Latency inspection
While important, throughput is not the only thing to care: latency can be equally and even more crucial. Think, for example, to a branch office using its Internet line to carry VoIP traffic: high latency can lead to metallic voice and other sound artifacts.
So, how do our today hero perform in latency test? Lets see:
A 64 bytes-sized ping flood (100,000 packets sent / received) show us 0.1 ms increased latency when facing with normal, string and regexp matching rules. When inside a VPN, latency increase in a more pronounced manner: the RouterBOARD 750 GL add about 1.1 – 1.2 msec. However, this is not a bad results: a one millisecond latency increase can be easily tolerated.
When flooding, the ping program can be used to somehow intersect throughput and latency performances: while flooding ping are sent / received at a very fast ratio so, by using large packets, we can touch not only latency but throughput also. Let see as the total ping time varies with different packet sizes:
Notice how total ping times raise by a factor of ~ 1,75X when using small packets, over 2X when using big (1400 bytes-sized) packets and as high as 3,3X when issuing fragmented packets (2800 bytes-sized ping, resulting in three fragments) and doing string matching. Nevertheless, ping performance remain very respectable, at least until we are inside a VPN: in this case the time needed to sent / receive our 100,000 packets is very high. Note than VPN performance is probably hampered by header preprocessing (encap / decap) other then encrypt / decrypt load, as large packet performance is very strong, while small and fragmented packets flow way slower.