Because I’m a nerd, on Saturday morning I started developing the topologies I’m going to use to conduct some more thorough VyOS testing. As luck would have it, I’ve spent a good portion of the summer traveling to far flung co-lo facilities, as part of an infrastructure standardization and consolidation effort. There’s a lot of excess capacity right now, in terms of both compute, and bandwidth.
This will allow me to build two identical environments in different parts of the country:
At each location, I’ll be provisioning two Linux VMs as test hosts, and two corresponding VyOS instances. These instances will reside on a pair of VMware hypervisors, with a Linux VM and VyOS pair residing on each. The hypervisors are in turn connected to a pair of Arista 7050SX-72Q switches, with two 10GbE connections, one to each switch, as part of an trunked MLAG. The Aristas are connected via a pair of 40GbE connections.
This will afford me the opportunity to push VyOS in a number of raw throughout scenarios, while using a real world network. I’ll be looking to test raw packet forwarding, as well as various encapsulation/overlay schemes, across a legit network, without having to factor in latency.
Once I’ve gotten that out of the way, I plan on conducting a number of the same tests in a cross-country environment:
Again, I plan on utilizing different encapsulation schemes – some without crypto, and some with.
Lastly, and this is of particular interest to me, I’m going to do some DMVPN:
This will be to test a few different things:
- Crypto throughput and performance (which ought be the same as point-to-point tunnels with encryption)
- VyOS DMVPN (VyOS Hub & Spokes)
- DMVPN Interoperability – Part 1 (Cisco Hub / VyOS Spokes)
- DMVPN Interoperability – Part 2 (VyOS Hub / Mixed Spokes)
Share this post: