• United States

How we did it

Sep 06, 20044 mins

How we tested the Extreme Networks’ S400 10G Ethernet workgroup switch.

We assessed Extreme Networks’ S400 in terms of its performance, security, and features. (Access the complete methodology here.)

We measured the device’s 10G Ethernet and Gigabit Ethernet baseline performance; performance with maximum access control lists (ACL) enabled; and performance with Rapid Spanning Tree (RST) bridging. We also verified the switch’s 802.1X authentication features.

For the 10G Ethernet baseline tests, we offered traffic from the Spirent Communications SmartBits traffic generator/analyzer in a partial mesh topology to one 10G Ethernet interface on the core (uplink) side of the switch and 10G Ethernet interfaces on the edge (downlink) side of the switched. In separate test runs, we offered 64-, 256-, 1,518-, and 9,000-byte frames. We measured throughput (the highest rate the device could forward traffic with zero loss); average and maximum delay (the amount of time the switch held up frames in flight); and jitter (the amount of variation between delay measurements).

We used 64- and 1,518-byte frames because they are the minimum and maximum frame lengths, respectively, in standard Ethernet. The 256-byte frame size approximates the average frame length of 200 to 300 bytes as observed on Internet backbone links. The 9,000-byte size is a jumbo frame; while it is not standard Ethernet, this size is best for bulk data transfer, and it is widely supported by makers of gigabit and 10G Ethernet devices.

Because the S400 has two 10G Ethernet interfaces, we repeated this test in a configuration with 20 Gigabit Ethernet edge interfaces and two 10G Ethernet interfaces.

In the Gigabit Ethernet baselines, we offered traffic to all 48 Gigabit Ethernet edge interfaces. In this test, we configured the SmartBits to use a fully meshed pattern, meaning frames offered to each interface were destined for all other interfaces. We used the same metrics of throughput, delay and jitter as in the 10G Ethernet baselines.

For the throughput tests, the goal was to find the maximum rate the switch would forward with zero loss. In the delay tests, we offered traffic at 10% of line rate.

In the maximum-ACL test, we offered the same traffic as in the Gigabit Ethernet baselines. This time, however, Extreme configured the S400 with the maximum number of ACLs supported – in this case, 124 entries on all 50 interfaces. The first 123 entries were to drop traffic, and a final entry permitted all other traffic. Before running the performance test, we spot-checked the “drop” cases to verify the ACLs were working.

To test 802.1w RST Protocol, we set up a spanning tree between two S400 switches. We configured SmartBits to offer one unidirectional stream of 64-byte frames at a rate of 1 million frames per second. At least 10 seconds into the test, we physically disconnected the active link, forcing the spanning tree to fail over to the interface that previously was in blocking mode. We derived failover time from packet loss; with an offered rate of 1 million frame/sec, each dropped packet meant 1 microsec of failover time.

For the 802.1X authentication tests, we connected client and server through the switch, with the switch acting as authenticator. We verified the ability to gain access to network resources using various modes, including port-based (the switch granted access because the client was on a particular port); media access control address-based (the client was on a particular port and had a particular MAC address); and Web-based (the switch intercepted URLs and replaced it with one of its own until the user authenticated).

For the authentication tests, the authentication server ran Windows 2000 Advanced Server and provided Active Directory, Dynamic Host Configuration Protocol, DNS and RADIUS services. The client ran Windows XP Service Pack 1 and Internet Explorer 6. We configured server and client to authenticate using Extensible Authentication Protocol/Transport Layer Security.