testing network throughput with iperf
iPerf is an excellent open source tool, for testing the throughput between to points on a network. This is not really related to IT Security, but I periodically like to test my network to make sure everything is operating as it should be. Recently, I have made some upgrades to my home network; pulling a new network drop and installing a new switch for the entertainment center devices. It’s been a few years since I have had to wire up anything and I wanted to make sure the new segment is performing correctly, enter iPerf.
iPerf operates in a client/server model, in order to test a network segment correctly; you will need two machines, one on each side of the segment to be tested. Keep in mind, to do this correctly there should be no other network traffic on the segment being tested.
I will continue to use my home network in this example, beginning with a brief explanation of the physical layout of my test. I created a new vlan for the new segment, while I am testing it. I assigned 2 ports on the main switch to the new vlan, one for the line to the new switch and one for my iPerf server (old Apple G4 running Debian PPC). The client on the far side of the segment is the mac mini that I use as a media center.
Once you have determined the best way to position your client/server for testing, you will need to install iPerf, which can be done via any package management system (apt-get, pkg_add, etc) or downloaded and compiled from the projects SourceForge page located here. I downloaded the precompiled binary for OSX and scp’ed it to my mac mini, the debian server already had it installed (previous tests).
The iPerf server, for basic testing is very easy to configure and is done all by command line arguments.
For the scope of my first test, I used a very simple server configuration:
# iperf –server –port xxxx
where –server (or -s) tells iperf to run as a server, and –port (or -p) tells it which port to listen on
The client configuration is a little more complex, but if you have even the most basic understand of IP networking, it’s straight forward.
Again, for the first test, another very simple configuration:
3 iPerf –client xx.xx.xx.xx –port xxxx
where –client tells iPerf to run as a client and the IP of the server is xx.xx.xx.xx, and –port is the listening port you defined on the server.
As a side note, you do not need to define a port on ether side if you do not want to, they will default to port 5001. I had to define a port different then the default, because of network requirements.
Using the above method for testing a network segment, isn’t going to produce any real in-depth results, but it will indicate if iPerf is communicating across the wire correctly. In my case, I am using all 100Mbit wiring and switches and the results I received to are as follows:
Client:
————————————————————
Client connecting to 10.0.0.4, TCP port 4000
TCP window size: 16.0 KByte (default)
————————————————————
[ 3] local 10.0.0.6 port 33259 connected with 10.0.0.4 port 4000
[ 3] 0.0-10.0 sec 113 MBytes 94.6 Mbits/sec
Once the initial test has completed and you are confident that iPerf is performing as expected, you should be ready for some more intensive testing.
There are many options to choose from, all of them dependent on the type of test you wish to run across the segment. Within the scope of my needs, I want to see how much raw data I can push before the segment becomes saturated and drops packets.
I only made some slight changes to the server arguments, as the client is the one doing the work.
Server:
# iperf –server –port 4000 –window 65535 –nodelay
The –window command allows you to define the TCP window size, which I set to its maximum possible value. The –nodelay option is used to set TCP no delay, which disables Nagle’s Algorithm. In other words, it tells iPerf to shove TCP data across the wire as quickly as possible, bypassing the standard TCP error checking.
Client:
# iperf –client 10.0.0.4 -p 4000 –nodelay –dualtest –parallel 5 –listenport 4001 –time 300
The –dualtest tells iPerf to perform a bidirectional test, which is good for testings synchronous data transfers, by default iPerf operates asynchronously. The next argument –parallel xx, is the number of parallel client threads to run. Which is a good way to simulate a large number of users on the network at one time. For my home network, simulating five users should be an accurate test for a real world scenario. When you perform a bidirectional test, the –listenport (or -L) is needed so that the client can receive data back from the server. Now, you will need to either define how long you want the test to run, as I did with –time xx, where xx is seconds. Translated to english, I told iPerf, to shove as much data across the wire, bidirectionally, simulating 5 users for five minutes, and not to bother with error checking.
The results of the example are as follows:
------------------------------------------------------------
Client connecting to 10.0.0.4, TCP port 4000
TCP window size: 78.9 KByte (default)
------------------------------------------------------------
[ 9] local 10.0.0.6 port 39729 connected with 10.0.0.4 port 4000
[ 3] local 10.0.0.6 port 39725 connected with 10.0.0.4 port 4000
[ 4] local 10.0.0.6 port 39726 connected with 10.0.0.4 port 4000
[ 5] local 10.0.0.6 port 39727 connected with 10.0.0.4 port 4000
[ 6] local 10.0.0.6 port 39728 connected with 10.0.0.4 port 4000
[ 10] local 10.0.0.6 port 40001 connected with 10.0.0.4 port 49311
[ 11] local 10.0.0.6 port 40001 connected with 10.0.0.4 port 49312
[ 12] local 10.0.0.6 port 40001 connected with 10.0.0.4 port 49313
[ 13] local 10.0.0.6 port 40001 connected with 10.0.0.4 port 49314
[ 11] 0.0-300.0 sec 180 MBytes 5.03 Mbits/sec
[ 6] 0.0-300.0 sec 542 MBytes 15.1 Mbits/sec
[ 9] 0.0-300.0 sec 592 MBytes 16.6 Mbits/sec
[ 4] 0.0-300.0 sec 717 MBytes 20.0 Mbits/sec
[ 12] 0.0-300.1 sec 173 MBytes 4.84 Mbits/sec
[ 13] 0.0-300.1 sec 185 MBytes 5.17 Mbits/sec
[ 8] 0.0-300.1 sec 186 MBytes 5.19 Mbits/sec
[ 10] 0.0-300.2 sec 173 MBytes 4.82 Mbits/sec
[ 11] 0.0-300.2 sec 896 MBytes 25.1 Mbits/sec
[ 3] 0.0-300.2 sec 493 MBytes 13.8 Mbits/sec
[ 5] 0.0-300.2 sec 687 MBytes 19.2 Mbits/sec
[SUM] 0.0-300.2 sec 2.96 GBytes 84.7 Mbits/sec
As you can see from the [SUM] entry, I was able to bidirectionally push 2.96GB of data with an average speed of 84.7 Mbits/sec.
Looks like my new network segment is performing as expected. This concludes a decent look into iPerf and a real world example of it’s use. I hope you enjoyed reading it, have fun and nerd it up.