Generating Traffic to a Firewall

1. On the Port Manager tab, set up the LANforge ports with valid IP addresses.
2. On the Layer-3 tab, create a UDP connection.
   
   1. Set Endpoint A to use the DUT WAN port.
   2. Set Endpoint B to use the DUT LAN port.
   3. Make sure CX Type is LANforge / UDP then select Apply.
3. Select the Script button to set up the scripting parameters.
   1. Set up the script to iterate over the rates.
   2. Specify the payload sizes to be tested.

   For more information see LANforge FIRE Cookbook example: Scripted Layer-3 Test

4. Highlight the connection and select the Start button.
5. The final test report shows the results of the test run. Here we can see that the DUT has the best bi-directional throughput with 1460Byte payloads at 24.9Mbps.

   For more information see Full script report for the UDP test.

1. On the Port Manager tab, create 5 MAC-VLANs on the LANforge port connected to the DUT LAN port.
2. Verify that the MAC-VLANs have correct IP addresses.
3. Create a Layer-3 connection that has a low-speed rate with Multi-Conn set to 10000 and Min IP Port to 0 (zero) on Endpoint-A. Multi-Conn should be set to 1 on Endpoint-B.
   1. Endpoint-A will be one of the MAC-VLANs and Endpoint-B will be the port connected to the DUT WAN port. This setup will initiate the TCP sessions from the LAN side of the DUT.
   2. Low-speed depends on the DUT, we could also set the rate to zero which would allow the TCP connections to be set up without payload data to be transmitted, but this would not give an accurate picture of the firewall performance. Here we are using 1Kbps connections with 1KB size payload.
   3. This is an iterative test, the number of TCP connections to use will depend on the DUT capabilities. Modify the number of connections as necessary to find the most accurate measurement.
   4. The DUT should be power-cycled to reset it before each test run.
4. Select the Batch-Create button to create 4 more copies of this connection each with a new MAC-VLAN port.
5. Highlight and start each set of 10000 connections until the target max simultaneous connections are running.
6. On the Layer-3 Endpoints tab, highlight the Running A-Side Endpoints, then right-click and select Calculations.
7. The top line, Sum, is what we are interested in for Maximum Concurrent TCP Connections.
8. Scroll right to the CX Active and CX Established columns and select the Refresh button. This DUT can maintain a maximum of 41,864 simultaneous TCP connections.
   1. CX Active is the metric we are attempting to measure for Maximum Simultaneous TCP Connections. It will fluctuate with the DUT's ability to maintain the number of active TCP connections.
   2. CX Established is the number of TCP connections LANforge has established since the start of the test. It will continue to increase as the DUT closes the TCP connections it cannot maintain.

1. Create a Layer-3 TCP connection with the Duration and IP Port set to zero.
2. Highlight and Start the connection.
3. View the CX-Estab/s rate on the Layer-3 Endpoints tab. This DUT can set up about 120 connections per second.

For more information see LANforge GUI User's Guide