FortiGate使用内置iperf服务进行带宽测试
FortiGate具有内置的iPerf3客户端和有限的嵌入式 iPerf3 服务器,本文介绍如何使用FortiGate内置iperf服务进行带宽测试,适用固件版本为FortiGate V7.0和V7.2。
为了进行测试,本文将“FG-A”作为 Iperf 服务器,将“FG-B”作为 Iperf 客户端。“FG-A”端口port1的IP地址为10.10.10.1/30,“FG-B”端口port1的IP地址为10.10.10.2/30。
“FG-A”的配置为:
config system global
set speedtest-server enable
end
config system interface
edit "port1"
set ip 10.10.10.1 255.255.255.252
set allowaccess ping https ssh http speed-test
end
注:需在测试端口下允许speed-test流量,该流量使用的是TCP端口5201。
“FG-B”的配置为:
config system interface
edit "port1"
set ip 10.10.10.2 255.255.255.252
end
diagnose traffictest client-intf port1
diagnose traffictest server-intf port1
diagnose traffictest port 5201
diagnose traffictest proto 0
diagnose traffictest show
server-intf: port1
client-intf: port1
port: 5201
proto: TCP
注:diagnose traffictest命令是及时的,退出终端后配置就会恢复成默认值。
测试:
使用命令" diagnose traffictest run -c 10.10.10.1"测试带宽:
diagnose traffictest run -c 10.10.10.1
Connecting to host 10.10.10.1, port 5201
[ 10] local 10.10.10.2 port 21241 connected to 10.10.10.1 port 5201
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 10] 0.00-1.00 sec 387 MBytes 3.25 Gbits/sec 70 509 KBytes
[ 10] 1.00-2.00 sec 446 MBytes 3.75 Gbits/sec 0 566 KBytes
[ 10] 2.00-3.00 sec 453 MBytes 3.80 Gbits/sec 2 455 KBytes
[ 10] 3.00-4.00 sec 440 MBytes 3.69 Gbits/sec 26 433 KBytes
[ 10] 4.00-5.00 sec 452 MBytes 3.80 Gbits/sec 0 515 KBytes
[ 10] 5.00-6.00 sec 450 MBytes 3.77 Gbits/sec 0 570 KBytes
[ 10] 6.00-7.00 sec 451 MBytes 3.78 Gbits/sec 4 474 KBytes
[ 10] 7.00-8.00 sec 452 MBytes 3.79 Gbits/sec 0 539 KBytes
[ 10] 8.00-9.00 sec 451 MBytes 3.78 Gbits/sec 0 587 KBytes
[ 10] 9.00-10.00 sec 453 MBytes 3.80 Gbits/sec 2 452 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth Retr
[ 10] 0.00-10.00 sec 4.33 GBytes 3.72 Gbits/sec 104 sender
[ 10] 0.00-10.00 sec 338 MBytes 284 Mbits/sec receiver
iperf Done.
iperf3: interrupt - the server has terminated
diagnose traffictest run -c 10.10.10.1 -R
Connecting to host 10.10.10.1, port 5201
Reverse mode, remote host 10.10.10.1 is sending
[ 10] local 10.10.10.2 port 18987 connected to 10.10.10.1 port 5201
[ ID] Interval Transfer Bandwidth
[ 10] 0.00-1.00 sec 377 MBytes 3.16 Gbits/sec
[ 10] 1.00-2.00 sec 402 MBytes 3.37 Gbits/sec
[ 10] 2.00-3.00 sec 410 MBytes 3.44 Gbits/sec
[ 10] 3.00-4.00 sec 439 MBytes 3.68 Gbits/sec
[ 10] 4.00-5.00 sec 441 MBytes 3.70 Gbits/sec
[ 10] 5.00-6.00 sec 450 MBytes 3.77 Gbits/sec
[ 10] 6.00-7.00 sec 451 MBytes 3.78 Gbits/sec
[ 10] 7.00-8.00 sec 452 MBytes 3.79 Gbits/sec
[ 10] 8.00-9.00 sec 453 MBytes 3.80 Gbits/sec
[ 10] 9.00-10.00 sec 330 MBytes 2.77 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth Retr
[ 10] 0.00-10.00 sec 111 MBytes 93.4 Mbits/sec 8 sender
[ 10] 0.00-10.00 sec 4.11 GBytes 3.53 Gbits/sec receiver
iperf Done.
iperf3: interrupt - the server has terminated
注:默认情况下,iperf 将数据发送到远程主机,也就是说,在本例中,它针对“FG-A”进行了测试 (UPLOAD),要生成相反方向的流量,请使用 -R 选项。
查看其它可用命令:
diag traffictest run -h