203 fi
204 result_line=$(tail -n 1 "${output_file}_tmp_line")
205 echo -e "${INFO_TAG} Result line is: $result_line"
206
207 # If this is the first test, we need to add the header line to the output file
208 if [[ $is_first_test -eq 1 ]]; then
209 append_to_output_file "$header_line" ", command-line" $output_file
210 fi
211
212 command=$(echo $command | sed 's/,/:comma:/g')
213 # Remove the `"` characters from the command line
214 command=$(echo $command | sed 's/\"//g')
215
216 # Append the result line to the output file
217 append_to_output_file "$result_line" ", $command" $output_file
218 fi
219
220 # Always remove the temporary file
221 rm -rf ${output_file}_tmp_line
222
223 # Gather netstat info after running the test
224 if [[ "${get_netstat_info}" == "1" ]]; then
225 echo -e "${INFO_TAG} Getting netstat info after"
226 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
227 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
228 python3 $script_location/../../../tools/diff_netstat_output.py \
229 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
230 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
231 -d $DATALEN $no_header_netstat \
232 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
233 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
234 no_header_netstat=" -nh"
235 fi
236
237 change_domain
238 done
239 done
240}
241
242################################################################################
243# PARSE COMMAND LINE OPTIONS:
244
245while [ "$1" != "" ]; do
246 case $1 in
247 --executable)
248 executable=$2
249 shift
250 ;;
251 --docker)
252 DOCKER="1"
253 ;;
254 --output-folder)
255 output_folder=$2
256 shift
257 ;;
258 --role)
259 export role=$2
260 shift
261 ;;
262 --core)
263 export core=$2
264 shift
265 ;;
266 --assign-core-list | --thread-cpu-affinity)
267 export thread_cpu_affinity=$2
268 shift
269 ;;
270 --assign-thread-priorities | --thread-priorities)
271 export thread_priorities=$2
272 shift
273 ;;
274 --pin-memory)
275 export pin_memory="1"
276 ;;
277 --test-kind)
278 export lat_thr=$2
279 shift
280 ;;
281 --interface1)
282 export interface=$2
283 shift
284 ;;
285 --interface2)
286 export interface2=$2
287 shift
288 ;;
289 --ip1)
290 export ip1=$2
291 shift
292 ;;
293 --ip2)
294 export ip2=$2
295 shift
296 ;;
297 --repetitions)
298 export num_reps=$2
299 shift
300 ;;
301 --domain)
302 export domain=$2
303 shift
304 ;;
305 --execution-time)
306 export exec_time=$2
307 shift
308 ;;
309 --transport)
310 export transport=$2
311 shift
312 ;;
313 --datalen)
314 export datalen_input=$2
315 shift
316 ;;
317 --file-suffix)
318 export file_suffix=$2
319 shift
320 ;;
321 --folder-suffix)
322 export folder_suffix=$2
323 shift
324 ;;
325 --sub-folder)
326 sub_folder=$2
327 shift
328 ;;
329 --executable-suffix)
330 export executable_suffix=$2
331 shift
332 ;;
333 --extra-arguments)
334 export extra_arguments=$2
335 shift
336 ;;
337 --extra-arguments-pub)
338 export extra_arguments_pub=$2
339 shift
340 ;;
341 --extra-arguments-sub)
342 export extra_arguments_sub=$2
343 shift
344 ;;
345 --skip-be)
346 export skip_be_tests="1"
347 ;;
348 --skip-rel)
349 export skip_rel_tests="1"
350 ;;
351 --skip-keyed)
352 export skip_keyed_data="1"
353 ;;
354 --skip-large-data)
355 export skip_large_data="1"
356 ;;
357 --large-data)
358 export large_data="1"
359 ;;
360 --keyed)
361 export skip_unkeyed="1"
362 ;;
363 --unkeyed)
364 export skip_keyed_data="1"
365 ;;
366 --no-batching | --skip-batching)
367 export run_batching_tests="0"
368 export run_no_batching_tests="1"
369 ;;
370 --skip-no-batching)
371 export run_batching_tests="1"
372 export run_no_batching_tests="0"
373 ;;
374 --batch-size)
375 export batch_size=$2
376 shift
377 ;;
378 --reliable)
379 export skip_be_tests="1"
380 ;;
381 --best-effort)
382 export skip_rel_tests="1"
383 ;;
384 --security-gov)
385 export security_only="$2"
386 shift
387 ;;
388 --micro)
389 export micro="1"
390 ;;
391 --cert)
392 export cert="1"
393 ;;
394 --raw | --raw-transport)
395 export raw="1"
396 ;;
397 --tss)
398 export tss="1"
399 ;;
400 --no-colors)
401 export NO_COLORS="1"
402 ;;
403 --language)
404 export LANGUAGE=$2
405 shift
406 ;;
407 --loss-rate)
408 export loss_rate=$2
409 shift
410 ;;
411 --get-netstat-info | --netstat)
412 export get_netstat_info="1"
413 ;;
414 --reduced-data-sizes-set)
415 export REDUCED_DATA_SIZES_SET="1"
416 ;;
417 --dont-change-tuned-settings)
418 export dont_change_tuned_settings="1"
419 ;;
420 --no-taskset)
421 export no_taskset=1
422 ;;
423 *)
424 echo -e "unknown parameter \"$1\""
425 exit 255
426 ;;
427 esac
428 shift
429done
430
431if [[ "$NO_COLORS" == "1" ]]; then
432 disable_colors
433fi
434
435export folder_base="$(dirname "${executable}")"/../../..
436
437if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
438 export folder_base="$(dirname "${executable}")"/../..
439fi
440if [[ $tss == "1" ]]; then
441 export folder_base="$(dirname "${executable}")"/../../../../..
442fi
443
444if [[ "${executable_suffix}" != "" ]]; then
445 export executable="${executable}${executable_suffix}"
446fi
447
448if [[ -n "${folder_suffix}" ]]; then
449 export output_folder="${output_folder}${folder_suffix}"
450fi
451
452if [[ -n "${sub_folder}" ]]; then
453 export output_folder="${output_folder}/${sub_folder}"
454fi
455
456echo -e "${INFO_TAG} Perftest executable is: $executable"
457echo -e "${INFO_TAG} Output folder is: $output_folder"
458
459################################################################################
460
461if [[ "$LANGUAGE" == "python" ]]; then
462 export skip_keyed_data="1"
463 export skip_large_data="1"
464 export skip_be_tests="1"
465 export run_no_batching_tests="0"
466fi
467
468if [[ "${skip_large_data}" == "1" ]]; then
469 export datasizes_extended=${datasizes}
470elif [[ "${large_data}" == "1" ]]; then
471 export datasizes=${datasizes_extended}
472fi
473
474if [[ "${datalen_input}" != "" ]]; then
475 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
476 export datasizes=${datalen_input}
477 export datasizes_extended=${datalen_input}
478 if [[ "${run_no_batching_tests}" == "1" && "${run_batching_tests}" == "0" ]]; then
479 export skip_large_data="1"
480 fi
481else
482 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
483 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
484 export datasizes="32 128 512 2048 8192 32768 63000"
485 export datasizes_extended="${datasizes} 102400 1048576 10485760"
486 fi
487fi
488
489if [[ "$role" != "pub" && "$role" != "sub" ]]; then
490 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
491 exit 255
492fi
493
494if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
495 echo -e "${ERROR_TAG} It must be either lat or thr"
496 exit 255
497fi
498
499if [[ "${interface}" == "" ]]; then
500 echo "Using default nics"
501 export nic_publisher=${ip_machine_1}
502 export nic_subscriber=${ip_machine_2}
503elif [[ "${interface}" == "both" ]]; then
504 export nic_publisher="enp1s0f0,eno1"
505 export nic_subscriber="enp1s0f0,eno1"
506 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
507 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
508else
509 export nic_publisher=$interface
510 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
511
512 if [[ "${interface2}" == "" ]]; then
513 export nic_subscriber=$interface
514 else
515 export nic_subscriber=$interface2
516 fi
517 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
518
519 if [[ "${ip1}" != "" ]]; then
520 export ip_publisher=$ip1
521 echo "Using ip_publisher: ${ip_publisher}"
522 fi
523
524 if [[ "${ip2}" != "" ]]; then
525 export ip_subscriber=$ip2
526 echo "Using ip_subscriber: ${ip_subscriber}"
527 fi
528
529fi
530
531export transport_string="-transport $transport"
532
533if [[ "$transport" == "UDPv4" ]]; then
534
535 export transport_string_pub="$transport_string -nic $nic_publisher"
536 export transport_string_sub="$transport_string -nic $nic_subscriber"
537
538 if [[ "$raw" == "1" ]]; then
539 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
540 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
541 fi
542
543 if [[ "$micro" == "1" || "$cert" == "1" ]]; then
544 export transport_string_pub="$transport_string_pub -peer _udp://${ip_subscriber}"
545 export transport_string_sub="$transport_string_sub -peer _udp://${ip_publisher}"
546 fi
547
548elif [[ "$transport" == "TCP" ]]; then
549 export transport_string_pub="$transport_string \
550 -nic $nic_publisher \
551 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
552 export transport_string_sub="$transport_string \
553 -nic $nic_subscriber \
554 -peer 0@tcpv4_lan://${ip_publisher}:7400"
555elif [[ "$transport" == "TLS" ]]; then
556 export transport_string_pub="$transport_string \
557 -nic $nic_publisher \
558 -peer tlsv4_lan://${ip_subscriber}:7400"
559 export transport_string_sub="$transport_string \
560 -nic $nic_subscriber \
561 -peer tlsv4_lan://${ip_publisher}:7400"
562elif [[ "$transport" == "UDPv4_WAN" ]]; then
563 export transport_string_pub="$transport_string \
564 -nic $nic_publisher \
565 -transportPublicAddress $ip_publisher:7400"
566 export transport_string_sub="$transport_string \
567 -nic $nic_subscriber \
568 -peer 0@udpv4_wan://${ip_publisher}:7400"
569else
570 export transport_string_pub="$transport_string"
571 export transport_string_sub="$transport_string"
572fi
573
574################################################################################
575
576export pub_string="-pub \
577 ${transport_string_pub} \
578 -noPrintIntervals \
579 -executionTime $exec_time"
580
581if [[ ${lat_thr} == "lat" ]]; then
582 export pub_string="$pub_string \
583 -latencyTest"
584fi
585
586export sub_string="-sub \
587 ${transport_string_sub} \
588 -noPrintIntervals"
589
590if [[ "$role" == "pub" ]]; then
591 echo -e "$INFO_TAG Publisher side running"
592 export commands_string=${pub_string}
593 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
594else
595 echo -e "$INFO_TAG Subscriber side running"
596 export commands_string=${sub_string}
597 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
598fi
599
600###############################################################################
601
602if [[ "$dont_change_tuned_settings" != "1" ]]; then
603 echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
604 sudo /set_${lat_thr}_mode.sh
605 sleep 5
606fi
607
608echo -e "${INFO_TAG} Disabling any loss rate"
609sudo tc qdisc add dev $nic_publisher root netem loss 0%
610sudo tc qdisc del dev $nic_publisher root netem loss 0%
611
612if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
613 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
614 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
615fi
616
617cd $folder_base
618echo -e "${INFO_TAG} Folder Base is: $PWD"
619mkdir -p $output_folder
620
621if [[ "${batch_size}" != "" ]]; then
622 if [[ "${lat_thr}" == "thr" ]]; then
623 if [[ "${batch_size}" -eq 0 ]]; then
624 echo -e "${INFO_TAG} Batch size is set to 0"
625 export run_batching_tests="0"
626 export run_no_batching_tests="1"
627 else
628 echo -e "${INFO_TAG} Batch size is set to ${batch_size}"
629 export run_batching_tests="1"
630 export run_no_batching_tests="0"
631 fi
632 else
633 echo -e "${INFO_TAG} Batch size is set to ${batch_size}. This value will be ignored for latency tests."
634 unset batch_size
635 fi
636fi
637
638# Tests that may use batching (when doing throughput tests). Also Latency tests.
639if [[ ${run_batching_tests} == "1" ]]; then
640
641 # UNKEYED
642 if [[ "${skip_unkeyed}" == "" ]]; then
643
644 # RELIABLE
645 if [[ "${skip_rel_tests}" == "" ]]; then
646 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
647 fi
648
649 # BEST EFFORT
650 if [[ "${skip_be_tests}" == "" ]]; then
651 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
652 fi
653 fi
654
655 # KEYED
656 if [[ "${skip_keyed_data}" == "" ]]; then
657
658 # RELIABLE
659 if [[ "${skip_rel_tests}" == "" ]]; then
660 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
661 fi
662
663 # BEST EFFORT
664 if [[ "${skip_be_tests}" == "" ]]; then
665 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
666 fi
667 fi
668
669fi
670
671# Tests that will not use batching
672if [[ "${lat_thr}" == "thr" && "${run_no_batching_tests}" == "1" ]]; then
673
674 if [[ "$role" == "pub" ]]; then
675 export commands_string="${commands_string} -batchSize 0"
676 fi
677
678 # UNKEYED
679 if [[ "${skip_unkeyed}" == "" ]]; then
680
681 # RELIABLE
682 if [[ "${skip_rel_tests}" == "" ]]; then
683 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
684 fi
685
686 # BEST EFFORT
687 if [[ "${skip_be_tests}" == "" ]]; then
688 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
689 fi
690 fi
691
692 # KEYED
693 if [[ "${skip_keyed_data}" == "" ]]; then
694
695 # RELIABLE
696 if [[ "${skip_rel_tests}" == "" ]]; then
697 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
698 fi
699
700 # BEST EFFORT
701 if [[ "${skip_be_tests}" == "" ]]; then
702 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
703 fi
704 fi
705
706fi
707
708if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
709 echo -e "${INFO_TAG} Disabling loss rate"
710 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
711fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-be --skip-no-batching \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-be --skip-no-batching \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-be --skip-no-batching \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-be --skip-no-batching \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-be --skip-no-batching \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-be --skip-no-batching \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-be --skip-no-batching \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Raspberry Pi Nodes
Raspberry Pi 4
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps Interfaces)
Wireless Router
Consumer grace wireless router with 1Gbps interface.
The graph below shows the expected throughput behavior when performing a 1-1 communication between two Linux nodes in a 10Gbps network. The numbers have been taken using strict reliable reliability for all the different Security Profiles (described below).
Note
By default, RTI Perftest enables batching when performing a Maximum Throughput test. The batching feature allows sending more than one data sample per RTPS packet, improving network performance for small data sizes. See the RTI Connext Core Libraries User’s Manual for more information on batching.
The batch maximum size is set by RTI Perftest to be 8192 bytes; after 8192 bytes, batching is not enabled.
Detailed Statistics
This table contains the raw numbers presented by RTI Perftest. These numbers are the exact output with no further processing.
Not using security libraries
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
15212697 |
760411 |
194.7 |
0 |
0.00 |
64 |
12132582 |
606082 |
310.3 |
0 |
0.00 |
128 |
8718400 |
435514 |
446.0 |
0 |
0.00 |
256 |
5334400 |
266468 |
545.7 |
0 |
0.00 |
512 |
3022832 |
150995 |
618.5 |
0 |
0.00 |
1024 |
1609736 |
80420 |
658.8 |
0 |
0.00 |
2048 |
827804 |
41358 |
677.6 |
0 |
0.00 |
4096 |
421094 |
21034 |
689.2 |
0 |
0.00 |
8192 |
224282 |
11203 |
734.3 |
0 |
0.00 |
16384 |
140668 |
7026 |
921.0 |
0 |
0.00 |
32768 |
60839 |
3038 |
796.6 |
0 |
0.00 |
63000 |
37966 |
1896 |
955.7 |
0 |
0.00 |
No protection
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
14957312 |
747445 |
191.3 |
0 |
0.00 |
64 |
12145664 |
606698 |
310.6 |
0 |
0.00 |
128 |
8820472 |
440598 |
451.2 |
0 |
0.00 |
256 |
5339552 |
266717 |
546.2 |
0 |
0.00 |
512 |
3022256 |
150989 |
618.5 |
0 |
0.00 |
1024 |
1601216 |
79997 |
655.3 |
0 |
0.00 |
2048 |
828928 |
41410 |
678.5 |
0 |
0.00 |
4096 |
420013 |
20979 |
687.5 |
0 |
0.00 |
8192 |
225847 |
11283 |
739.5 |
0 |
0.00 |
16384 |
141948 |
7090 |
929.4 |
0 |
0.00 |
32768 |
60253 |
3008 |
788.7 |
0 |
0.00 |
63000 |
37947 |
1895 |
955.1 |
0 |
0.00 |
RTPS Sign
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
11391488 |
569409 |
145.8 |
0 |
0.00 |
64 |
8428621 |
421055 |
215.6 |
0 |
0.00 |
128 |
5442112 |
271864 |
278.4 |
0 |
0.00 |
256 |
3143712 |
157035 |
321.6 |
0 |
0.00 |
512 |
1701536 |
85002 |
348.2 |
0 |
0.00 |
1024 |
889648 |
44440 |
364.1 |
0 |
0.00 |
2048 |
454380 |
22700 |
371.9 |
0 |
0.00 |
4096 |
229245 |
11451 |
375.3 |
0 |
0.00 |
8192 |
118224 |
5905 |
387.0 |
0 |
0.00 |
16384 |
71404 |
3567 |
467.6 |
0 |
0.00 |
32768 |
38336 |
1915 |
502.0 |
0 |
0.00 |
63000 |
21046 |
1051 |
530.1 |
0 |
0.00 |
RTPS Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
8972989 |
448475 |
114.8 |
0 |
0.00 |
64 |
6140269 |
306732 |
157.0 |
0 |
0.00 |
128 |
3780489 |
188851 |
193.4 |
0 |
0.00 |
256 |
2109600 |
105390 |
215.8 |
0 |
0.00 |
512 |
1120208 |
55955 |
229.2 |
0 |
0.00 |
1024 |
576384 |
28794 |
235.9 |
0 |
0.00 |
2048 |
290444 |
14512 |
237.8 |
0 |
0.00 |
4096 |
146530 |
7321 |
239.9 |
0 |
0.00 |
8192 |
75308 |
3762 |
246.6 |
0 |
0.00 |
16384 |
42546 |
2126 |
278.7 |
0 |
0.00 |
32768 |
22068 |
1102 |
289.1 |
0 |
0.00 |
63000 |
10727 |
536 |
270.2 |
0 |
0.00 |
RTPS Sign with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
8023296 |
401131 |
102.7 |
0 |
0.00 |
64 |
5239552 |
261723 |
134.0 |
0 |
0.00 |
128 |
3027520 |
151240 |
154.9 |
0 |
0.00 |
256 |
1687552 |
84308 |
172.7 |
0 |
0.00 |
512 |
876240 |
43773 |
179.3 |
0 |
0.00 |
1024 |
448920 |
22425 |
183.7 |
0 |
0.00 |
2048 |
226760 |
11329 |
185.6 |
0 |
0.00 |
4096 |
113790 |
5685 |
186.3 |
0 |
0.00 |
8192 |
57919 |
2894 |
189.7 |
0 |
0.00 |
16384 |
32350 |
1616 |
211.9 |
0 |
0.00 |
32768 |
16571 |
828 |
217.1 |
0 |
0.00 |
63000 |
8385 |
419 |
211.3 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt with Original Auth, Data Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
6026752 |
301255 |
77.1 |
0 |
0.00 |
64 |
3737296 |
186734 |
95.6 |
0 |
0.00 |
128 |
2108672 |
105343 |
107.9 |
0 |
0.00 |
256 |
1139136 |
56911 |
116.6 |
0 |
0.00 |
512 |
587712 |
29360 |
120.3 |
0 |
0.00 |
1024 |
299872 |
14983 |
122.7 |
0 |
0.00 |
2048 |
151016 |
7544 |
123.6 |
0 |
0.00 |
4096 |
75974 |
3796 |
124.4 |
0 |
0.00 |
8192 |
38447 |
1921 |
125.9 |
0 |
0.00 |
16384 |
20928 |
1046 |
137.1 |
0 |
0.00 |
32768 |
10572 |
528 |
138.5 |
0 |
0.00 |
63000 |
5530 |
276 |
139.4 |
0 |
0.00 |
RTPS Sign, Submessage Encrypt
Sample Size (Bytes) |
Total Samples |
Avg Samples/s |
Avg Mbps |
Lost Samples |
Lost Samples (%) |
|---|---|---|---|---|---|
32 |
7593645 |
379580 |
97.2 |
0 |
0.00 |
64 |
5042816 |
251932 |
129.0 |
0 |
0.00 |
128 |
2985482 |
149137 |
152.7 |
0 |
0.00 |
256 |
1671712 |
83516 |
171.0 |
0 |
0.00 |
512 |
875680 |
43743 |
179.2 |
0 |
0.00 |
1024 |
449848 |
22472 |
184.1 |
0 |
0.00 |
2048 |
228184 |
11400 |
186.8 |
0 |
0.00 |
4096 |
114892 |
5740 |
188.1 |
0 |
0.00 |
8192 |
58427 |
2919 |
191.3 |
0 |
0.00 |
16384 |
32512 |
1624 |
212.9 |
0 |
0.00 |
32768 |
16762 |
837 |
219.6 |
0 |
0.00 |
63000 |
7922 |
396 |
199.7 |
0 |
0.00 |
Perftest Scripts
To produce these tests, we executed RTI Perftest for C++98. The script used to execute the tests can be found here:
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export datasizes="32 64 128 256 512 1024 2048 4096 8192 16384 32768 63000"
6export datasizes_extended="${datasizes} 100000 500000 1048576 1548576 4194304 10485760"
7
8export domain="2"
9export exec_time=20
10export num_reps=1
11export instance_number=100000
12export core=0
13export run_batching_tests="1"
14export run_no_batching_tests="1"
15
16# We will use some colors to improve visibility of errors and info messages.
17RED='\033[0;31m'
18GREEN='\033[0;32m'
19YELLOW='\033[0;33m'
20BLUE='\033[0;34m'
21LIGHTBLUE='\033[0;36m'
22NC='\033[0m'
23INFO_TAG="${GREEN}[INFO][$role]:${NC}"
24WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
25ERROR_TAG="${RED}[ERROR][$role]:${NC}"
26
27################################################################################
28
29function disable_colors() {
30 export RED=""
31 export GREEN=""
32 export YELLOW=""
33 export NC=""
34 export BLUE=""
35 export LIGHTBLUE=""
36 export INFO_TAG="${GREEN}[INFO][$role]:${NC}"
37 export WARNING_TAG="${YELLOW}[WARNING][$role]:${NC}"
38 export ERROR_TAG="${RED}[ERROR][$role]:${NC}"
39}
40
41function change_domain() {
42 if [[ "$domain" == "1" ]]; then
43 export domain="2"
44 else
45 export domain="1"
46 fi
47}
48
49# Function to process and append lines to the output file
50function append_to_output_file() {
51 local line=${1?line required}; readonly line
52 local append=$(echo "${2?append required}" | tr -s ' '); readonly append
53 local file=${3?file required}; readonly file
54 if [[ "${line: -1}" == $'\n' ]]; then
55 line="${line::-1}"
56 fi
57 echo "${line}${append}" >> "$file"
58}
59
60# Usage: execute_test <keyed/unkeyed> <rel/be> <datasizes> <batchSize>
61function execute_test() {
62
63 local keyed_unkeyed=$1
64 local rel_be=$2
65 local datasizes_test=$3
66 local other_args=$4
67 local name_suffix=$5
68
69 local commands_string_test=$commands_string
70 local tag=""
71
72 if [[ "${keyed_unkeyed}" == "keyed" ]]; then
73 commands_string_test="${commands_string_test} -keyed -instances $instance_number"
74 tag="[${YELLOW}${transport}${NC}|${BLUE}K${NC}|"
75 else
76 tag="[${YELLOW}${transport}${NC}|${LIGHTBLUE}UK${NC}|"
77 fi
78
79 if [[ "${rel_be}" == "be" ]]; then
80 commands_string_test="${commands_string_test} -bestEffort"
81 tag="${tag}${YELLOW}BE${NC}]"
82 else
83 tag="${tag}${RED}REL${NC}]"
84 fi
85
86 # If batch_size is set, we will add it to the command line of the publisher side.
87 if [[ "$batch_size" != "" && "$role" == "pub" ]]; then
88 commands_string_test="${commands_string_test} -batchSize $batch_size"
89 fi
90
91 tag="${tag}[${LIGHTBLUE}${lat_thr}${NC}]"
92
93 local output_file=$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}.csv
94
95 if [[ "$role" == "pub" ]]; then
96 echo -e "${YELLOW}[TEST]: $keyed_unkeyed, $rel_be, Is a no-batching test = $no_batching_tests. ${NC}"
97 fi
98
99 if [[ "$thread_cpu_affinity" != "" ]]; then
100 commands_string_test="${commands_string_test} -threadCPUAffinity $thread_cpu_affinity"
101 fi
102
103 local pre_command_string=""
104
105 if [[ "$thread_priorities" != "" ]]; then
106 echo -e "${WARNING_TAG} Thread priorities enabled, this requires using sudo"
107 # When using sudo, the LD_LIBRARY_PATH is emptied, hence we need to set it again in the command itself
108 export LD_LIBRARY_PATH_COPIED="$LD_LIBRARY_PATH"
109 pre_command_string="sudo LD_LIBRARY_PATH=$LD_LIBRARY_PATH_COPIED "
110 commands_string_test="${commands_string_test} -threadPriorities $thread_priorities"
111 fi
112
113 if [[ "$pin_memory" != "" ]]; then
114 commands_string_test="${commands_string_test} -pinMemory"
115 fi
116
117 if [[ "$no_taskset" == "" && "$thread_cpu_affinity" == "" && "$LANGUAGE" != "java" && "$LANGUAGE" != "cs" ]]; then
118 pre_command_string="$pre_command_string taskset -c $core"
119 fi
120
121 if [[ "$LANGUAGE" == "python" ]]; then
122 pre_command_string="$pre_command_string python3 "
123 fi
124
125 if [[ "$DOCKER" == "1" ]]; then
126 pre_command_string="$pre_command_string docker run --net=host -v /home/perfuser/rti_license_connextpro.dat:/opt/rti.com/rti_connext_dds-7.3.0/rti_license.dat rticom/perftest:7.3.0-EAR "
127 executable=""
128 fi
129
130 # Get the aprox time this will take:
131 total_tests=$((`wc -w <<< "$datasizes_test"` * num_reps))
132 total_time=$((total_tests * exec_time))
133
134 touch $output_file
135 local no_headers=""
136 local current_test=0
137 for index in $(seq 1 ${num_reps}); do
138 for DATALEN in ${datasizes_test}; do
139 current_test=$((current_test + 1))
140
141 if [[ ! -s $output_file ]]; then
142 echo -e "${INFO_TAG} Output file is empty, filling the header."
143 no_headers=""
144 else
145 echo -e "${INFO_TAG} Output file is not empty."
146 no_headers=" -noOutputHeaders"
147 fi
148
149 export command="$pre_command_string $executable -domain $domain -dataLen $DATALEN $commands_string_test $other_args $no_headers"
150 if [[ "$role" == "pub" ]]; then
151 echo -e "Test ${tag} (${current_test}/${total_tests}) -- Total time = ${total_time}s"
152 echo -e ${BLUE}$command${NC}
153 else
154 echo -e ${LIGHTBLUE}$command${NC}
155 fi
156
157 # In certain cases we need to wait a bit before running the test, this is
158 # because the previous test might not be finished on the other side yet, or because the
159 # discovery mechanism does not work like in connext DDS.
160 if [[ "$LANGUAGE" == "cs" && "$role" == "pub" ]]; then
161 sleep 3
162 fi
163 if [[ "$raw" == "1" && "$role" == "sub" ]]; then
164 sleep 5
165 fi
166
167 # Gather netstat info before running the test
168 if [[ "${get_netstat_info}" == "1" ]]; then
169 echo -e "${INFO_TAG} Getting netstat info before"
170 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt
171 fi
172
173 # Execute the command and capture the output
174 if [[ $LANGUAGE == "c++98" || $LANGUAGE == "" ]]; then
175 echo -e "${INFO_TAG} Using C++98, using -outputFile option"
176 touch ${output_file}_tmp_line
177 chmod 777 ${output_file}_tmp_line
178 eval $command -outputFile ${output_file}_tmp_line
179 else
180 eval $command > ${output_file}_tmp_line
181 fi
182
183 number_of_lines=$(wc -l < ${output_file}_tmp_line)
184 echo -e "${INFO_TAG} Size of the output text: $number_of_lines lines"
185
186 # Check if this is the first test for this output file.
187 local is_first_test=0
188 if [[ ! -s $output_file ]]; then
189 is_first_test=1
190 fi
191 local expected_lines=$((is_first_test+1))
192
193 if [[ $number_of_lines -ne ${expected_lines} ]]; then
194 echo -e "${WARNING_TAG} The output text should have ${expected_lines} lines, but it has ${number_of_lines}."
195 echo -e "${RED} The content is: \n\"\"\""
196 cat ${output_file}_tmp_line
197 echo -e "\"\"\""
198 echo -e "Not adding it to the output file. ${NC}"
199 else
200 if [[ $number_of_lines -gt 1 ]]; then
201 header_line=$(head -n 1 "${output_file}_tmp_line")
202 echo -e "${INFO_TAG} Header line is: $header_line"
203 fi
204 result_line=$(tail -n 1 "${output_file}_tmp_line")
205 echo -e "${INFO_TAG} Result line is: $result_line"
206
207 # If this is the first test, we need to add the header line to the output file
208 if [[ $is_first_test -eq 1 ]]; then
209 append_to_output_file "$header_line" ", command-line" $output_file
210 fi
211
212 command=$(echo $command | sed 's/,/:comma:/g')
213 # Remove the `"` characters from the command line
214 command=$(echo $command | sed 's/\"//g')
215
216 # Append the result line to the output file
217 append_to_output_file "$result_line" ", $command" $output_file
218 fi
219
220 # Always remove the temporary file
221 rm -rf ${output_file}_tmp_line
222
223 # Gather netstat info after running the test
224 if [[ "${get_netstat_info}" == "1" ]]; then
225 echo -e "${INFO_TAG} Getting netstat info after"
226 netstat -s -u | grep -e "error" -e "packet" > $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt
227 touch "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
228 python3 $script_location/../../../tools/diff_netstat_output.py \
229 -n $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_after.txt \
230 -o $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_before.txt \
231 -d $DATALEN $no_header_netstat \
232 -csv >> "$output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat.csv"
233 rm -rf $output_folder/${lat_thr}_${role}_${keyed_unkeyed}_${rel_be}${name_suffix}_netstat_*.txt
234 no_header_netstat=" -nh"
235 fi
236
237 change_domain
238 done
239 done
240}
241
242################################################################################
243# PARSE COMMAND LINE OPTIONS:
244
245while [ "$1" != "" ]; do
246 case $1 in
247 --executable)
248 executable=$2
249 shift
250 ;;
251 --docker)
252 DOCKER="1"
253 ;;
254 --output-folder)
255 output_folder=$2
256 shift
257 ;;
258 --role)
259 export role=$2
260 shift
261 ;;
262 --core)
263 export core=$2
264 shift
265 ;;
266 --assign-core-list | --thread-cpu-affinity)
267 export thread_cpu_affinity=$2
268 shift
269 ;;
270 --assign-thread-priorities | --thread-priorities)
271 export thread_priorities=$2
272 shift
273 ;;
274 --pin-memory)
275 export pin_memory="1"
276 ;;
277 --test-kind)
278 export lat_thr=$2
279 shift
280 ;;
281 --interface1)
282 export interface=$2
283 shift
284 ;;
285 --interface2)
286 export interface2=$2
287 shift
288 ;;
289 --ip1)
290 export ip1=$2
291 shift
292 ;;
293 --ip2)
294 export ip2=$2
295 shift
296 ;;
297 --repetitions)
298 export num_reps=$2
299 shift
300 ;;
301 --domain)
302 export domain=$2
303 shift
304 ;;
305 --execution-time)
306 export exec_time=$2
307 shift
308 ;;
309 --transport)
310 export transport=$2
311 shift
312 ;;
313 --datalen)
314 export datalen_input=$2
315 shift
316 ;;
317 --file-suffix)
318 export file_suffix=$2
319 shift
320 ;;
321 --folder-suffix)
322 export folder_suffix=$2
323 shift
324 ;;
325 --sub-folder)
326 sub_folder=$2
327 shift
328 ;;
329 --executable-suffix)
330 export executable_suffix=$2
331 shift
332 ;;
333 --extra-arguments)
334 export extra_arguments=$2
335 shift
336 ;;
337 --extra-arguments-pub)
338 export extra_arguments_pub=$2
339 shift
340 ;;
341 --extra-arguments-sub)
342 export extra_arguments_sub=$2
343 shift
344 ;;
345 --skip-be)
346 export skip_be_tests="1"
347 ;;
348 --skip-rel)
349 export skip_rel_tests="1"
350 ;;
351 --skip-keyed)
352 export skip_keyed_data="1"
353 ;;
354 --skip-large-data)
355 export skip_large_data="1"
356 ;;
357 --large-data)
358 export large_data="1"
359 ;;
360 --keyed)
361 export skip_unkeyed="1"
362 ;;
363 --unkeyed)
364 export skip_keyed_data="1"
365 ;;
366 --no-batching | --skip-batching)
367 export run_batching_tests="0"
368 export run_no_batching_tests="1"
369 ;;
370 --skip-no-batching)
371 export run_batching_tests="1"
372 export run_no_batching_tests="0"
373 ;;
374 --batch-size)
375 export batch_size=$2
376 shift
377 ;;
378 --reliable)
379 export skip_be_tests="1"
380 ;;
381 --best-effort)
382 export skip_rel_tests="1"
383 ;;
384 --security-gov)
385 export security_only="$2"
386 shift
387 ;;
388 --micro)
389 export micro="1"
390 ;;
391 --cert)
392 export cert="1"
393 ;;
394 --raw | --raw-transport)
395 export raw="1"
396 ;;
397 --tss)
398 export tss="1"
399 ;;
400 --no-colors)
401 export NO_COLORS="1"
402 ;;
403 --language)
404 export LANGUAGE=$2
405 shift
406 ;;
407 --loss-rate)
408 export loss_rate=$2
409 shift
410 ;;
411 --get-netstat-info | --netstat)
412 export get_netstat_info="1"
413 ;;
414 --reduced-data-sizes-set)
415 export REDUCED_DATA_SIZES_SET="1"
416 ;;
417 --dont-change-tuned-settings)
418 export dont_change_tuned_settings="1"
419 ;;
420 --no-taskset)
421 export no_taskset=1
422 ;;
423 *)
424 echo -e "unknown parameter \"$1\""
425 exit 255
426 ;;
427 esac
428 shift
429done
430
431if [[ "$NO_COLORS" == "1" ]]; then
432 disable_colors
433fi
434
435export folder_base="$(dirname "${executable}")"/../../..
436
437if [[ $LANGUAGE == "java" || "$LANGUAGE" == "cs" ]]; then
438 export folder_base="$(dirname "${executable}")"/../..
439fi
440if [[ $tss == "1" ]]; then
441 export folder_base="$(dirname "${executable}")"/../../../../..
442fi
443
444if [[ "${executable_suffix}" != "" ]]; then
445 export executable="${executable}${executable_suffix}"
446fi
447
448if [[ -n "${folder_suffix}" ]]; then
449 export output_folder="${output_folder}${folder_suffix}"
450fi
451
452if [[ -n "${sub_folder}" ]]; then
453 export output_folder="${output_folder}/${sub_folder}"
454fi
455
456echo -e "${INFO_TAG} Perftest executable is: $executable"
457echo -e "${INFO_TAG} Output folder is: $output_folder"
458
459################################################################################
460
461if [[ "$LANGUAGE" == "python" ]]; then
462 export skip_keyed_data="1"
463 export skip_large_data="1"
464 export skip_be_tests="1"
465 export run_no_batching_tests="0"
466fi
467
468if [[ "${skip_large_data}" == "1" ]]; then
469 export datasizes_extended=${datasizes}
470elif [[ "${large_data}" == "1" ]]; then
471 export datasizes=${datasizes_extended}
472fi
473
474if [[ "${datalen_input}" != "" ]]; then
475 echo -e "${YELLOW}[TEST] Testing only for ${datalen_input}${NC}"
476 export datasizes=${datalen_input}
477 export datasizes_extended=${datalen_input}
478 if [[ "${run_no_batching_tests}" == "1" && "${run_batching_tests}" == "0" ]]; then
479 export skip_large_data="1"
480 fi
481else
482 if [[ "${REDUCED_DATA_SIZES_SET}" != "" ]]; then
483 echo -e "${YELLOW}[TEST] Testing Reduced set of datasizes ${NC}"
484 export datasizes="32 128 512 2048 8192 32768 63000"
485 export datasizes_extended="${datasizes} 102400 1048576 10485760"
486 fi
487fi
488
489if [[ "$role" != "pub" && "$role" != "sub" ]]; then
490 echo -e "${ERROR_TAG} It must be either publisher or subscriber"
491 exit 255
492fi
493
494if [[ "$lat_thr" != "thr" && "$lat_thr" != "lat" ]]; then
495 echo -e "${ERROR_TAG} It must be either lat or thr"
496 exit 255
497fi
498
499if [[ "${interface}" == "" ]]; then
500 echo "Using default nics"
501 export nic_publisher=${ip_machine_1}
502 export nic_subscriber=${ip_machine_2}
503elif [[ "${interface}" == "both" ]]; then
504 export nic_publisher="enp1s0f0,eno1"
505 export nic_subscriber="enp1s0f0,eno1"
506 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
507 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
508else
509 export nic_publisher=$interface
510 echo -e "${INFO_TAG} Using nic_publisher: ${nic_publisher}"
511
512 if [[ "${interface2}" == "" ]]; then
513 export nic_subscriber=$interface
514 else
515 export nic_subscriber=$interface2
516 fi
517 echo -e "${INFO_TAG} Using nic_subscriber: ${nic_subscriber}"
518
519 if [[ "${ip1}" != "" ]]; then
520 export ip_publisher=$ip1
521 echo "Using ip_publisher: ${ip_publisher}"
522 fi
523
524 if [[ "${ip2}" != "" ]]; then
525 export ip_subscriber=$ip2
526 echo "Using ip_subscriber: ${ip_subscriber}"
527 fi
528
529fi
530
531export transport_string="-transport $transport"
532
533if [[ "$transport" == "UDPv4" ]]; then
534
535 export transport_string_pub="$transport_string -nic $nic_publisher"
536 export transport_string_sub="$transport_string -nic $nic_subscriber"
537
538 if [[ "$raw" == "1" ]]; then
539 export transport_string_pub="$transport_string_pub -peer ${ip_subscriber}"
540 export transport_string_sub="$transport_string_sub -peer ${ip_publisher}"
541 fi
542
543 if [[ "$micro" == "1" || "$cert" == "1" ]]; then
544 export transport_string_pub="$transport_string_pub -peer _udp://${ip_subscriber}"
545 export transport_string_sub="$transport_string_sub -peer _udp://${ip_publisher}"
546 fi
547
548elif [[ "$transport" == "TCP" ]]; then
549 export transport_string_pub="$transport_string \
550 -nic $nic_publisher \
551 -peer 0@tcpv4_lan://${ip_subscriber}:7400"
552 export transport_string_sub="$transport_string \
553 -nic $nic_subscriber \
554 -peer 0@tcpv4_lan://${ip_publisher}:7400"
555elif [[ "$transport" == "TLS" ]]; then
556 export transport_string_pub="$transport_string \
557 -nic $nic_publisher \
558 -peer tlsv4_lan://${ip_subscriber}:7400"
559 export transport_string_sub="$transport_string \
560 -nic $nic_subscriber \
561 -peer tlsv4_lan://${ip_publisher}:7400"
562elif [[ "$transport" == "UDPv4_WAN" ]]; then
563 export transport_string_pub="$transport_string \
564 -nic $nic_publisher \
565 -transportPublicAddress $ip_publisher:7400"
566 export transport_string_sub="$transport_string \
567 -nic $nic_subscriber \
568 -peer 0@udpv4_wan://${ip_publisher}:7400"
569else
570 export transport_string_pub="$transport_string"
571 export transport_string_sub="$transport_string"
572fi
573
574################################################################################
575
576export pub_string="-pub \
577 ${transport_string_pub} \
578 -noPrintIntervals \
579 -executionTime $exec_time"
580
581if [[ ${lat_thr} == "lat" ]]; then
582 export pub_string="$pub_string \
583 -latencyTest"
584fi
585
586export sub_string="-sub \
587 ${transport_string_sub} \
588 -noPrintIntervals"
589
590if [[ "$role" == "pub" ]]; then
591 echo -e "$INFO_TAG Publisher side running"
592 export commands_string=${pub_string}
593 export extra_arguments="${extra_arguments} ${extra_arguments_pub}"
594else
595 echo -e "$INFO_TAG Subscriber side running"
596 export commands_string=${sub_string}
597 export extra_arguments="${extra_arguments} ${extra_arguments_sub}"
598fi
599
600###############################################################################
601
602if [[ "$dont_change_tuned_settings" != "1" ]]; then
603 echo -e "${INFO_TAG} Executing: /set_${lat_thr}_mode.sh"
604 sudo /set_${lat_thr}_mode.sh
605 sleep 5
606fi
607
608echo -e "${INFO_TAG} Disabling any loss rate"
609sudo tc qdisc add dev $nic_publisher root netem loss 0%
610sudo tc qdisc del dev $nic_publisher root netem loss 0%
611
612if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
613 echo -e "${INFO_TAG} Setting loss rate to ${loss_rate}%"
614 sudo tc qdisc add dev $nic_publisher root netem loss $loss_rate%
615fi
616
617cd $folder_base
618echo -e "${INFO_TAG} Folder Base is: $PWD"
619mkdir -p $output_folder
620
621if [[ "${batch_size}" != "" ]]; then
622 if [[ "${lat_thr}" == "thr" ]]; then
623 if [[ "${batch_size}" -eq 0 ]]; then
624 echo -e "${INFO_TAG} Batch size is set to 0"
625 export run_batching_tests="0"
626 export run_no_batching_tests="1"
627 else
628 echo -e "${INFO_TAG} Batch size is set to ${batch_size}"
629 export run_batching_tests="1"
630 export run_no_batching_tests="0"
631 fi
632 else
633 echo -e "${INFO_TAG} Batch size is set to ${batch_size}. This value will be ignored for latency tests."
634 unset batch_size
635 fi
636fi
637
638# Tests that may use batching (when doing throughput tests). Also Latency tests.
639if [[ ${run_batching_tests} == "1" ]]; then
640
641 # UNKEYED
642 if [[ "${skip_unkeyed}" == "" ]]; then
643
644 # RELIABLE
645 if [[ "${skip_rel_tests}" == "" ]]; then
646 execute_test "unkeyed" "rel" "${datasizes_extended}" "${extra_arguments}" "$file_suffix"
647 fi
648
649 # BEST EFFORT
650 if [[ "${skip_be_tests}" == "" ]]; then
651 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
652 fi
653 fi
654
655 # KEYED
656 if [[ "${skip_keyed_data}" == "" ]]; then
657
658 # RELIABLE
659 if [[ "${skip_rel_tests}" == "" ]]; then
660 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "$file_suffix"
661 fi
662
663 # BEST EFFORT
664 if [[ "${skip_be_tests}" == "" ]]; then
665 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "$file_suffix"
666 fi
667 fi
668
669fi
670
671# Tests that will not use batching
672if [[ "${lat_thr}" == "thr" && "${run_no_batching_tests}" == "1" ]]; then
673
674 if [[ "$role" == "pub" ]]; then
675 export commands_string="${commands_string} -batchSize 0"
676 fi
677
678 # UNKEYED
679 if [[ "${skip_unkeyed}" == "" ]]; then
680
681 # RELIABLE
682 if [[ "${skip_rel_tests}" == "" ]]; then
683 execute_test "unkeyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
684 fi
685
686 # BEST EFFORT
687 if [[ "${skip_be_tests}" == "" ]]; then
688 execute_test "unkeyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
689 fi
690 fi
691
692 # KEYED
693 if [[ "${skip_keyed_data}" == "" ]]; then
694
695 # RELIABLE
696 if [[ "${skip_rel_tests}" == "" ]]; then
697 execute_test "keyed" "rel" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
698 fi
699
700 # BEST EFFORT
701 if [[ "${skip_be_tests}" == "" ]]; then
702 execute_test "keyed" "be" "${datasizes}" "${extra_arguments}" "_noBatch${file_suffix}"
703 fi
704 fi
705
706fi
707
708if [[ "$role" == "pub" && "${loss_rate}" != "" ]]; then
709 echo -e "${INFO_TAG} Disabling loss rate"
710 sudo tc qdisc del dev $nic_publisher root netem loss $loss_rate%
711fi
1#!/bin/bash
2filename=$0
3script_location=$(cd "$(dirname "$filename")" || exit 255; pwd)
4
5export input_params=$@
6
7while [ "$1" != "" ]; do
8 case $1 in
9 --executable)
10 executable=$2
11 shift
12 ;;
13 --security-gov)
14 export security_only=$2
15 shift
16 ;;
17 --ci)
18 export CI="1"
19 ;;
20 *)
21 ;;
22 esac
23 shift
24done
25
26echo $security_only
27
28export folder_base="$(dirname "${executable}")"/../../..
29export PATH_TO_GOVERNANCE_FILES_FOLDER=$folder_base/resource/secure
30
31if [[ "${CI}" == "" ]]; then
32
33 if [[ "${security_only}" == "none" || "${security_only}" == "" ]]; then
34 echo -e "[Calling base_script/script.sh] -- No Security"
35 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
36 --skip-be --skip-no-batching \
37 --file-suffix "_security_none"
38 sleep 5;
39 fi
40
41 if [[ "${security_only}" == "rtps_sign" || "${security_only}" == "" ]]; then
42 echo -e "[Calling base_script/script.sh] -- RTPS Sign"
43 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
44 --skip-be --skip-no-batching \
45 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSign.xml " \
46 --file-suffix "_security_rtps_sign"
47 fi
48
49 if [[ "${security_only}" == "rtps_sign_submessage_encrypt" || "${security_only}" == "" ]]; then
50 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt"
51 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
52 --skip-be --skip-no-batching \
53 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_SignEncryptSubmessage.xml " \
54 --file-suffix "_security_rtps_sign_submessage_encrypt"
55 fi
56
57fi
58
59if [[ "${security_only}" == "no_protection" || "${security_only}" == "" ]]; then
60 echo -e "[Calling base_script/script.sh] -- No Protection"
61 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
62 --skip-be --skip-no-batching \
63 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_.xml " \
64 --file-suffix "_security_no_protection"
65fi
66
67if [[ "${security_only}" == "rtps_encrypt" || "${security_only}" == "" ]]; then
68 echo -e "[Calling base_script/script.sh] -- RTPS Encrypt"
69 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
70 --skip-be --skip-no-batching \
71 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSEncrypt.xml " \
72 --file-suffix "_security_rtps_encrypt"
73fi
74
75if [[ "${security_only}" == "rtps_sign_submessage_encrypt_orig_data_encrypt" || "${security_only}" == "" ]]; then
76 echo -e "[Calling base_script/script.sh] -- RTPS Sign, Submessage Encrypt with original auth, Data Encrypt"
77 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
78 --skip-be --skip-no-batching \
79 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignEncryptSubmessageWithOrigAuthEncryptData.xml " \
80 --file-suffix "_security_rtps_sign_submessage_encrypt_orig_data_encrypt"
81fi
82
83if [[ "${security_only}" == "rtps_sign_orig_data_encrypt" || "${security_only}" == "" ]]; then
84 echo -e "[Calling base_script/script.sh] -- RTPS Sign with Original auth, Data Encrypt"
85 "${script_location}/../base_script/script.sh" $input_params --transport UDPv4 \
86 --skip-be --skip-no-batching \
87 --extra-arguments "-secureGovernanceFile $PATH_TO_GOVERNANCE_FILES_FOLDER/signed_PerftestGovernance_RTPSSignWithOrigAuthEncryptData.xml " \
88 --file-suffix "_security_rtps_sign_orig_data_encrypt"
89 sleep 5;
90fi
Security Profiles
To test different levels of security, we have selected a well-known set
of configurations. These configurations have been defined in the Governance files
used by RTI Perftest. With these configurations, we have tested the minimum
latency and maximum throughput achievable in different scenarios. The scenarios are
described below.
The profiles we have used are the following:
Not using security libraries
In this scenario, RTI Security Plugins is not being used, therefore the performance is the same as what the Core Libraries provide in Unkeyed, UDPv4 10Gbps Network, C++98.
No protection
In this scenario, Security Plugins are enabled but no protection is provided at any level. This, as well as the previous scenario, is used as a way to calibrate the impact of using Security Plugins even when no security measures are applied.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>TRUE</allow_unauthenticated_participants>
<enable_join_access_control>FALSE</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>NONE</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>FALSE</enable_discovery_protection>
<enable_read_access_control>FALSE</enable_read_access_control>
<enable_write_access_control>FALSE</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign’
This scenario sets the rtps_protection_kind to SIGN.
This configuration provides protection against outsiders at the lowest cost.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Encrypt’
This scenario sets the rtps_protection_kind to ENCRYPT. This configuration
is similar to the protection TLS provides.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>NONE</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign with Original Authentication’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN_WITH_ORIGIN_AUTHENTICATION. It also sets
the data_protection_kind to ENCRYPT. This configuration is the common
choice for intra-domain protection and confidentiality.
The governance profile used in this scenario is the following:
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN_WITH_ORIGIN_AUTHENTICATION</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>NONE</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt with Original Authentication,’ and Data ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets
the data_protection_kind to ENCRYPT and the metadata_protection_kind to
ENCRYPT_WITH_ORIGIN_AUTHENTICATION. This configuration offers the most robust
protection.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds>
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGINAL_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
RTPS ‘Sign,’ Submessage ‘Encrypt’
This scenario sets the rtps_protection_kind to SIGN. It also sets the
metadata_protection_kind to ENCRYPT. This configuration allows user data confidentiality
(with insiders protection) while keeping Wireshark capabilities.
The governance profile used in this scenario is the following:
<?xml version="1.0" encoding="UTF-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="dds_security_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>false</enable_join_access_control>
<discovery_protection_kind>NONE</discovery_protection_kind>
<liveliness_protection_kind>NONE</liveliness_protection_kind>
<rtps_protection_kind>SIGN</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>*</topic_expression>
<enable_discovery_protection>false</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>false</enable_read_access_control>
<enable_write_access_control>false</enable_write_access_control>
<metadata_protection_kind>ENCRYPT_WITH_ORIGIN_AUTHENTICATION</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
Test Hardware
The following hardware was used to perform these tests:
Raspberry Pi Nodes
Raspberry Pi 4
Switch
Dell 2048 -- 10Gbps switch (10Gbps and 1Gbps Interfaces)
Wireless Router
Consumer grace wireless router with 1Gbps interface.