Re: [bmwg] [Newsletter] Re: Query about 50% values in [Benchmarking Methodology for Network Security Device Performance draft 02]

"Van Den Breekel, Jurrie" <Jurrie.VanDenBreekel@spirent.com> Wed, 03 June 2020 21:23 UTC

Return-Path: <Jurrie.VanDenBreekel@spirent.com>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E9703A0FB9 for <bmwg@ietfa.amsl.com>; Wed, 3 Jun 2020 14:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=spirent1.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id phunvAIem3Z0 for <bmwg@ietfa.amsl.com>; Wed, 3 Jun 2020 14:22:58 -0700 (PDT)
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2126.outbound.protection.outlook.com [40.107.237.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88C593A0FB7 for <bmwg@ietf.org>; Wed, 3 Jun 2020 14:22:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FwKjSi9bXdeJIpmLSnmEle2QT9Y8qhx0zZ2mqVGSFZftQhRGldIOR0KViA/aDxo0R7at4R4q/SOj3iNh3ErYVq0DOQKw/CnaIKHJdu0mIvQBB+bgvNmh9+568Mb1WqywKyf+S1k8h/28Be4pF2kmCEoHmthE0iN1Cghl9tO6lvoujqPW9dyh1G07xL+bsYdUYGbnMLo5M7LLEd5HqeMUbSdhMlt2NJBhMo47Re3/Z087qD4Kd39flnZob2THXIdZGJFQHTFslYXXDyBbNxgnJPK+IF5/BqRfHzDKpIwr+ZRWGBWcl4QKlY5nvURmMvArcsbi4ZM5rjl+7NsbdlN87Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lyTeAKEHsgT9TemUKvmlH/IpY4QR4xJC9mBdMScuaMA=; b=GkceRn82GAq58HB1z+ZKgD77BqkFHgoplwyZ/51f7KvtHelLYcYUTiyWRN0+9kPLxYUhn01W9rFFGNLki8APJYe8D4VektziPdZJnsNSxlSWVl9UKq1GGiBzOjtUMGTJKqD9a959MI5Q/UYZ3Fx3ID91iG579obHSXgJFKlkUnRXo+etuEXOix6TitpSA3hXmy8pdR2eQvI0/cR+XRGicJNYLmRN+aaqt61FkM1BYgg4xQ4xBojIHgxG6/FdMOb5i1pt4hQ3as117Pn3KcJ44mDU5acleFtsIeJXrYViJmXoyH4yCEHdMEGGAtmdgkkjE4Wi5hIa7ALatd0BG69LGw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=spirent.com; dmarc=pass action=none header.from=spirent.com; dkim=pass header.d=spirent.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=spirent1.onmicrosoft.com; s=selector2-spirent1-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lyTeAKEHsgT9TemUKvmlH/IpY4QR4xJC9mBdMScuaMA=; b=Z6L0WsqeRDHrQP5RUa2EhP8w5vbHT1qr8o94/QI6CGxI5Jdojs4ZhrKZZ1ub5W+RnYhhJ52Dasp3NdrqGTPcbIiXazMSMZZgSRCouJStSciFQAUmN7jm3e6HQElcbh4n/80mtDKSIrlJuI/lhDDai7hl/dIx16KWLbJa8/1uJxs=
Received: from BYAPR10MB3462.namprd10.prod.outlook.com (2603:10b6:a03:121::31) by BYAPR10MB4103.namprd10.prod.outlook.com (2603:10b6:a03:11f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.18; Wed, 3 Jun 2020 21:22:51 +0000
Received: from BYAPR10MB3462.namprd10.prod.outlook.com ([fe80::e905:8568:2ca7:aada]) by BYAPR10MB3462.namprd10.prod.outlook.com ([fe80::e905:8568:2ca7:aada%5]) with mapi id 15.20.3066.018; Wed, 3 Jun 2020 21:22:51 +0000
From: "Van Den Breekel, Jurrie" <Jurrie.VanDenBreekel@spirent.com>
To: =?utf-8?B?R8OhYm9yIExFTkNTRQ==?= <lencse@hit.bme.hu>, "bmwg@ietf.org" <bmwg@ietf.org>
Thread-Topic: [bmwg] [Newsletter] Re: Query about 50% values in [Benchmarking Methodology for Network Security Device Performance draft 02]
Thread-Index: AQHWOeDGW6mUENFaOEqyhTq6FvWeoqjHXnAA//+SuYA=
Date: Wed, 3 Jun 2020 21:22:51 +0000
Message-ID: <7CD173E6-1C75-4747-9610-10F03B6B9791@spirent.com>
References: <DBBPR09MB30618401FAD3184921486E79B6880@DBBPR09MB3061.eurprd09.prod.outlook.com> <027801d639b7$0d4ac290$27e047b0$@netsecopen.org> <4D7F4AD313D3FC43A053B309F97543CF0108A5F74A@njmtexg5.research.att.com> <CAGiD7R7UeKa79pe-Y0BEXCvrDhiAnm329scxWkfu9GZ=7Jh5cA@mail.gmail.com> <dd3ac998-feba-7a4d-838e-8c1c79e28971@hit.bme.hu>
In-Reply-To: <dd3ac998-feba-7a4d-838e-8c1c79e28971@hit.bme.hu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.37.20050303
authentication-results: hit.bme.hu; dkim=none (message not signed) header.d=none;hit.bme.hu; dmarc=none action=none header.from=spirent.com;
x-originating-ip: [2600:387:8:7::4b]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f4883406-2308-4f14-adab-08d80804458a
x-ms-traffictypediagnostic: BYAPR10MB4103:
x-microsoft-antispam-prvs: <BYAPR10MB41033534C37FFB7CA22378C38B880@BYAPR10MB4103.namprd10.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 04238CD941
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vCiRWRERY1ivHXh1/zX1xlGSJeI/3JRPbVmJhzYCV5MvcDbjLpdWYog3UYPCMehm+nucn7NgaO3Qn7FjNpYaLe8WB+1zGTYOOaAzlJZ4+tGicc0apThSakLK4A1uhmB2C4xRFnkiYEC+EWUZp0su4EZhxolyFFx0opvCp8PTY7GyGIDc8GH5zA7ENWpKjPQfb9MK+u21m8sZXIQgvjEF5Gw3JiWciwV27rmNSqM7BV1TZiPxkPYP5PnU3Cbw+ZPQSaB/ZLKDX6mQBfc3DRVtt/MUYecHrAtZzSC/F4834LgQreInf/I55Ho1ShXS9pI+ndFvRJ+faPTh6YkX4vZAnhEK46NNDBXJUsy4ABEQGqqQtNg1arC4r7Zz+YMOzY52YLcka/sxDUci8C2lPfEVow==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR10MB3462.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(376002)(346002)(136003)(396003)(366004)(39860400002)(966005)(66946007)(478600001)(6486002)(66476007)(64756008)(2906002)(186003)(6512007)(66446008)(66556008)(83380400001)(15650500001)(8676002)(66574014)(166002)(86362001)(316002)(8936002)(5660300002)(76116006)(2616005)(71200400001)(53546011)(36756003)(33656002)(110136005)(6506007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: +KqmVTBZXbJq+yF7O831oqFtaB9N5x5biXbdAcOPX17pRn0lqQ+z9wgkUh/YhFdLQraEjv+G67lTv91E44mGWQX+azvGkPAm3m4mewHNENQ3SHZoZ+xo+H2bWhxNBwXxk3J/tonMToIQN+E9p3jkwP8Bs9I5u3qG1q63xQDgyWbwRK6DySKCYbIz5BMy1xxchTLS8Gr1Pv877Ho2p8gtitLhaG6reW7dcgQxJBjix4KH+Dp8+Y/ekKFzaWnKhpqc9aBqO0bA+UnUsTC8bQzsp+ab8ba0T2sAJiQ4uvA5yMeOm1MUCPMMvXKe4sLT5Jdh0xgI+qQiyYHMexnathcCqsipz3WwNVQx3i2lJFc+x+61HOLbeXoND1deGeVedcDPIthMU+RvJTClWWXBDFyYCfFTOssNI1yDjVqviW/gHulVv+XXZhSrh1xz+EctT7GML6G3Q02hrq9iw6wqRRgrsYq71/p+gmfwCsmU/C/K6aXnCmz2MqLfJL8M9yxkzzmU
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_7CD173E61C754747961010F03B6B9791spirentcom_"
MIME-Version: 1.0
X-OriginatorOrg: spirent.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f4883406-2308-4f14-adab-08d80804458a
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jun 2020 21:22:51.0364 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: eb68cad0-6bd5-483f-a802-0f72f974373f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: BXa4eVVb0EuZybaKLEmk6zQCyniYs5vxDhd5Jj0XgMOi9QzLb6W1uaV3WW/w8S35j0HdJsjDtAAdWcDIUtxNXdqIXCJ/MAkZjYnBMw8lErMVdSf8juhB3xvrzje+yz8M
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR10MB4103
Archived-At: <https://mailarchive.ietf.org/arch/msg/bmwg/Y0yUkKnBcMA0wu56f7EFoZV9Ymw>
Subject: Re: [bmwg] [Newsletter] Re: Query about 50% values in [Benchmarking Methodology for Network Security Device Performance draft 02]
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2020 21:23:02 -0000

Hi Gábor,

That is a good suggestion, the challenge however is that the latency tests are already 12 out of the total of 35 tests in the spec. The 12 tests for latency are Throughput and CPS  for both HTTP and HTTPS with 3 object sizes each. Relative to the other tests its already on the high side.

Best regards,
Jurrie

From: bmwg <bmwg-bounces@ietf.org> on behalf of Gábor LENCSE <lencse@hit.bme.hu>
Date: Wednesday, June 3, 2020 at 1:54 PM
To: "bmwg@ietf.org" <bmwg@ietf.org>
Subject: Re: [bmwg] [Newsletter] Re: Query about 50% values in [Benchmarking Methodology for Network Security Device Performance draft 02]

[Warning] This email comes from an external source. Be careful of any embedded links and attachments.

Dear Alex Samonte,

Is it absolutely necessary to use only a single value? Perhaps using multiple latency values at a few different working points (like 25%, 50%, 75%) could give more information about the behavior of the system.

Best regards,

Gábor Lencse
On 6/3/2020 21:53, Alex Samonte wrote:
The main rationale is to see what the nominal latency is..

As we all know the latency, will rise dramatically (and be unpredictable) when something gets close to bottlenecking.  That doesn't mean things will fail, but you start getting ugly behavior.

from 0%-XX% the latency is fairly reliable (XX to be guessed at later).  This means the latency doesn't change dramatically as you increase that percentage.  Usually it's something linear with a slope of much less than 1.    When you get to XX%-100%, the latency becomes unstable and it varies wildly as various components of the system have a bottleneck.  When that happens, other things compensate, and then they become a bottleneck (when the first thing is not) and it oscillates all over the place.  This is what leads to the unstable latency.  The difference of the latency at 1% vs XX% is small compared to the latency at XX% and some of the unstable latency at 100%.

So the question is how to we determine XX%?   Unfortunately, all DUTs are different, have different limits, bottlenecks, and features that may change XX%.   It's not the same from vendor to vendor, nor even model to model within the same vendor.

A couple big examples to point out.
1) multi core CPUs.  Because of the way that most stateful devices behave, a single session will probably be handled by a single core/thread of a CPU.  If a device has 8 cores, if there is only 1 session, 7 cores will likely go unused.   If there are 9 sessions, 1 core will be handling 2 sessions, and the others will be handling 1 (50% difference).  If there are 8001 sessions, then it's 1001, and others 1000, and the uneveness does not matter.   However, if one of those sessions is 'harder' or more difficult to process.  Or the number of sessions on a single core may be harder to process, that core may reach 100% capacity before the others do.   Lets' say I have 100%, 50%, 50%, 50% in a 4 core case.   Here we will experience unstable latency.  The sessions that go through the core at 100% will experience additional latency, where the sessions going through the other 3 cores will not, leading to unstable latency.

2) internal buffers.  Depending on the protocol different protocols may have different buffers associated with them, so when buffers fill up, more latency is added, but because they can be differently allocated for different protocols, you will see variable latency depending on which is exhausted and which is not.

3) interface (internal or external) limits.   When you approach 100% of a certain speed link (be it internal or external to the DUT) you can also experience additional latency.  It's hard to determine what a particular DUT's internal architecture is(nor do we really want to try to figure that out), So we generally do not want to push it to 100% because we know we will incur


So what we've said is that:
0%-XX% the latencies are reliable / not unstable
XX%-100% the latency are unstable

People looking to benchmark are generally interested in the largest stable value (XX).   100% (or near it) is generally not a representative value of the normal case of traffic.   0% (or 1%) is also generally not representative of the normal case for traffic.

Ideally XX% is what we're trying to get, but it's different for each model.   Since 0-XX% represents the stable side, i'd rather err on that side, than the XX%-100%.

When doing the benchmark we're finding the various max values (without failure), but that does not necessarily mean stable latency.   In order to get ot that range we're going to back off from 100%.

Now what could that value be?  95%  75%  50%?   This was purposefully set low so we would not encounter any other bottlenecks that would make the latency unstable.

I've tested lots of different devices over the years, both my own and other vendors, and the lower you make that number, the higher the number of devices will stay in the 'stable' area of latency.

so 50% was chosen as the least likely to cause unstable latency, and still representative of real customer usage (plenty of customers have no issue of using a device that is at 50% capacity).   At 75% and much more so at 95% customers are looking to change/upgrade their equipment so they are not nearing the top of what the device is capable of.   So again it makes me less interested in the latency there.


Hopefully that makes sense, and while it could be shorter in the explanation, i'm not sure I could make it into a 2 sentence one.

-Alex


On Wed, Jun 3, 2020 at 9:12 AM MORTON, ALFRED C (AL) <acm@research.att.com<mailto:acm@research.att.com>> wrote:
Thanks for your question, Simon, and the history, Brian.

I confess that this question (why 50%?) has occurred to me in other contexts, and it may help to add a sentence to two of rationale. So if the technical folks can help with suggestions, that would be great!

regards,
Al

From: bmwg [mailto:bmwg-bounces@ietf.org<mailto:bmwg-bounces@ietf.org>] On Behalf Of bmonkman@netsecopen.org<mailto:bmonkman@netsecopen.org>
Sent: Wednesday, June 3, 2020 10:56 AM
To: 'Simon Edwards' <simon@selabs.uk<mailto:simon@selabs.uk>>
Cc: bmwg@ietf.org<mailto:bmwg@ietf.org>
Subject: Re: [bmwg] Query about 50% values in [Benchmarking Methodology for Network Security Device Performance draft 02]

Simon,

This requirement was agreed to and adopted by the working group within NetSecOPEN. It first appeared in the IETF individual draft on October 14, 2018. (https://tools.ietf.org/html/draft-balarajah-bmwg-ngfw-performance-05<https://urldefense..proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dbalarajah-2Dbmwg-2Dngfw-2Dperformance-2D05&d=DwMFAg&c=LFYZ-o9_HUMeMTSQicvjIg&r=OfsSu8kTIltVyD1oL72cBw&m=mylQC4CnyBjr1JS-Qbiw5d392Llnmp_6LxMRXJO8NVI&s=8ElQf-XUyhkke33v7BvLLf5mEBDCEU2mlwlFDpxHJD8&e=>)BDCEU2mlwlFDpxHJD8&e=>). It was clarified and expanded on March 5, 2019 in https://tools.ietf.org/html/draft-ietf-bmwg-ngfw-performance-00<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dbmwg-2Dngfw-2Dperformance-2D00&d=DwMFAg&c=LFYZ-o9_HUMeMTSQicvjIg&r=OfsSu8kTIltVyD1oL72cBw&m=mylQC4CnyBjr1JS-Qbiw5d392Llnmp_6LxMRXJO8NVI&s=xbiPb0v60VZvEM2cumbN3J41IrOw2hMUK7HHaR-HN8o&e=>IrOw2hMUK7HHaR-HN8o&e=>. It’s form has largely been unchanged since then.

I will leave it to the technical folks to expand on this more. However, I am saying all of this because it has been in the position to be reviewed and commented on by the BMWG community for awhile. Our assumption is that given no one appears to have an issue with it that we hit the mark.

Brian

From: bmwg <bmwg-bounces@ietf.org<mailto:bmwg-bounces@ietf.org>> On Behalf Of Simon Edwards
Sent: June 3, 2020 5:10 AM
To: bmwg@ietf.org<mailto:bmwg@ietf.org>
Subject: [bmwg] Query about 50% values in [Benchmarking Methodology for Network Security Device Performance draft 02]

Hi all,

In a number of sections, but specifically '7.8.3.2.  Test Equipment Configuration Parameters', there are requirements to measure with 50% of the maximum connections/ sec measured in the HTTP/S throughput tests

E.g. "Target objective for scenarios 1 and 2: 50% of the maximum connections per second measured in test scenario..."

I'm sure this 50% value is the product of much thought and discussion, rather than an arbitrary choice. Is anyone able to explain the reason for the specific '50%' value (as opposed to 25%, 75% or whatever) or could you please point to documentation around that decision made by the group?

I'm asking just to understand. I don't disagree with the decision : )

Very best wishes,
Simon
_______________________________________________
bmwg mailing list
bmwg@ietf.org<mailto:bmwg@ietf.org>
https://www.ietf.org/mailman/listinfo/bmwg


--

Alex Samonte
Director Of Technical Architecture

[cid:~WRD2717.jpg]<http://www.fortinet.com/?utm_source=email-signature&utm_medium=sigstr&utm_campaign=fortinet-logo>
E: asamonte@fortinet.com<mailto:asamonte@fortinet.com>
M: +1 408-475-8737
Skype: asamonteFN
www.fortinet.com<https://www.fortinet.com/?utm_source=email-signature&utm_medium=sigstr-company-url&utm_campaign=sd-wan>             [cid:~WRD2717.jpg] <https://twitter.com/fortinet?utm_source=email-signature&utm_medium=sigstr&utm_campaign=social-twitter>     [cid:~WRD2717.jpg] <http://www.linkedin.com/company/fortinet?utm_source=email-signature&utm_medium=sigstr&utm_campaign=social-linkedin>     [cid:~WRD2717.jpg] <http://www.facebook.com/fortinet?utm_source=email-signature&utm_medium=sigstr&utm_campaign=social-facebook>    [cid:~WRD2717.jpg] <https://www.instagram.com/behindthefirewall/?utm_source=email-signature&utm_medium=sigstr&utm_campaign=social-instagram>     [cid:~WRD2717.jpg] <https://www.fortinet.com/blog?utm_source=email-signature&utm_medium=sigstr&utm_campaign=social-blog>
[Image removed by sender. Secure Remote Access for Your Workforce at                     Scale]<http://signatures.fortinet.com/uc/5e868f6230170c1cb4a71ffb>


________________________________
*** Please note that this message and any attachments may contain confidential and proprietary material and information and are intended only for the use of the intended recipient(s). If you are not the intended recipient, you are hereby notified that any review, use, disclosure, dissemination, distribution or copying of this message and any attachments is strictly prohibited. If you have received this email in error, please immediately notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed. Please also note that any views, opinions, conclusions or commitments expressed in this message are those of the individual sender and do not necessarily reflect the views of Fortinet, Inc., its affiliates, and emails are not binding on Fortinet and only a writing manually signed by Fortinet's General Counsel can be a binding commitment of Fortinet to Fortinet's customers or partners. Thank you. ***
________________________________



_______________________________________________

bmwg mailing list

bmwg@ietf.org<mailto:bmwg@ietf.org>

https://www.ietf.org/mailman/listinfo/bmwg