This section provides general information about the data path performance of Avi Load Balancer based on configuration examples and different measured metrics from lab tests. It does not include a formal performance study and the outcome can vary if different configurations are used, but the information is imperative to understand Avi Load Balancer performance.

Performance Numbers on Non-ENS Mode

The tests were performed with Avi Load Balancer version 30.2.1 with NSX-T cloud. The information found within this document remains valid through the current versions and for current operating versions. The performance numbers below are based on Non-ENS mode.

Service Engine Size -> Performance Metric

1 Core/ 2 GB RAM

2 Core/ 4GB RAM

4 Core/ 8GB RAM

6 Core/ 12 GB RAM

SSL Transactions per sec (ECC)

2600

4600

9500

11600

SSL Transactions per sec (RSA)

917

1800

2900

4200

L7 Requests per sec

53000

100000

192000

190000

L4 Connections per sec (TCP)

54000

84000

121000

125000

L4 Throughput

5.8 Gbps

11.4 Gbps

13.1 Gbps

10.6 Gbps

L7 Throughput

6.9 Gbps

11.5 Gbps

14.1 Gbps

13.9 Gbps

L7 SSL Throughput

3.7 Gbps

7 Gbps

13 Gbps

13.5 Gbps
Note:

  1. NSX-T cloud with overlay network, tested with following versions:

    1. NSX Advanced Load Balancer - 30.2.1-9105

    2. NSX-T - 4.0.0.1.0.20159689

    3. vCenter - 7.0.3

  2. Service Engine virtual machine running on Intel Xeon Gold 6130 CPU.

  3. SSL Tests were performed with:

    1. EC (SECP2 56R1) and RSA (2048 Bits)

  4. Cipher used:

    1. EC: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

    2. RSA: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    3. PFS enabled, TLS version 1.2

  5. Service Engines used virtual machine version 11.

  6. E810-C NIC (Network Interface Card) on servers running Service Engines, used for benchmarking. The NIC speed was limited to 25 Gbps.

  7. Hosts were added with Normal mode on NSX-T.

  8. Clients, Servers, SE all added to DFW Exclusion List.

  9. Number of dedicated dispatcher cores set for Service Engines of different sizes:

    1. 1C/2G: No Dedicated dispatcher, max_queues_per_vnic=1

    2. 2C/2G: 2 Dispatcher, max_queues_per_vnic=2

    3. 4C/4G: 4 Dispatcher, max_queues_per_vnic=4

    4. 6C/6G: 2 Dedicated dispatchers, max_queues_per_vnic=2

  10. The tests performed are done with CPU limit set to ‘unlimited’ for the Service Engine virtual machine. This is the default setting for bringing up the Service Engine virtual machine.

  11. NSX Cloud performance Enhancements based on 30.2.1:

    1. To enable multiple logical cores to process each vNIC, the field ctxPerDev is set to three.

    2. To enable Receive Side Scaling (RSS) feature on the vNIC, the field pnicfeatures is set to four.

Performance Number for ENS Mode

The tests were performed with Avi Load Balancer version 22.1.3 with NSX-T cloud. The information found within this document remains valid through the current versions and for current operating versions.

Service Engine Size -> Performance Metric

1 Core/ 2 GB RAM

2 Core/ 4GB RAM

4 Core/ 8GB RAM

6 Core/ 12 GB

SSL Transactions per sec (ECC)

2950

6000

8200

11500

SSL Transactions per sec (RSA)

1020

1950

3000

3750

L7 Requests per sec

60000

94000

153000

205000

L4 Connections per sec (TCP)

43000

47000

86500

99000

L4 Throughput

16.5 Gbps

16.5 Gbps

16.5 Gbps

19 Gbps

L7 Throughput

12 Gbps

13 Gbps

14 Gbps

17 Gbps

L7 SSL Throughput

5 Gbps

5.5 Gbps

11 Gbps

13 Gbps

  1. NSX-T cloud with overlay network, tested with following versions:

    1. NSX Advanced Load Balancer - 22.1.3-9096

    2. NSX-T - 4.0.0.1.0.20159689

    3. vCenter - 7.0.3

  2. Service Engine virtual machine running on Intel Xeon Gold 6130 CPU.

  3. SSL Tests were performed with:

    1. EC (SECP2 56R1) and RSA (2048 Bits)

  4. Cipher used:

    1. EC: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

    2. RSA: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    3. PFS enabled, TLS version 1.2

  5. Service Engines used virtual machine version 11.

  6. E810-C NIC (Network Interface Card) on servers running Service Engines, used for benchmarking. The NIC speed was limited to 25 Gbps.

  7. Hosts were added with ENS Interrupt mode on NSX-T.

  8. Clients, Servers, SE all added to DFW Exclusion List.

  9. *2Core SE has Hybrid RSS enabled.

  10. Number of dedicated dispatcher cores set for Service Engines of different sizes:

    1. 4C/8G: 1 Dedicated dispatcher.

    2. 6C/12G: 2 Dedicated dispatchers.

  11. Maximum queues per vNIC needs to be set to zero. This ensures that auto mode is enabled and helps NSX Advanced Load Balancer decide on the number of queues to bring up based on the NIC type. The default value of this setting is one. Maximum queues per vNIC was set to two for 6 Core/ 12 GB RAM Service Engine.

  12. The tests performed are done with CPU limit set to ‘unlimited’ for the Service Engine virtual machine. This is the default setting for bringing up the Service Engine virtual machine.