REAL

Optimizing the Performance of the Iptables Stateful NAT44 Solution

Lencse, Gábor and Shima, Keiichi (2023) Optimizing the Performance of the Iptables Stateful NAT44 Solution. INFOCOMMUNICATIONS JOURNAL, 15 (1). pp. 55-63. ISSN 2061-2079

[img]
Preview
Text
InfocomJournal_2023_1_6.pdf - Published Version

Download (1MB) | Preview

Abstract

The stateful NAT44 performance of iptables is an important issue when it is used as a stateful NAT44 gateway of a CGN (Carrier-Grade NAT) system. The performance measurements of iptables published in research papers do not comply with the requirements of RFC 2544 and RFC 4814 and the usability of their results has serious limitations. Our Internet Draft has proposed a benchmarking methodology for stateful NATxy (x, y are in {4, 6}) gateways and made it possible to perform the classic RFC 2544 measurement procedures like throughput, latency, frame loss rate, etc. with stateful NATxy gateways using RFC 4814 pseudorandom port numbers. It has also defined new performance metrics specific to stateful testing to quantify the connection setup and connection tear down performance of stateful NATxy gateways. In our current paper, we examine how the performance of iptables depends on various settings, and also if certain tradeoffs exist. We measure the maximum connection establishment rate, throughput and tear down rate of iptables as well as its memory consumption as a function of hash table size always using 40 million connections. We disclose all measurement details and results. We recommend new settings that enable network operators to achieve significantly higher performance than using the traditional ones.

Item Type: Article
Uncontrolled Keywords: benchmarking, iptables, netfilter, optimization, performance, stateful NAT44
Subjects: H Social Sciences / társadalomtudományok > HE Transportation and Communications / Szállítás, hírközlés > HE2 Communications / hírközlés
Q Science / természettudomány > QA Mathematics / matematika > QA75 Electronic computers. Computer science / számítástechnika, számítógéptudomány
SWORD Depositor: MTMT SWORD
Depositing User: MTMT SWORD
Date Deposited: 11 May 2023 09:50
Last Modified: 11 May 2023 09:50
URI: http://real.mtak.hu/id/eprint/165205

Actions (login required)

Edit Item Edit Item