Candela Technologies Logo
Network Testing and Emulation Solutions

Multiple Thousands of TCP Connections

Goal: Set up and run traffic on multiple thousands of stateful TCP connections.

As of LANforge release version 5.1.4, LANforge-FIRE has the capability to create multiple thousands of TCP connections using only two ports on one Layer-3 connection that can all run simultaneously and in a stateful manner. This feature can be used to test connection state aware devices such as firewalls, stateful packet inspection systems and intrusion detection/prevention systems.

The upper limit of the total number of concurrent connections is determined by the processor speed and total memory available on the system running the LANforge software. In addition, the packet rate and payload size of each connection will also affect performance.

NOTE: If you are attempting to run this test scenario, you will need a LANforge license key that enables the correct number of multi-connections. Please contact us at for assistance.

  1. For this example, two physical ports on a single LANforge system are connected together.
  2. Set up the LANforge ports so that they have valid IP addresses and IP masks.
    1. Using the LANforge GUI, go to the Port Manager tab. screenshot
    2. Assign IP addresses and masks to the two ports. screenshot
    3. Verify the port configuration. screenshot

    For more information see LANforge User's Guide: Ports (Interfaces)

  3. Set up a Layer-3 Multi-Conn TCP connection.
    1. Go to the Layer-3 tab, and select the Create button. screenshot
    2. For Endpoint A, type in a name in the CX Name field, choose a CX Type of 'LANforge/TCP', choose the correct ports and set the Report Timer to 'fast (1 s)'. screenshot
    3. Set the Min Tx Rate on both Endpoints A and B to '9.6Kbps'. Leave the Max Tx Rate on both set to 'Same'. screenshot
      1. NOTE: Higher speeds and/or bursty transmit rates will require more memory to process per connection.
    4. Set the Min PDU Size on both Endpoints A and B to '1024B'. Leave the Max PDU Size on both set to 'Same'. screenshot
      1. NOTE: Larger packet sizes will use more memory, smaller packet sizes will require more CPU processing time.
    5. Set Min IP Port to 0 (zero) on Endpoint A. Leave the Min IP Port on Endpoint B set to AUTO. screenshot
      1. Leaving Min IP Port on AUTO would make connections very slow to reconnect due to IP port re-use issues. Multi-conn may not work at all with a fixed IP port.
    6. Leave the Min Duration set to Forever and Max Duration set to Same for both endpoints, unless you want each of the multiple TCP connections to teardown and restart after a specified duration. screenshot
    7. For Endpoint A, set the Multi-Conn to the desired number of multiple TCP connections. screenshot
      1. You can type in any value that your license allows here or choose one from the drop down box. The recommended approach is to create a new Multi-Conn connection for every 5000 connections.
    8. For Endpoint B, set the Multi-Conn to one, then select OK to create the connection. screenshot
      1. Endpoint B is the 'server' side of the TCP connection, therefore it is only necessary to have one Multi-Conn set up on Endpoint B to reply to all of the Endpoint A TCP SYN packets when the 5000 connections are being established.

    For more information see LANforge User's Guide: Creating & Modifying Cross Connects

  4. Create 5 more Layer-3 Multi-Conn TCP connections.
    1. On the Layer-3 tab, highlight the first connection created in the previous step and select Modify. screenshot
    2. Select the Batch-Create button. screenshot
    3. Set the Quantity to 5, and set Port Increment A and Port Increment B to 0 (zero) screenshot
    4. Select the Apply button.
    5. Verify that six Multi-Conn TCP connections were created. screenshot

    For more information see LANforge User's Guide: Layer-3 Endpoints (FIRE)

  5. Run traffic and verify results.
    1. Highlight all six connections. screenshot
    2. Select the Start button screenshot
    3. Go to the L3 Endps tab to verify that all 30,000 connections are running. screenshot
    4. Or, go to the Port Mgr tab, and sniff one of the ports while the Multi-Conn TCP connections are running. screenshot
      1. NOTE: You will need a lot of memory to run a Wireshark capture on 30,000 connections. It is probably best to stop all connections, set up the Wireshark capture, start all connections and let them run for 30 seconds to 1 minute before stopping them all, then stop the Wireshark capture and wait for it to process all those packets!
    5. After the Wireshark capture is complete, go to Statistics - Conversations to allow Wireshark to analyze the conversations and show that all 30,000 connections were captured. This will take some time to complete depending on the size of the capture. screenshot

    For more information see LANforge User's Guide: Layer-3 Endpoints (FIRE)

Candela  Technologies, 2417 Main Street, Suite 201, Ferndale, WA 98248, USA | | +1.360.380.1618
Facebook | LinkedIn | Blog