Search the VMware Knowledge Base (KB)
View by Article ID

vCloud Networking and Security 5.1 and 5.5 Edge configuration limits and throughput (2042799)

  • 21 Ratings

Purpose

This article provides information about the configuration limits and performance metrics of the vCloud Networking and Security 5.1 Edge – compact, large, and x-large versions. You can use this information to make a deployment choice for Edge instances.

Resolution

Details of Edge instances used in performance metrics comparison

Edge (Compact) Edge (Large) Edge (X-Large)
vCPU 1 2 2
Memory 256 MB 1 GB 8 GB
Disk 320 MB 320 MB 4.4 GB

 

Tested Limits

The following table provides information on the tested soft limits per vCloud Networking and Security Manager:
 
Note:
  • These soft limits can be exceeded on a per feature basis depending on the resources and the set of features in use.
  • Maximum number of DHCP configs per Edge is 2048. You can either have 2048 static binding or 2048 static pools or any combination of those two not exceeding beyond 2048.
 
Limit vCloud Networking and Security Manager
Number of Edge HA appliances 2,000 Compact / Large Edges or 1,000 X-Large Edges
Number of clusters 8
Number of hosts with Edge in use 256 (8 clusters * 32 hosts)
Number of hosts in inventory 400
Number of virtual machines 15000 total virtual machines, 5000 powered on
Number of networks 5000 VXLANs
Number of firewall rules 100,000
Number of firewall object groups 130,000
Number of DHCP static bindings 25,000
Number of DHCP pools 10,000
Number of static routes 100,000
Number of load balancer pools 3,000
Number of load balancer virtual servers 3,000
Number of members in load balancer pools 30,000
 
 
The following table provides information on the tested soft limits per vCloud Networking and Security Edge:
 
Limit vCloud Networking and Security Edge
Number of interfaces 10
Number of firewall rules 2,000
Number of NAT rules 2,000
Number of DHCP static bindings 25
Number of DHCP pools 10
Number of static routes 100
Number of load balancer pools 3 (Hard limit: 64)
Number of load balancer virtual servers 3 (Hard limit: 64)
Number of members per load balancer pool 10 (Hard limit: 32)
Concurrent IPSec VPN Tunnels 64
Concurrent SSL VPN Tunnels 25 (Compact), 100 (Large)

 

Firewall and VPN Performance Comparison

Edge (Compact) Edge (Large)
Firewall Performance (Gbps) 3 9.7
Concurrent Sessions 64,000 1,000,000
New sessions/second 8,000 50,000
IPSec VPN throughput (Gbps) - H/W acceleration via AESNI 0.9 2

 

Load Balancer Performance Comparison

Edge (Large) Edge (X-Large)
Load balancer throughput – L7 Proxy Mode (Gbps) 2.2 3
Load balancer connections / sec – L7 Proxy Mode 46,000 50,000
Load balancer concurrent connections – L7 Proxy Mode 8,000 60,000
Load balancer throughput – L4 Mode (Gbps) 6 6
Load balancer connections / sec – L4 Mode 50,000 50,000
Load balancer concurrent connections – L4 Mode 600,000 1,000,000
 
Notes:
  • VMware recommends you to use Edge (Large) or Edge (X-Large) for load balancing
  • Edge (X-Large) is not available in the vCloud Director deployment
  • L4 Mode is not available in the vCloud Director deployment. While L4 Mode can be enabled via the vShield API, as soon as you perform certain actions from vCloud Director such as a redeploy, that configuration will be lost and the vSEG will be redeployed in L7 Proxy Mode.

Test Server Configuration

  • Dell PowerEdge T610 with ESXi 5.1
  • CPU – 8 CPUs x 2.393 GHz Intel(R) Xeon(R) CPU E5620
  • Memory – 24 GB
  • Network – 2x Intel 82599EB 10-gigabit SFI/SFP+

Test Methodology

  • IXIA IX Chariot applications used for throughput, connections per second, and concurrent connections tests.
  • Throughput measured with 1500 byte TCP frame size.
  • Throughput measured with accept any to any firewall rule and no additional NAT rules.
  • Load balancer performance numbers are for HTTP traffic.
  • Feature performance quoted is independent of other features. For example, firewall throughput measured without load balancer or other services enabled.

See Also

Update History

04/10/2013 - Added test server configuration and test methodology

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 21 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 21 Ratings
Actions
KB: