Skip to content

Performance Testing

Software and versions involved in the test (to avoid bias and for fair treatment, use "X" as a placeholder):

SoftwareVersionLink
EasyTier1.2.1https://github.com/EasyTier/EasyTier
Networking Tool AJuly 2024 Version

To be tested:

  • WireGuard
  • TailScale
  • ZeroTier

X86

Machine ModelAlibaba Cloud ecs.ic5.2xlarge
vCPU8 vCPU
RAM8G
CPU ModelIntel(R) Xeon(R) Platinum 8163 CPU @ 2.50GHz
OSUbuntu 22.04 64-bit

Test Results

SoftwareTest ItemPerformance ( No -R / With -R ) Gbit/s
LoopBack Device28.3 / 28.3
EasyTierUDP No Encryption1.43 / 1.46
EasyTierUDP AES-128-GCM1.36 / 1.37
EasyTierTCP No Encryption1.31 / 1.41
EasyTierTCP AES-128-GCM1.42 / 1.41
Networking Tool AUDP No Encryption1.10 / 1.11
Networking Tool AUDP AES-128-GCM0.93 / 0.98

Reproduction Method

Basic Preparation

The test is based on Linux network namespace functionality and can be performed using Ubuntu virtual machines, physical machines, Docker containers, etc.

Initialization commands (execute with root privileges)

bash
apt update
apt install iperf3 iptables -y

ip netns add red
ip netns add green
ip link add br0 type bridge
ip link set br0 up
ip addr add 192.168.0.1/16 dev br0

ip link add vethcab0 type veth peer name red0
ip link set vethcab0 master br0
ip link set red0 netns red
ip netns exec red ip link set lo up
ip netns exec red ip link set red0 up
ip netns exec red ip addr add 192.168.0.2/16 dev red0
ip netns exec red ip route add default via 192.168.0.1
ip link set vethcab0 up

ip link add vethcab1 type veth peer name green0
ip link set vethcab1 master br0
ip link set green0 netns green
ip netns exec green ip link set lo up
ip netns exec green ip link set green0 up
ip netns exec green ip addr add 192.168.0.3/16 dev green0
ip netns exec green ip route add default via 192.168.0.1
ip link set vethcab1 up

sysctl net.ipv4.ip_forward=1
sysctl net.bridge.bridge-nf-call-iptables=0
sysctl net.bridge.bridge-nf-call-ip6tables=0
sysctl net.ipv6.conf.lo.disable_ipv6=0

# Note: EasyTier does not rely on public network services, so iptables forwarding can be omitted
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -i eht0 -j ACCEPT
iptables --policy FORWARD ACCEPT

nohup ip netns exec red iperf3 -s &

Additionally, ensure that the programs to be tested are in the PATH environment variable.

The following iperf3 command does not include -R; in actual tests, data with -R will be measured.

LoopBack

bash
ip netns exec green iperf3 -c 192.168.0.2

EasyTier

UDP No Encryption:

bash
ip netns exec red easytier-core -i 10.126.126.2 --multi-thread -u
ip netns exec green easytier-core -i 10.126.126.3 -p udp://192.168.0.2:11010 --multi-thread -u
ip netns exec green iperf3 -c 10.126.126.2

UDP Encryption:

bash
ip netns exec red easytier-core -i 10.126.126.2 --multi-thread
ip netns exec green easytier-core -i 10.126.126.3 -p udp://192.168.0.2:11010 --multi-thread
ip netns exec green iperf3 -c 10.126.126.2

TCP No Encryption

bash
ip netns exec red easytier-core -i 10.126.126.2 --multi-thread -u
ip netns exec green easytier-core -i 10.126.126.3 -p tcp://192.168.0.2:11010 --multi-thread -u
ip netns exec green iperf3 -c 10.126.126.2

TCP Encryption

bash
ip netns exec red easytier-core -i 10.126.126.2 --multi-thread
ip netns exec green easytier-core -i 10.126.126.3 -p tcp://192.168.0.2:11010 --multi-thread
ip netns exec green iperf3 -c 10.126.126.2

Networking Tool A

UDP No Encryption

bash
ip netns exec red xxx -k iperf -s 8.134.146.7:29872 --ip 10.26.0.2
ip netns exec green xxx -k iperf -s 8.134.146.7:29872 --ip 10.26.0.3
ip netns exec green iperf3 -c 10.26.0.2

UDP Encryption

bash
ip netns exec red xxx -k iperf -s 8.134.146.7:29872 -w 1234 --ip 10.26.0.2
ip netns exec green xxx -k iperf -s 8.134.146.7:29872 -w 1234 --ip 10.26.0.3
ip netns exec green iperf3 -c 10.26.0.2