Performance test of LAN switch interface in Flight Tower firewall
United States flight Tower Fortinet Firewall, the default intranet interface type is hardware exchange, all intranet interfaces share a gateway, the intranet interface allows mutual access, here will be two notes A, B access to the 13, 14 ports to be tested. Notebook A's intranet IP address is set to 10.0.1.28, and the intranet IP address of notebook B is set to 10.0.1.38.
Because the interface is a hardware switching mode, only the hardware part of the test interface, the firewall function is not involved.
Before testing, two notebooks ping each other's IP address, make sure to ping, if not, check the network physical connection, shut down the software firewall on the computer.
① Start the Ixchariot program, click the Add Pair icon to add a pair of tests;
② input test name, enter the sender IP in Endpoint 1, enter the IP address of notebook A, enter the receiver IP in the Endpoint 2, enter the IP address of note b, and then select the script;
③ixchariot has prepared multiple scripts, scripts can be modified to meet the test needs, here we choose throughput Throughput test script;
④ input Good IP, choose a good script, built well;
⑤ Click Run the villain icon, start testing;
⑥, and so on, the problem appears in the notebook A, the original in the installation of Ixchariot control program we did not install the endpoint, because the endpoint version is relatively low, and will error, in Computer A We also installed Endpoint 7.1 version;
⑦ok, the appearance of the test image, but only a short time, the test stopped, because we chose the script test file length is relatively small, and soon finished;
⑧ after stopping the test, the mouse double-click to create the pair bar, edit the interface options editing script;
⑨ we see the script, the file size is 100000 bytes, double-click the file size bar;
⑩ Here we change the file size to 10M
? This test can be seen, the transmission of 10M files, also used for 8.6 seconds, because the notebook is a gigabit network card, measured throughput of 93.699 Mbps;
? The test time is still too short, can cycle test it? Select the Run menu settings run option;
? The default is any one pair test end stop, here we will run time modified to 5 minutes, later can be based on testing requirements to increase the testing time;
? Run again, this test shipped 5 minutes before the end, the data obtained closer to the real level;
? The test, just test the notebook a packet to the notebook B, then you can reverse test notebook B package to notebook A, on the pair bar right mouse button, select Copy, Paster, copy a pair;
? This will get two pair, on one of the mouse double-click;
? Modify the IP address, the two IP address to exchange a bit;
? When you test again, you can see the test results of the laptop A and B packets.
? Open the Task Manager for notebook B to see high usage of the NIC when testing
Interface performance test of different network segments in flight Tower firewall
Flight Tower Firewall default all the intranet interface is hardware exchange, here we release 13, 142 ports, two ports set different IP address segment, in order to allow two interface different network segment of the visits, need to establish two policies, the final result, The notebook AIP address is changed to 10.0.2.38, then firewall 13, notebook B's IP address changed to 10.0.3.38, and then the firewall 14 interface.
① Edit Firewall Intranet internal interface, on the physical interface members of the fork, release interface;
② set the Released 13, 14 Port IP address, this can not be the same network segment;
③ new policy, allow 13 port access to 14 ports, because it is intranet access, so NAT is not enabled;
④ also establishes 14 ports to allow access to the 13 port policy;
⑤ Notebook A Access 13 port, the IP address is changed to 10.0.2.38, the notebook B access 14 port, the IP address is changed to 10.0.3.38, ping each other IP, can ping to explain the effect of the firewall strategy;
⑥ the same environment test results can be seen, through the firewall policy and not through the firewall policy, the difference seems to be small;
⑦ in order to get more accurate data, you can copy more than one pair, so that each pair of data, combined to get the total data, more accurate.
Firewall Network Performance test-(2) network performance test between intranet ports