How we tested 3Com's switch
Our exclusive Clear Choice test of its new core switch backs up 3Com's claim. This chassis-based, 288-port device delivered line-rate throughput in all performance tests, supported more Open Shortest Path First (OSPF) routing sessions than we've ever set up and consumed remarkably little power all the while.
While the device we tested doesn't have all the features of some competitors (for example, the switch doesn't yet support hitless upgrades), its strong performance and low power consumption make it a viable option for large and midsized organizations in the market for core and aggregation switches.
One switch, two names
3Com sells the system we tested under two names: the 3Com S7906E and the H3C S7506E. That's kind of a mouthful, so we'll refer to this system as the "3Com/H3C switch'' going forward. (3Com became sole owner of H3C after buying Huawei's share of the former joint venture a couple of years ago. See story.)
3Com supplied a chassis with six line cards, each with 48 gigabit Ethernet ports that use SFP transceivers for copper or fiber. The company says it has less costly gigabit Ethernet cards with integrated copper transceivers now under development. It already ships larger (10-slot) and smaller (two- and three-slot) versions of the same switch. In 3Com's terminology, the slot counts refer to the number available for line cards; each chassis actually has two additional slots for redundant management modules.
The chassis 3Com supplied scales up to 288 gigabit Ethernet ports, but only 16 10G Ethernet ports. While the gigabit port count is relatively high, the 10G Ethernet number is not. Competing Cisco Catalyst 6509 and Nexus 7010 switches house up to 130 and 256 10G-Ethernet cards, respectively, in similar configurations with dual fabric cards.
3Com's competitors may claim the lower 10G Ethernet port density "proves" this is a smaller switch than some of its rivals, but results from our unicast performance tests don't support that conclusion: A 3Com/H3C chassis fully loaded with gigabit ports moved mid- and large-sized frames only slightly slower than a Cisco Catalyst 6509 fully loaded with 10G Ethernet ports, and went faster than the Cisco box with short frames. While there are some apples-and-oranges problems with this comparison (the tests were done at different times, for starters), it's not automatically the case that lower density means lower performance.
We also asked 3Com to complete an extensive features questionnaire as part of our features evaluation (see "3Com features chart") While we didn't verify every response on the questionnaire, we did validate that the system supports virtually all major switching, routing and management protocols.
One drawback is that the 3Com/H3C switch doesn't currently support hitless upgrades and downgrades of software images, a key feature supported in some competing switches. The vendor says it's working on a release that will add this capability later in 2009.
On the seventh test we rested
We tested the 3Com/H3C switch/router six ways, covering layer-2 and layer-3 performance, power consumption, features, manageability and usability (see "How we did it"). We also planned a seventh test, measuring layer-2 performance between a pair of 10G Ethernet ports, but time constraints prevented us from completing that event.
In layer-2 unicast testing, we usually configure a Spirent TestCenter traffic generator/analyzer to emulate one or more hosts on each port, and then measure how fast the switch forwards frames between each port (throughput) and how long it takes for each frame to arrive (latency).
That's what we did here, but with a twist: This time, we configured Spirent TestCenter to 900 unique media access control (MAC) addresses on each port, for a staggering 259,200 unique addresses and more than 74 million flows.
That's an enormous number of MAC addresses. While no sane network architect would design a single flat layer-2 network supporting even 1/20th that many hosts, scalability to such high levels is important for a core switch. It's possible that a switch configured with hundreds or thousands of virtual LANs might need to learn tens or even hundreds of thousands of MAC addresses, as the 3Com/H3C device did here.
The switch proved highly scalable in terms of layer-2 data-plane forwarding. Regardless of frame size – from short 64-byte frames up to 9,216-byte jumbo frames – the switch delivered line-rate throughput in all tests involving a fully meshed pattern between all 288 gigabit Ethernet ports.
Average and maximum latency – key metrics for real-time applications involving voice and video – were also remarkably low and consistent. For example, average latency with 64-byte frames was around 6.5 microsec. That's around half the number we measured with Cisco's Catalyst 6509 using 10G Ethernet interfaces, not gigabit, and running at 10% of line rate (both factors that should result in significantly lower latency). Further, maximum latencies were not far above the averages, suggesting the 3Com/H3C switch keeps jitter (delay variation) to a minimum, offering more protection for real-time applications.
Oodles of OSPF
In assessing layer-3 scalability, we measured results both at the control plane – in terms of the number of OSPF sessions and the number of routes per session – and at the data plane, as in our layer-2 tests. The control-plane numbers were staggering: We brought up 288 adjacencies (OSPF-speak for "session") and then advertised more than 200,000 routes before sending traffic to all routes.
To get a sense of the scale of these numbers, consider that the very largest service provider networks might build OSPF databases comprised of 50,000 or fewer networks. For even large enterprises the typical routing table is far smaller, usually on the order of hundreds to thousands of routes. Also, the 288 concurrent OSPF sessions represent the largest scale Network World has attempted in any test published.
As in the layer-2 assessment, the 3Com/H3C device again passed all tests with flying colors. Throughput across 288 ports was line rate for 64-, 256-, 1,518- and 9,216-byte frames, even though the switch/router had to contend with simultaneous data-plane traffic (always offered at line rate on all ports) and higher-priority control-plane traffic (the OSPF messages that must get through for routing to work).
Some buffering is necessary for the switch/router to forward both data- and control-plane traffic at line rate, and that showed up in the latency results. Average latency was anywhere between two and seven times higher than in the layer-2 unicast tests, depending on frame size.
That's not surprising given the contention between test traffic and OSPF packets at line rate, but not necessarily a cause for concern. The latencies again compare favorably with those from tests of large Cisco switch/routers (even though we tested the Cisco boxes with 10G interfaces and measured delay at 10% of line rate, both factors that should have favored the Cisco switch).
The 3Com/H3C turned in perfect multicast data-plane numbers. However, multicast control-plane scalability is one area where Cisco retains an edge over the 3Com/H3C device.
A key metric, besides throughput and latency, is mroute capacity, or the number of source/group combinations a device can support. This is especially important for videoconferencing or streaming quote services, where multicast may be used to carry messages among thousands of users.
In layer-3 multicast tests of Cisco's Catalyst 6509 and Nexus 7010, we've tested with 10,000 mroutes, using a combination of 200 groups with 50 transmitters each. In contrast, the limit of the 3Com/H3C device is 4,096 mroutes. That's more than enough for small and midsized enterprises, and 3Com says it has larger systems under development, but it is a lower ceiling than the competing Cisco devices we've tested.
The 3Com/H3C device also limits the amount of multicast replication to any combination of groups times receiver ports that totals 4,096. We haven't hit a similar limit in testing other core switches.
On the other hand, the 3Com/H3C switch once again replicated all multicast traffic at line rate. As in the layer-2 and -3 unicast tests, the device never dropped a frame in any of our multicast tests. Average and maximum latencies were significantly higher than in the unicast tests, but in line with most other switches and routers we've tested, and the numbers involved are not high enough to degrade application performance.
Our results validate 3Com's claim that low power consumption is a key differentiator for the 3Com/H3C device. We measured power usage three ways: When the switch was idle (but with cables connected to all 288 gigabit Ethernet SFPs); when the switch forwarded traffic across all ports at line rate, as in the OSPF tests; and when the switch forwarded traffic with an IP option field set in every packet (thus forcing traffic up to the CPU in the switch's management module).
Total power consumption when idle was 927 watts, but this number jumped 25%, to 1,159 watts, when we offered data-plane traffic at line rate. With IP options set, consumption was slightly lower, at 1,101 watts, probably because this test exercised the management module's CPU far more than switching silicon on each line card.
While we don't have direct comparisons with other chassis-based switches to report, there is anecdotal evidence that competing switches consume 3,000 watts or more in similar configurations.
Further, 3Com supplied line cards that use external copper or fiber transceivers. These probably consume more power than gigabit line cards with integrated copper transceivers; 3Com says such cards are due for release later in the year.
Manageability and usability
For many network managers, ease of use and support for various management methods is at least as important a consideration as high performance. We assessed these areas by determining what management methods the switch supports, as well as noting subjective observations about ease of use in the course of setting up the performance tests.
3Com does not attempt to clone the IOS command-line interface, as some other Cisco competitors do. Instead, the switch uses a relatively simple hierarchical interface with executive and configuration modes. The interface was easy to navigate. Context-sensitive help is available for all commands, and command syntax is uniform at least for the various operations we tried.
In terms of management methods, only HTTP and Secure-HTTP are enabled by default. Both require the prior creation of a username and password to grant access.
All other management methods – including SSH, telnet and the various versions of SNMP – must be enabled by the user. Note that enabling SSH turns on a server that supports both versions of the protocol. A second command is required to disable version 1, which has known security vulnerabilities. IOS in Cisco Catalyst switches works the same way, and requires a second command to disable SSHv1.
The 3Com/H3C switch may not offer 100% of the features of competing high-end switches from Cisco and others. But in most areas it delivers excellent performance while drawing remarkably low power. 3Com, long absent from the high-end enterprise networking market in North America, is back with a credible enterprise switch.
Newman is president of Network Test, a benchmarking and network design consultancy. He can be reached at email@example.com.
Network World gratefully acknowledges the support of Spirent Communications, which made this project possible. Spirent supplied its Calabasas engineering lab for testing as well as its Spirent TestCenter instruments. Many Spirent employees offered engineering and logistical support, including Jurrie van den Breekel; Gary Hansen, Brooks Hickman, Shirley Ling, Alick Luo, Kameron Moshier, Quinten Pierce, Timmons Player, Timothy Ramos, Niaz Sadeqiar, Saldju Tadjudin, Jacky Wu and Landy Zhou.
Newman is also a member of the Network World Lab Alliance, a cooperative of the premier reviewers in the network industry each bringing to bear years of practical experience on every review. For more Lab Alliance information, including what it takes to become a member, go to www.networkworld.com/alliance.
In some ways, Google is like every other large enterprise. It had the typical defensive security...
The university's hijacked vending machines and 5,000 other IoT devices were making seafood-related DNS...
The U.S. government reportedly pays Geek Squad technicians to dig through your PC for files to give to...
Sponsored by AT&T
Sponsored by Aquantia
Microsoft today announced that the open source Kubernetes container management platform is now...
Satellite worksites can cause big headaches for tech pros tasked with keeping company assets secure. We...
At RSA 2017, security expert Konstantin Karagiannis (CTO at BT North America) gives Network World an...
Broadband internet has opened up almost unlimited possibilities for commerce, distance learning, civic...