Proxy ARP performance

PeterUK
PeterUK Posts: 3,326  Guru Member
100 Answers 2500 Comments Friend Collector Seventh Anniversary
edited April 2021 in Security

Ok so I know that its going to be slower then a switch network but the CPU is only hitting 30% when running a big file copy using MS file and printer sharing getting about 244Mb transfer.

So I was thinking is the reason for this to do with the ZyWALL 110 Cavium CN6230 quad-core 1GHz CPU and how threads are handled so that traffic sending can only be handled by one core and not across all cores?

All Replies

  • Zyxel_Vic
    Zyxel_Vic Posts: 281  Zyxel Employee
    25 Answers First Comment Friend Collector Seventh Anniversary
    @PeterUK
    If the case is one session transmission(the same src IP/port and dst IP/port), it will keep running on a core. However, when running the test with multiple sessions , you will be able to see the multiple core handling the transmission.


  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Are you sure its src IP/port and dst IP/port and not src IP and dst IP ? Tried running three sessions and the limit did not change.

    thanks
  • Zyxel_Vic
    Zyxel_Vic Posts: 281  Zyxel Employee
    25 Answers First Comment Friend Collector Seventh Anniversary
    Hi @PeterUK
    Can you share with us how did you check the cpu core loading by GUI or? From the GUI or CLI, to realize the actual core usage, you can use:
    Router# show cpu all

    In addition, I'm also wondering that did you turned on all the UTM functions on the device (eg anti-virus, app patrol, content filter...etc) since the UTM functions may also affect the traffic.
  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    I have non of the UTM functions on (eg anti-virus, app patrol, content filter...etc)

    I'm checking the bandwidth with task manager and copy and paste one big file at a time for their to be three sessions

    This is the output of Router# show cpu all when running three sessions:

    CPU core 0 utilization: 19 %

    CPU core 0 utilization for 1 min: 15 %

    CPU core 0 utilization for 5 min: 3 %

    CPU core 1 utilization: 0 %

    CPU core 1 utilization for 1 min: 0 %

    CPU core 1 utilization for 5 min: 1 %

    CPU core 2 utilization: 100 %

    CPU core 2 utilization for 1 min: 92 %

    CPU core 2 utilization for 5 min: 20 %

    CPU core 3 utilization: 0 %

    CPU core 3 utilization for 1 min: 0 %

    CPU core 3 utilization for 5 min: 1 %


  • Zyxel_Vic
    Zyxel_Vic Posts: 281  Zyxel Employee
    25 Answers First Comment Friend Collector Seventh Anniversary
    Hi @PeterUK
    We just used the iPerf to check the throughput and as you can see the loading was separated to different cores. For your reference.



    //PC1 iperf client
    d:\>iperf3.exe -c 192.168.101.33 -p 9997 -t 120
    d:\>iperf3.exe -c 192.168.101.33 -p 9998 -t 120

    //PC2 iperf server
    c:\>iperf3.exe -s  -p 9998 -i 5 -V
    c:\>iperf3.exe -s -p 9997 -i 5 -V

    //USG console 
    Router> show cpu all
    CPU core 0 utilization: 25 %
    CPU core 0 utilization for 1 min: 26 %
    CPU core 0 utilization for 5 min: 12 %
    CPU core 1 utilization: 0 %
    CPU core 1 utilization for 1 min: 0 %
    CPU core 1 utilization for 5 min: 2 %
    CPU core 2 utilization: 20 %
    CPU core 2 utilization for 1 min: 24 %
    CPU core 2 utilization for 5 min: 21 %
    CPU core 3 utilization: 0 %
    CPU core 3 utilization for 1 min: 0 %
    CPU core 3 utilization for 5 min: 0 %
  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Well its not doing it for TCP and MS file and printer sharing.


  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited October 2018

    Ok found the answer with Tcpview it turns out to be a limitation with MS file and printer sharing you would think doing copy and paste one big file at a time for their to be three sessions would mean a new connection per src port to port 445 but no it does not.


  • Zyxel_Vic
    Zyxel_Vic Posts: 281  Zyxel Employee
    25 Answers First Comment Friend Collector Seventh Anniversary
    Hi @PeterUK
    Thank you for the information sharing. Do you mean that when doing multiple MS file sharing & printer, all the actions will actually share the same src IP/Port dst IP/Port?
  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    When I copy and paste one big file at a time each it shares the same src IP/Port dst IP/Port.

Security Highlight