diff options
Diffstat (limited to 'docs/test_specs/csit-nat44ed-cps-spec.md')
-rw-r--r-- | docs/test_specs/csit-nat44ed-cps-spec.md | 499 |
1 files changed, 0 insertions, 499 deletions
diff --git a/docs/test_specs/csit-nat44ed-cps-spec.md b/docs/test_specs/csit-nat44ed-cps-spec.md deleted file mode 100644 index c39ba9eced..0000000000 --- a/docs/test_specs/csit-nat44ed-cps-spec.md +++ /dev/null @@ -1,499 +0,0 @@ -## Content - -<!-- MarkdownTOC autolink="true" --> - -- [Tests for NAT44ED](#tests-for-nat44ed) -- [CPS Test Objectives](#cps-test-objectives) -- [Input Parameters](#input-parameters) -- [Stateful traffic profiles](#stateful-traffic-profiles) -- [UDP CPS Tests](#udp-cps-tests) - - [UDP TRex Measurements](#udp-trex-measurements) - - [Counters](#counters) - - [Calculations](#calculations) - - [CPS-MRR](#cps-mrr) - - [CPS-PDR](#cps-pdr) - - [CPS-NDR](#cps-ndr) - - [UDP VPP Telemetry](#udp-vpp-telemetry) - - [Counters](#counters-1) - - [Errors](#errors) -- [TCP/IP CPS Tests](#tcpip-cps-tests) - - [TCP/IP TRex Measurements](#tcpip-trex-measurements) - - [Counters](#counters-2) - - [Calculations](#calculations-1) - - [CPS Trial PASS](#cps-trial-pass) - - [CPS-MRR](#cps-mrr-1) - - [CPS-PDR](#cps-pdr-1) - - [CPS-NDR](#cps-ndr-1) - - [TCP/IP VPP Telemetry](#tcpip-vpp-telemetry) - - [Counters](#counters-3) - - [Errors](#errors-1) - -<!-- /MarkdownTOC --> - -## Tests for NAT44ED - -Two types of stateful tests are developed for NAT44ED (source network address -and port translation IPv4 to IPv4 with 5-tuple session state): - -- Connections-Per-Second (CPS), discovering the maximum rate of creating - NAT44ED sessions. Measured separately for UDP and TCP connections and - for different session scale. - -- Packets-Per-Second (PPS), discovering the maximum rate of -simultaneously creating NAT44ED sessions and transfering bulk of data -packets across the corresponding connections. Measured separately for -UDP and TCP connections with different session scale and different data -packet sizes per each connection. Current code is using 64B only for UDP -and default MSS 1460B for TCP/IP. - -This note describes CPS tests. - -## CPS Test Objectives - -Discover DUT's highest sustain rate of creating fully functional NAT44ED -5-tuple stateful session entries. Session entry is considered fully -functional, if packets associated with this entry are NAT44ED processed -by DUT and forwarded in both directions without loss. - -Similarly to packet throughput tests, three CPS rates are discovered: - -- CPS-MRR, verified connection rate at maximal connection attempt rate, - regardless of an amount of not established connections. (Connections - per Second - Maximum Receive Rate.) -- CPS-NDR, maximal connection attempt rate at which all connections get - established. (Connections per Second - Non Drop Rate.) -- CPS-PDR, maximal connection attempt rate at which ratio of not - established connections to attempted connections is below configured - threshold. (Connections per Second - Partial Drop Rate.) - -## Input Parameters - -- `max_cps_rate`, maximum rate of attempting connections, to be used by - traffic generator, limited by traffic generator capabilities, Ethernet - link(s) rate and NIC model. -- `min_cps_rate`, minimum rate of establishing connections to be used for - measurements. Search fails if lower transmit rate needs to be used to - meet search criteria. -- `target_session_number`, maximum number of sessions to be established and - tested. -- `target_loss_ratio`, maximum acceptable connections loss ratio search - criteria for PDR measurements with UDP tests. Indicates packet drop - impact on connection establishment rate. -- `final_relative_width`, required measurement resolution expressed as - (lower_bound, upper_bound) interval width relative to upper_bound. -- stateful traffic profiles, TRex ASTF program defining the connection - per L4 protocol tested (TCP, UDP), including connect and - close sequence. - -## Stateful traffic profiles - -TRex ASTF program defines following TCP and UDP transactions for -discovering NAT44ED CPS limits: - -- CPS with TCP - - connect(syn,syn-ack,ack) - - pkts client tx 2, rx 1 - - pkts server tx 1, rx 2 - - delay (note: optional, currently not implemented) - - no packets - - close(fin,fin-ack,ack,ack) - - pkts client tx 2, rx 2 - - pkts server tx 1, rx 2 -- CPS with UDP - - connect_and_close(req,ack) - - pkts client tx 1, rx 1 - - pkts server tx 1, rx 1 - -TRex ASTF program configuration parameters: - -- `limit` of connections, set to `target_session_number`. -- `multiplier`, represents `trial_cps_rate`, a number of connections per - second to be executed per trial. Multiplier applies to connect phases. - Close phases occur automatically based on arrival of the last packet - expected per session. -- IPv4 source and destination address and port ranges matching the - limit of connections. - - Source and destination addresses changing packet-by-packet with two - separate profiles i) incrementing sequentially pair-wise - (implemented) and ii) changed randomly (with seed) pair-wise (not - implemented yet). - - Source port changing randomly within the range. -- `trial_duration`, function of `target_session_number` and `multiplier` - - `multiplier`, subject of the search, value in the range (`min_cps_rate`,`max_cps_rate`) - - `target_setup_duration` = `target_session_number` / `trial_cps_rate` - - For UDP: - - `trial_duration` = `target_setup_duration` + `late_traffic_start_correction` - - `late_traffic_start_correction` = 0.1115 seconds (hardcoded for now) - - For TCP: - - `trial_duration` = 2 * `target_setup_duration` + `late_traffic_start_correction` - - `late_traffic_start_correction` = 0.1115 seconds (hardcoded for now) - -## UDP CPS Tests - -### UDP TRex Measurements - -#### Counters - -Following TRex ASTF counters are collected by UDP CPS tests for automated -results evaluation (r) and debugging purposes (d): - -- Interface 1 Client - - (r) `opackets`, TRex UDP transaction start - - (r) `ipackets`, TRex UDP transaction finish -- Interface 2 Server - - (d) `opackets` - - (d) `ipackets` -- Traffic Client - - (d) `m_active_flows` - - (d) `m_est_flows` - - (d) `m_traffic_duration`, includes TRex ramp-up overhead, and it can - be quite far from the actual traffic duration - - (d) `udps_connects` - - (d) `udps_closed` - - (d) `udps_sndbyte` - - (d) `udps_sndpkt` - - (d) `udps_rcvbyte` - - (d) `udps_rcvpkt` - - (d) `udps_keepdrops`, TRex out of capacity, dropping UDP KAs(?) -<!-- -Vratko Polak: Yes, although the traffic profile should have set large -enough keepalive value so zero KA packets are actually sent within the -trial. I did not actually check the value is large enough for the worst -case (ndrpdr search hitting min multiplier of 9001). ---> - - (d) `err_rx_throttled`, TRex out of capacity, throttling workers due - to Rx overload(?) -<!-- -Vratko Polak: I think this is TRex receiving the packet on L2 level, but -then dropping it because L7 buffers are full. Such packet increases -ipackets, but does not increase any L7 counter (even if traffic profile -wants to receive that packet). But this is just me guessing. TRex docs -say "rx thread was throttled due too many packets in NIC rx queue", and -I did no experiments/investigation to confirm my hypothesis fits with -the observed counters. ---> - - (d) `err_c_nf_throttled`, Number of client side flows that were not - opened due to flow-table overflow(?) - - (d) `err_flow_overflow`, too many flows(?) -- Traffic Server - - (d) `m_active_flows` - - (d) `m_est_flows` - - (r) `m_traffic_duration` - - (d) `udps_accepts` - - (d) `udps_closed` - - (d) `udps_sndbyte` - - (d) `udps_sndpkt` - - (d) `udps_rcvbyte` - - (d) `udps_rcvpkt` - - (d) `err_rx_throttled`, TRex out of capacity, throttling workers due - to Rx overload(?) - -[TRex ASTF counters reference](https://trex-tgn.cisco.com/trex/doc/trex_astf.html#_counters_reference). - -TRex counters are polled once TRex confirms traffic is stopped, after it -is explicitly instructed to stop it. Early attempts to use periodic TRex -counter polling affected TRex behaviour and test results, hence counter -polling is consider as invasive. - -#### Calculations - -- Interface packet loss - - pktloss_ratio = (c_opackets - c_ipackets) / c_opackets -- UDP session packet loss (currently not used) -- UDP session byte loss (currently not used) -- UDP session integrity (currently not used) - -#### CPS-MRR - -Reported MRR values are calculated as follows: - -CPS-MRR = `c_ipackets` / `s_traffic_duration`, where -`s_traffic_duration` = TRex Traffic Server `m_traffic_duration`. - -In order to ensure a determnistic region of TRex ASTF operation, a -separate set of tests is run for each traffic profile, with vpp-ip4base -DUT instead of vpp-nat44ed, to auto-discover the maximum rate TRex ASTF -traffic profile is capable of. Result of this test is used as a side -reference to compare with the results of NAT44ed CPS-MRR tests. - -#### CPS-PDR - -CPS-PDR values are discovered using MLRsearch, a binary search optimized -for the overall test duration. - -CPS-PDR = max(`trial_cps_rate`) found for `pktloss_ratio` < -`target_loss_ratio`, according to MLRsearch criteria for PDR. - -Measurements to be reported in the CPS-PDR result test message: - -- PDR_LOWER - -#### CPS-NDR - -CPS-NDR values are also discovered using MLRsearch. - -CPS-NDR = max(`trial_cps_rate`) found for `pktloss_ratio` = 0, according -to MLRsearch criteria for PDR. - -Measurements to be reported in the CPS-NDR result test message: - -- NDR_LOWER - -### UDP VPP Telemetry - -#### Counters - -- VPP show nat44 summary - - ``` - max translations per thread: 81920 - max translations per user: 81920 - total timed out sessions: 0 - total sessions: 64514 - total tcp sessions: 0 - total tcp established sessions: 0 - total tcp transitory sessions: 0 - total tcp transitory (WAIT-CLOSED) sessions: 0 - total tcp transitory (CLOSED) sessions: 0 - total udp sessions: 64514 - total icmp sessions: 0 - ``` - -- VPP show interface - - ``` - show hardware verbose (10.30.51.54 - /run/vpp/api.sock): - Name Idx Link Hardware - avf-0/3b/2/0 1 up avf-0/3b/2/0 - Link speed: 25 Gbps - Ethernet address 3c:fe:bd:f9:00:00 - flags: initialized admin-up vaddr-dma link-up rx-interrupts - offload features: l2 vlan rx-polling rss-pf - num-queue-pairs 3 max-vectors 5 max-mtu 0 rss-key-size 52 rss-lut-size 64 - speed - stats: - rx bytes 69368896 - rx unicast 135301620 - rx discards 94585780 - tx bytes 2401281120 - tx unicast 40021352 - avf-0/3b/a/0 2 up avf-0/3b/a/0 - Link speed: 25 Gbps - Ethernet address 3c:fe:bd:f9:01:00 - flags: initialized admin-up vaddr-dma link-up rx-interrupts - offload features: l2 vlan rx-polling rss-pf - num-queue-pairs 3 max-vectors 5 max-mtu 0 rss-key-size 52 rss-lut-size 64 - speed - stats: - rx bytes 40912192 - rx unicast 134856987 - rx discards 94835635 - tx bytes 2442955680 - tx unicast 40715928 - ``` - -- VPP show runtime - - ``` - Thread 1 vpp_wk_0 (lcore 2) - Time 21.5, 10 sec internal node vector rate 0.00 loops/sec 6740197.88 - vector rates in 4.2183e3, out 3.7118e3, drop 0.0000e0, punt 0.0000e0 - Name State Calls Vectors Suspends Clocks Vectors/Call - avf-0/3b/2/0-output active 277 34387 0 1.96e1 124.14 - avf-0/3b/2/0-tx active 277 34387 0 3.54e1 124.14 - avf-0/3b/a/0-output active 380 45245 0 1.92e1 119.07 - avf-0/3b/a/0-tx active 380 45245 0 3.36e1 119.07 - avf-input polling 144384995 90499 0 3.03e5 0.00 - ethernet-input active 381 90499 0 1.91e1 237.53 - ip4-input-no-checksum active 381 90499 0 4.94e1 237.53 - ip4-lookup active 521 79632 0 3.76e1 152.84 - ip4-rewrite active 521 79632 0 4.19e1 152.84 - ip4-sv-reassembly-feature active 381 90499 0 3.78e1 237.53 - nat44-ed-in2out active 380 45245 0 1.98e2 119.07 - nat44-ed-in2out-slowpath active 380 45245 0 2.31e3 119.07 - nat44-ed-out2in active 277 34387 0 1.89e2 124.14 - nat44-in2out-worker-handoff active 381 90499 0 9.42e1 237.53 - unix-epoll-input polling 140863 0 0 1.61e3 0.00 - --------------- - Thread 2 vpp_wk_1 (lcore 58) - Time 21.5, 10 sec internal node vector rate 0.00 loops/sec 6733488.17 - vector rates in 3.3365e3, out 3.5604e3, drop 0.0000e0, punt 0.0000e0 - Name State Calls Vectors Suspends Clocks Vectors/Call - avf-0/3b/2/0-output active 276 31129 0 2.03e1 112.79 - avf-0/3b/2/0-tx active 276 31129 0 3.63e1 112.79 - avf-0/3b/a/0-output active 332 45254 0 1.87e1 136.31 - avf-0/3b/a/0-tx active 332 45254 0 3.48e1 136.31 - avf-input polling 166439403 71581 0 4.42e5 0.00 - ethernet-input active 277 65516 0 1.89e1 236.52 - ip4-input-no-checksum active 277 65516 0 4.95e1 236.52 - ip4-lookup active 455 76383 0 3.75e1 167.87 - ip4-rewrite active 455 76383 0 4.20e1 167.87 - ip4-sv-reassembly-feature active 277 65516 0 3.85e1 236.52 - nat44-ed-in2out active 377 45254 0 1.97e2 120.04 - nat44-ed-in2out-slowpath active 332 45254 0 2.39e3 136.31 - nat44-ed-out2in active 276 31129 0 1.83e2 112.79 - nat44-out2in-worker-handoff active 277 65516 0 2.17e2 236.52 - unix-epoll-input polling 140817 0 0 1.60e3 0.00 - ``` - -#### Errors - -- VPP show errors - - ``` - Count Node Reason - 32258 nat44-in2out-worker-handoff same worker - 32256 nat44-in2out-worker-handoff do handoff - 32258 nat44-ed-out2in good out2in packets processed - 32258 nat44-ed-out2in UDP packets - 32258 nat44-ed-in2out-slowpath good in2out packets processed - 32258 nat44-ed-in2out-slowpath UDP packets - 32256 nat44-out2in-worker-handoff same worker - 32258 nat44-out2in-worker-handoff do handoff - 32256 nat44-ed-out2in good out2in packets processed - 32256 nat44-ed-out2in UDP packets - 32256 nat44-ed-in2out-slowpath good in2out packets processed - 32256 nat44-ed-in2out-slowpath UDP packets - ``` - -## TCP/IP CPS Tests - -### TCP/IP TRex Measurements - -#### Counters - -Following TRex ASTF counters are collected by UDP CPS tests for automated -results evaluation (r) and debugging purposes (d): - -- Interface 1 Client - - (d) `opackets` - - (d) `packets` -- Interface 2 Server - - (d) `opackets` - - (d) `packets` -- Traffic Client - - (d) `m_active_flows` - - (d) `m_est_flows` - - (d) `m_traffic_duration` - - (r) `tcps_connattempt` - - (d) `tcps_connects` - - (d) `tcps_closed` -- Traffic Server - - (d) `m_active_flows` - - (d) `m_est_flows` - - (r) `m_traffic_duration` - - (d) `tcps_accepts` - - (r) `tcps_connects` - - (d) `tcps_closed` - - (d) `err_no_template`, server can’t match L7 template no destination port or IP range - -[TRex ASTF counters reference](https://trex-tgn.cisco.com/trex/doc/trex_astf.html#_counters_reference). - -TRex counters are polled only once by CSIT after traffic is stopped. - -#### Calculations - -TODO WIP Note: Currently s_tcp_connects is used for counting successful -sessions. But now I am not sure whether it is correct, as already -c_tcps_connects counts NAT sessions that got established (even though -TCP is not fully connected yet). Not sure how the counters behave when -the third packet is lost and retransmitted. - -- Interface packet loss - - `pktloss_c_s` = `c_opackets` - `s_ipackets` - - `pktloss_s_c` = `s_opackets` - `c_ipackets` - - `pktloss_ratio` = (`pktloss_s_c` + `pktloss_c_s`) / (`c_opackets` + `s_opackets`) -- TCP session integrity - - `tcp_attempted_connection_count` = `c_tcps_connattempt` - - `tcp_failed_connection_count` = `c_tcps_connects` - `c_tcps_connattempt` - -#### CPS Trial PASS - -TODO WIP Note: Currently any trial measurement fails only if TRex itself -fails, or if we fail to parse some counter. No criteria mentioned here -is currently planned to be implemented; we rely on bad things leading to -too few (maybe zero) passed transactions. - -<!-- -PASS of TCP CPS test trial is conditioned on all of the following criteria being met: - -- PASS-C1 TRex must attempt all configured `target_session_number` in `target_setup_duration` time - - IOW TRex must send connect packets at configured `trial_cps_rate`. -- PASS-C2 Following TRex errors ARE NOT recorded in Target-Counters: - - Traffic Client - - No errors recorded so far - - Traffic Server - - `err_no_template`, server can’t match L7 template no destination port or IP range ---> - -#### CPS-MRR - -Reported MRR values are equal to the following TRex counters from Target-Counters: -- `c_m_est_flows` -- `s_m_est_flows` - -TODO Add description of separate set of tests for discovering a **safe** -CPS-MTR value (Maximum Transmit Rate) for TRex, where TRex errors **are not** -observed in Target-Counters. - -#### CPS-PDR - -CPS-PDR values are discovered using MLRsearch, a binary search optimized -for the overall test duration. - -CPS-PDR = `trial_cps_rate`, if all of the following conditions are met: - -- `tcp_failed_connection_count` < `target_loss_ratio` -- `pktloss_ratio` < `target_loss_ratio` - -Measurements to be reported in the CPS-PDR result test message: - -- `trial_cps_rate` -- `c_m_est_flows` -- `s_m_est_flows` - -#### CPS-NDR - -CPS-NDR values are discovered using MLRsearch, a binary search optimized -for the overall test duration. - -CPS-NDR = `trial_cps_rate`, if all of the following conditions are met: - -- `tcp_failed_connection_count` = 0 -- `pktloss_ratio` = 0 - -Measurements to be reported in the CPS-PDR result test message: - -- `trial_cps_rate` -- `c_m_est_flows` -- `s_m_est_flows` - -### TCP/IP VPP Telemetry - -#### Counters - -- VPP show nat44 summary - - ``` - <TODO add sample output> - ``` - -- VPP show interface - - ``` - <TODO add sample output> - ``` - -- VPP show runtime - - ``` - <TODO add sample output> - ``` - -#### Errors - -- VPP show errors - - ``` - <TODO add sample output> - ```
\ No newline at end of file |