Measuring Latency in the UDM Pro MAX Firewall!
ฝัง
- เผยแพร่เมื่อ 10 ก.พ. 2025
- Let's take a crack at measuring the latency of the UDM Pro MAX firewall as well as some switching gear using PTP!
For more about PTP check out this great video from Jeff Geerling:
• Nanosecond clock sync ...
The previous video I did about bandwidth:
• HOMELAB: Can we MAX ou...
It warms my heart seeing snippets of the wrx you have.
Thank you for this video! I could listen to you for hours. The explanation of the entire measurement process is excellent. It helped me a lot-I also experiment with similar tests. Thanks for the video, and best of luck!
Great video and testing with that setup. As you mentioned there are similar things that can be done using network tap´s. Quite a few years ago when 10G Cut-Through switches were first coming out we needed to accurately measure latency to compare the performance of different switches and to see if port-to-port latency on each switch was consistent no matter the port combinations. At the time the best results we got were using passive optical tap´s, connect to the device under test with two fibers and send traffic through the device in and out of the fiber links. Then tap both fiber links. We then used an Endace DAG card that was quite new at the time, the card was able to combine it´s 10G ports into one "capture buffer" and it supported very accurate time sync with with PTP and PPS feed. We could then run a capture on the machine with the Endace card and see both packets the one coming into the switch and the one going out in the same capture with very high timestamp accuracy. That give quite good results and it´s always fun playing with hardware in creative ways :)
Thank you so much for this!
Very cool measurements! Also very fast, was not expecting the gateway to be able to do that sort of stuff in under 100 μs, was fully expecting an order of magnitude slower. Yet again I never knew about that trick of sending multiple packets in quick succession, sure enough doing it myself yields 94 instead of 300 μs average RTT (across a SG3218XP-M2 switch).
I think it would also be interesting to include IPv6 tests, is it higher latency because it's more complex or is it lower latency because there's no NAT? (my expectation is 'it highly depends on the hardware')
Sharing is caring ;)!
Would be interesting to see how an L3 switch would improve (or not) VLAN to VLAN latency by the way.
Yes , I will be measuring that next.
Btw. ping as a normal user (no root) will give you an error when using a zero interval: cannot flood, minimal interval for user must be >= 2 ms. A simple workaround is to use sudo or become the root user.
I've been wanting to get into IT for awhile. Is Code necessary to learn with IT? I enjoy taking things apart and overall digging into IT things with networking whatnot. What could I do to get into something like that?
Coding not required. But you will find that if you know scripting, like bash, powershell, dealing with formatted config files, etc, you will stand out.
Network engineer checking in. The level of coding entirely depends on what flavor of IT you want to go into. This video is firmly in the world of network engineering. The only coding I do is to automate tasks and make my life easier. I've got some python, powershell, and anisble skills to make that happen. When you're at the scale of like 10,000 + clients/devices, having good automation skills becomes more and more necessary. It might be easy to set a vlan on a few ports quickly, but automation will do it on 20,000 ports with much less headache. The command line of most switches/networking is kinda like it's own language, but i found it much easier to learn than a whole coding language.
Thankfully the coding side isn't really needed to start in networking, especially for a home lab setup.
Could share your script to measure latency ? Thanks :)
Yes please.. :)