IxLoad and NAT

    When using NAT the IP seen/used in public is not the  one actually configured  in your private network.

I am going to  present here 3  particular cases so you will understand what needs to be configured in IxLoad in order to accommodate them. 

For all this  cases the client and the server  are emulated by IxLoad and the NAT is performed by  your DUT.

For easy reference I will use the  following IPs

client IP =10.1.1.1

server IP = 10.2.2.2

client  public IP ( when NAT is used)= 1.1.1.1

server public IP ( when NAT is used)= 2.2.2.2

-----------------------------------------------------------------------------------

Case 1: Client is behind NAT  and   the server is not NATed.

Client private IP= 10.1.1.1

Client public IP= 1.1.1.1

Server IP=  10.2.2.2

-----------------------------------------------------------------------------------

When the packet leaves the client is has the following IPs:

IP source=10.1.1.1

IP destination= 10.2.2.2

When the packet reaches the  server it has the  following IPs:

IP source= Client Public IP=1.1.1.1

IP destination= 10.2.2.2

***Our server emulations will reply to packets coming from any source ( not neceseraly the one configured on the client)

-----------------------------------------------------------------------------------

In IxLoad you should use the following :

Client range = 10.1.1.1

Server range = 10.2.2.2

***you do not need a DUT

Point the IxLoad client  activity directly to the server activity

-----------------------------------------------------------------------------------

-----------------------------------------------------------------------------------

Case 2: Client is not NATed and Server is behind NAT

Client IP=10.1.1.1

Server Private IP= 10.2.2.2

Server Public IP= 2.2.2.2

-----------------------------------------------------------------------------------

When the packet leaves the client it has the following IPs:

IP source=10.1.1.1

IP destination=2.2.2.2

When the packet reaches the  server it has the  following IPs:

IP source=Client IP= 10.1.1.1

IP destination= 10.2.2.2

***Our server emulations will reply to packets coming from any source ( not necessarily the one configured on the client)

-----------------------------------------------------------------------------------

In IxLoad you should use the following :

Client Activity range = 10.1.1.1

Server Activity range = 10.2.2.2

DUT  IP = 2.2.2.2 

Point the client  activity to the DUT

-----------------------------------------------------------------------------------

-----------------------------------------------------------------------------------

Case 3: Client is behind NAT and Server is behind NAT

Client private IP= 10.1.1.1

Client public IP= 1.1.1.1

Server Private IP= 10.2.2.2

Server Public IP= 2.2.2.2

When the packet leaves the client it has the following IPs:

IP source=10.1.1.1

IP destination= Server Public IP=2.2.2.2

When the packet reaches the  server it has the  following IPs:

IP source= Client Public IP =1.1.1.1

IP destination= Server Private IP=10.2.2.2

***Our server emulations will reply to packets coming from any source ( not necessarily the one configured on the client)

-----------------------------------------------------------------------------------

In IxLoad you should use the following :

Client Activity range = 10.1.1.1

Server Activity range = 10.2.2.2

DUT  IP = 2.2.2.2 

Point the client  activity to the DUT

-----------------------------------------------------------------------------------

-----------------------------------------------------------------------------------

Reference:

http://www.faqs.org/rfcs/rfc1631.html

IxLoad: Create bursty traffic

The easiest  way to create bursty traffic  is by manipulating the timeline :

1.  Create you Scenario, set objective type to Throughput

2.  Switch Timeline from Basic to Advanced 

3.  Add Burst segments to the timeline

Analyzer: How to capture only specific traffic

     In order to capture  only specific capture  use the following option.
Go to Analyzer -> Control tab and on PCAP and Custom Filters introduce a capture filter manually:

The filter  from the picture capture all packets to and from IP 10.0.0.101.
The filter has to be written with small caps and has to be in tcpdump format

***Capture filters are different from display filters in Wireshark.
Just read the following blog for reference:
http://wireshark123.blogspot.com/2014/10/wireshark-capture-filters.html

TCL IxLoad iSCSIServer : build a custom 512 entries target table

Example:
Build a 512 nodes  Target Pool  table wit the following distribution :

#################################################
# Activity iSCSIServer1 of NetTraffic Traffic1@Network1
#################################################
set Activity_iSCSIServer1 [$Traffic1_Network1 activityList.appendItem -protocolAndType "iscsi Server"]

#################################################
# Timeline1 for activities iSCSIServer1
#################################################
set Timeline1 [::IxLoad new ixTimeline]

$Timeline1 config

$Activity_iSCSIServer1 config \
-name                                    "iSCSIServer1" \
-timeline                                $Timeline1 

$Activity_iSCSIServer1 agent.config

$Activity_iSCSIServer1 agent.pm.advOptions.config

$Activity_iSCSIServer1 agent.pm.iscsi.config

set N 512

$Activity_iSCSIServer1 agent.pm.iscsiTarget.config \
-numberOfTargets                         $N \
-numberOfLuns                            $N \
-numberOfPortals                         1 

$Activity_iSCSIServer1 agent.pm.iscsiTarget.nodeList.clear

$Activity_iSCSIServer1 agent.pm.iscsiTarget.nodeList.appendItem \
-id                                      "NodeTargetPortal" \
-parentName                              "" \
-nodeType                                2 \
-name                                    "TP1" \
-enableTargetAlias                       true \
-selfId                                  1 \
-numberOfChildren                        $N \
-parentId                                -1 

for {set i 1} {$i <=$N} {incr i} {
set A [expr { 2* $i}]
set B [expr {$A + 1}]
$Activity_iSCSIServer1 agent.pm.iscsiTarget.nodeList.appendItem \
-id                                      "NodeTargetGroup" \
-targetAlias                             "ixiacom-iscsiTG$i" \
-parentName                              "TP1" \
-nodeType                                1 \
-name                                    "TG$i" \
-enableTargetAlias                       true \
-selfId                                  $A \
-numberOfChildren                        1 \
-parentId                                1 \
-targetName                              "iqn.2010-11.com.ixia:ixload:iscsiTG$i"

$Activity_iSCSIServer1 agent.pm.iscsiTarget.nodeList.appendItem \
-id                                      "Node" \
-parentName                              "TG$i" \
-name                                    "LUN$i" \
-selfId                                  $B \
-lunBlockSize                            "512" \
-logicalUnitNumber                       "0" \
-parentId                                $A \
-lunCapacity                             "307199" 
}

$Activity_iSCSIServer1 agent.pm.availableTosList.clear

$Traffic1_Network1 traffic.config

$Traffic1_Network1 setPortOperationModeAllowed $::ixPort(kOperationModeThroughputAcceleration) false

$Traffic1_Network1 setPortOperationModeAllowed $::ixPort(kOperationModeFCoEOffload) true

$Traffic1_Network1 setTcpAccelerationAllowed $::ixAgent(kTcpAcceleration) true

$Originate elementList.appendItem -object $Traffic1_Network1



$Originate config -name "Originate"

$Scenario1 columnList.appendItem -object $Originate



set DUT [::IxLoad new ixTrafficColumn]

$DUT elementList.clear

$DUT config -name "DUT"

$Scenario1 columnList.appendItem -object $DUT



set Terminate [::IxLoad new ixTrafficColumn]

$Terminate elementList.clear

$Terminate config -name "Terminate"

$Scenario1 columnList.appendItem -object $Terminate



$Scenario1 links.clear

$Scenario1 config

$Test1 config \
-csvThroughputScalingFactor              1000 \
-enableNetworkDiagnostics                false \
-currentUniqueIDForAgent                 1 \
-profileDirectory                        $profileDirectory \
-eventHandlerSettings                    $my_ixEventHandlerSettings \
-captureViewOptions                      $my_ixViewOptions 

IxLoad 802.1x Stored certificates

 In order to use stored certificated you will need to enable the option at plugin level:

When using the stored certificate option you can authenticate:

- the emulated host (per each MAC address the Ixia port emulates)

- the user that is trying to authenticate (also emulated per each MAC address)

- or both 

These settings can be changed on each 802.1x range, like in the picture below:

None is equivalent to User only authentication

Host only authenticates the host

Host user-both authenticates both the host and the user

In stored certificate scenario,  regardless of the authentication type, the root.pem certificate is needed on the local IxLoad client machine and as the test gets configured, it will be copied to the port.

Additionally, that means that depending on the ‘Host authentication mode’ you need:

-         1 more certificate for each user that you try to authenticate 

-         1 more certificate for each host that you try to authenticate

-         2 more certificates for each host + user pair

Notes :

The Send CA certificate only checkbox makes IxLoad look only for the root.pem 
certificate in the path you provide in Certificate location and copy it only (without any 
additional user certificates) on the port.

The Obtain CA certificate only checkbox only has relevance and works when used with 
Run-Time Certificate Generation

IxLoad HTTP : How to test a real webpage

       By default when requesting  a transaction IxLoad uses  an URL  with  the following format:
http://<IP>/<page/object>:<port_number>

For example when you set  the following in the GET command: Destination (IP or IP:port) =1.1.1.1 
                                                                                            Page/Object= /1b.html                                  

The URI used will be:   URI=1.1.1.1/1b.html                                                                  

        On the real world will not usually see this type of URI. Instead of  IP address will see a host name.
For example: www.blogger.com/login.html


         In the following example I will  explain how to setup  IxLoad  to simulate that  is actually a  HTTP browser opening www.google.com

Configuration  steps:
1. Find out the default object for www.google.com
On an internet browser type www.google.com and se what page it pops-up

2. Set the GET request in the HTTP Client activity  as in the following prinscreen:

3. Assign an IP address to the hostname www.google.com
On HTTP client click on NetTraffic Network2 then on DNS settings DNS2 and add a hostname entry for  your website 

****In case you forget to add the DNS entry you will get an error like this:

IxLoad PerfectStormOne: How to use a 10G card in 1G mode