Stéphane Klein
2010-Aug-18 19:53 UTC
Re: [netperf-talk] How configure my firewall to execute netperf ? I use shorewall (iptable firewall) on Debian
Le 16/08/2010 19:20, Rick Jones a écrit :> Klein Stéphane wrote: >> Hi, >> >> I''ve two computer : >> * A : it''s a server with a firewall >> * B : an computer on internet >> >> I''ve installed netserver on host A. >> I use netperf on host B. >> >> On host B, I launch : >> >> $ netperf -H host_A_address_IP >> >> If I stop the firewall on host A, all work great. >> It isn''t work when firewall is enabled. >> >> In filewall rules, I''ve opened default netserver port : 12865 >> >> host A have full access to internet. >> >> Where is the problem ? Can you help me ? >> >> It''s exactly the same issue than >> http://www.archivum.info/netfilter/2003-03/00360/iptables-config-for-netperf.html >> >> There are no answer to this last question. >> >> Other information : host A is a Debian and Firewall is configured >> with Shorewall >> >> Thanks for your help. >> Regards, >> Stephane > > The normal flow of a netperf test is that netperf establishes a > control connection to port 12865 on the system running netserver, then > passes setup information to the netserver via the control connection. > The netserver then does some setup and passes further information back > to netperf over the control connection - in particular the port number > for the "data" connection - and then netperf connects to netserver at > that port number. Netperf is always the side initiating connections. > > Now, there is a way to get netperf to use fixed port numbers for the > data connection - there should be something about that in either the > test-specific -h output, or in the online docs: > > http://www.netperf.org/svn/netperf2/tags/netperf-2.4.5/doc/netperf.html > > where the test-specific -H and -L options are discussed. > > happy benchmarking,Thanks, with your answer, I found the solution. On my firewall (shorewall), I defined this rules (/etc/shorewall/rules) : ACCEPT net $FW tcp 12865 ACCEPT net $FW tcp 12866 next on my external host (net), I do : $ netperf -H 192.168.1.14 -p 12865 -t TCP_STREAM -- -P 12866 This work great ! Regards, Stephane -- Stéphane Klein<stephane@harobed.org> blog: http://stephane-klein.info Twitter: http://twitter.com/klein_stephane pro: http://www.is-webdesign.com ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
Maybe Matching Threads
- [Bridge] When I add br0 (brctl addbr br0), and I show bridge list (brctl show) it's eth0 which is in the list. It's a bug ?
- Much difference between netperf results on every run
- xen the i / O performance, network performance is only 20-30% of the real machine?
- Update -> Someone with "Access Denied" from Windows pls try this test to compare notes with me
- netperf strange issue
Wisdom of the Ancients
