Methodology for measurements and analysis of protocol conformance, performance and scalability of stateful border gateways

Abstract

Testing of Internet-Protocol packet network perimeter protection devices, e.g., Border Gateways such as Session Border Controllers, including dynamic pinhole capable firewalls are discussed. Analysis and testing of these network perimeter protection devices is performed to evaluate the ability of such device to perform at carrier class levels while being subjected to many different protocol test cases. The efficiency of state look table functions as well as call signaling processing capacity, implemented in a particular perimeter protection device, are determined and evaluated. Proper performance and efficiency of such perimeter protection devices are evaluated as a function of: incoming call rate, total pre-existing active calls, and different protocol test cases. Various different network perimeter protection devices, e.g., of different types and/or from different manufactures, can be benchmarked for degree of protocol stack implementation/suitability to carrier class environments and comparatively evaluated. Test equipment devices, e.g., Integrated Intelligent End Points (IIEPs), for fault testing, evaluating and stressing the network perimeter protection devices in a system environment are described. Typically these specialized test devices are used in pairs, one on each side of the firewall under test. These test equipment devices include a traffic generator module, a protocol compliance testing module, monitoring and analysis capability including a CPU utilization analysis module, a protocol analysis module, and a graphical output capability.