ESG Validation

ESG Lab Review: Fast and Efficient Network Load Balancing from KEMP Technologies

The Challenges

IT challenges are not always technical in nature, which is indeed the case when it comes to networking. In fact, organizations surveyed by ESG most often cited meeting budget constraints as a top challenge facing their networking teams (38%) (see Figure 1).[1] And it’s not just in networking; according to ESG’s 2016 IT Spending Intentions Survey, budget factors such as return on investment and reducing operational and capital expenses are important considerations for justifying investment across all of IT.[2] However, as borne out by the fact that providing network performance (27%) was also in the top five networking challenges, network quality and user satisfaction are still important, even while dealing with budget limitations.

Figure 1. Top Five Networking Challenges for 2016

The Solution: LoadMaster Operating System for Bare Metal

The LoadMaster bare metal solution combines KEMP’s layer 4 to layer 7 application delivery technology with standard server technology from popular vendors to create high-performance cost-efficient Application Delivery Controllers (ADCs). The bare metal installation enables direct integration between the LoadMaster operating system and the server hardware to deliver application load balancing, high availability, security, and traffic accelerations for enterprise environments.

Figure 2. Solution

Key solution features include:

  • High-performance Layer 4 to 7 Server Load Balancing: Ensures each user gets the best application experience possible.
  • Web Application Firewall Pack (AFP): Protects against application-level attacks and simplifies PCI-DSS compliance.
  • Server Hardware and Application Health Checking: Guarantees user requests will be directed to only available servers and available applications.
  • IP and Layer 7 Persistence: Ensures that users maintain continuous connections with the specific server where their transactional data is available, even if the IP address changes during the session.
  • Layer 7 Content Switching: Enables site administrators to optimize server traffic according to content type.
  • SSL Acceleration/Offload: Optimizes server performance and user experience for encrypted application content.
  • Compression and Cache: Reduces internal network latency and optimizes bandwidth for the best possible client experience.
  • Intrusion Prevention System (IPS): Thwarts application threats in both non-encrypted and encrypted traffic streams.
  • Edge Security: Enables dual factor authentication, authorization, single sign-on and group-based service access.
  • SDN Adaptive Traffic Steering: Allows for SDN controller metrics to be used to make optimized application traffic policy decisions.
  • High Availability and Clustering: Ensures that application SLAs are met and scale out is possible.
  • IPsec VPN: Facilitates secure hybrid deployments between on-premises infrastructure and cloud environments.
  • Azure and AWS Integration: Simplifies application migration to the public cloud.
  • RESTful API: Enables automation and orchestration with native REST as well as PowerShell and Java API wrappers.

Network function virtualization (NFV) is a network architecture concept that decouples network services from the hardware that delivers them to provide software implementation of network functions. In addition to standalone Virtualized Network Functions (VNFs) which can be installed directly into virtualized environments, KEMP offers a specialized NFV-enabled version of their operating system that allows them to host these instances and exploit the same x86_64 optimizations that they’ve implemented in their bare metal LoadMaster platform.

The KEMP architecture allows organizations to leverage a pool of x86_64 resources of their choosing that can be dynamically provisioned, scaled on demand, and integrated into service chains for a variety of use cases as a foundational building block of the agile, modern data center.

ESG Lab Tested

ESG Lab performed remote hands-on testing of the LoadMaster Operating System for Bare Metal at a KEMP Technologies facility in Limerick, Ireland. Testing focused on KEMP’s ability to deliver application load balancing, security, traffic acceleration, and scalability in a highly cost-efficient solution.

Performance

In this section of the report, ESG Lab explores the performance capabilities of the LoadMaster solution. Because generating network-specific workload traffic that stresses the maximum capabilities of an enterprise-class switch or controller is no easy task, we used a traffic simulator to push the LoadMaster solution to its limits. Ixia Networks Xcellon-Ultra hardware with the IxLoad software module was used to generate the simulated network traffic. Test results were captured from IxLoad reports as well as live snapshots from the LoadMaster user interface. The LoadMaster solution ran on a Dell R430 server with an Intel Xeon E5-2640 2.6 GHz processor, two 10GbE NICs, four GbE NICs, and up to 16 GB of memory as the hardware platform.

The tests performed in this report are used by most, if not all, load balancer vendors to test the performance of their solutions.

The first test evaluated the performance of the LoadMaster in an environment with a large number of simultaneous small web requests. Each user connecting to the web server generates one or more HTTP requests. To simulate this environment, we configured the Ixia to generate as many TCP connections as possible. Each TCP connection generated 100 HTTP requests, and transferred a 128byte file per request. This configuration generated as many HTTP requests as possible and maximized the CPU utilization on the LoadMaster. As shown by the red line in Figure 3, the LoadMaster peaked at more than 700,000 HTTP requests per second, and averaged almost 605,000 requests per second over the five-minute test.

Figure 3. HTTP Requests per Second

Using the LoadMaster user interface, we determined that during this test, the LoadMaster was utilizing 100% of the CPU. To scale the LoadMaster to handle more simultaneous connections, an administrator could install an additional CPU, or upgrade to a faster CPU.

Table 1. IxLoad HTTP Analysis

What the Numbers Mean

  • The HTTP test used 100% of the system’s CPU. It’s important to note that the KEMP solution runs in kernel space, and is highly optimized.
  • The HTTP request test used only 6% of the total system memory resources.
  • The average inbound traffic was 432 Mb/s and average outbound traffic was 434 Mb/s, a small fraction of the maximum bandwidth available, as expected.

Next, we evaluated the performance of the LoadMaster in an environment where the web servers must handle a large number of simultaneous users using encrypted communication. Each user connecting to the web server generates one or more encrypted HTTP requests using SSL. To simulate this environment, we configured the Ixia to generate a single HTTPS transaction per TCP connection, using TLS 1.0. This configuration generated as many HTTPS requests as possible, and we observed how many SSL transactions the LoadMaster could process per second with this server configuration.

Because the LoadMaster CPU handles all encryption, and encryption places heavy demands on the CPU, the number of SSL requests is directly dependent on the number and power of the CPUs installed in the system. As shown by the red line in Figure 4, the LoadMaster peaked at more than 4,800 SSL requests per second, and averaged more than 3,000 requests per second over the five-minute test. All SSL testing was based on 2KB key usage; testing with smaller keys would have yielded higher performance—e.g., with 1KB keys the Loadmaster should have been able to process double the number of SSL requests.

Figure 4. Secure HTTP Transactions

As with the unencrypted scenario, scaling the LoadMaster to process additional SSL requests requires additional CPU resources.

Table 2. IxLoad HTTP with SSL Analysis

In many environments, web servers must transfer large amounts of data—for example, web servers hosting files for download, or streaming video. To test the LoadMaster performance in a large data transfer environment, ESG Lab configured the Ixia to generate as many TCP connections as possible. Each TCP connection generated 100 HTTP requests, and transferred a 512KB byte file per request, maximizing the amount of data transferred.

The blue line in the Ixia results graph at the top right of Figure 5shows that the LoadMaster sustained between ten and 12 Gigabytes per second of data throughput. The LoadMaster user interface reported that each Ethernet interface was transferring data at almost 100% of its maximum. During the test, the CPU was just 13% idle, and the system consumed less than 4% of available memory. These results indicate that the LoadMaster is network interface bound and still has resources available to process traffic. An organization could add another pair of NICs to provide more network bandwidth.

Figure 5. HTTP Throughput

Lastly, the Lab explored the simultaneous connection scalability of the LoadMaster solution. To place a load on the system, we configured the Ixia to open as many layer 7 (L7) TCP connections as possible, making one HTTP request for each connection. The Ixia then maintained the open TCP connection. Each concurrent open connection consumes LoadMaster memory. We tested the LoadMaster with four, eight, and 16 GB of memory. As shown in Figure 6, the number of concurrent open connections processed by the LoadMaster scaled linearly with each doubling of the amount of LoadMaster system memory. Since customers are often interested in taking advantage of the application traffic optimizations that an application delivery controller can provide when operating at L7, L7 connections were used in the representative tests as opposed to L4. Additionally, L4 connections typically have a smaller footprint than L7 and would not reflect real-world deployment scenarios.

Figure 6. Solution Scale

What the Numbers Mean

  • Scaling the maximum number of open connections only required the installation of inexpensive commodity server memory.
  • CPU utilization remained low throughout these tests, indicating that the system could have handled many more concurrent connections and other workloads with the addition of more memory.

Why This Matters

ESG asked organizations to name the biggest challenges facing their networking team in 2016. Meeting budget constraints was the most-cited response (38%), with providing network performance (27%) not far behind.[3] Solving these two challenges at the same time seems like an unreasonable expectation, so arming IT with a solution that could help address both would be advantageous to the business.

ESG Lab validated that the LoadMaster Operating System for Bare Metal solution from KEMP can help customers improve their network efficiency and performance with extraordinary cost efficiency. ESG confirmed the ability of Loadmaster OS to efficiently handle and route hundreds of thousands of HTTP and thousands of secure HTTP transactions on industry-standard server hardware. ESG Lab also validated the ability of the solution to be inexpensively and easily scaled in any dimension—CPU, network, or memory—to handle growth.

Price/Performance

ESG Lab evaluated the price/performance of KEMP Technologies’ LoadMaster for Bare Metal running LoadMaster Operating System (LMOS) on industry-standard x86_64 servers. For reference, we also computed the price/performance of similarly configured, proprietary, hardware appliance load balancer solutions from a market-leading vendor. We compared three KEMP LoadMaster configurations with four hardware load balancers, as described in Table 3.[4]

Table 3. Load Balancers for Price/Performance Comparison

ESG Lab selected three servers for the KEMP LoadMaster solutions to represent small, medium, and large deployment configurations. We used currently available servers from Dell, and the total cost analyses used the server pricing as published on Dell’s website. Performance results for these configurations were obtained during the testing phase as previously described. ESG Lab selected four purpose-built hardware load balancers from a market-leading vendor with reported performance capability comparable to the KEMP LoadMaster configurations and used vendor-published pricing and performance data for comparison.

First, the price/performance based on cost per Gbps of throughput was examined, which measures the cost of the ability to transfer data between users and application servers. As shown in Figure 7, all three KEMP LoadMaster solutions delivered virtually identical dollars per Gbps, reflecting the linear price/performance scalability of the solution. The best result from the market-leading vendor was 3.7 times costlier per Gbps of throughput than the KEMP solutions.

Figure 7. Throughput—Cost per Gbps

Next, ESG Lab compared the price/performance based on cost per HTTP L7 requests per second, which measures the cost of the ability to handle simultaneous requests. All three KEMP LoadMaster solutions again delivered virtually identical price/performance, as shown in Figure 8, reflecting the linear price/performance scalability of the solution. The best result from the market-leading vendor was 3.6 times costlier per transactions/second than the KEMP solutions.

Figure 8. Cost per HTTP L7 Requests per Second

We also performed the same comparison for encrypted (SSL) requests per second. Encryption demands extremely high performance from the system processor. Upgrading the CPU or adding additional CPUs to the KEMP LoadMaster solution provides significant price/performance benefits, and this is reflected in the results shown in Figure 9. Upgrading from a Xeon E3 to a Xeon E5 gave a 1.4 times price/performance advantage. Adding a second Xeon E5 processor gave an additional 1.9 times price/performance advantage. The best result from the market-leading vendor was 1.7 times costlier per encrypted transactions/second than the costliest KEMP solution.

Figure 9. Cost per SSL Requests per Second

Finally, we compared the price/performance based on cost per one million concurrent connections, which measures the cost of the ability to handle multiple active users concurrently. Context data for each connection is maintained in system memory; the ability to handle multiple concurrent connections directly correlates to the amount of memory available in the system. Using low-cost commodity server hardware and memory enables the KEMP solutions to deliver near-linear price/performance scalability for the number of concurrent connections. The best result from the market-leading vendor was 7.5 times costlier per concurrent connection than the costliest KEMP solution.

Figure 10. Cost per Million Concurrent Connections per Second

Why This Matters

As the number of internal and external applications grows, requiring investments in supporting infrastructure, IT is still hearing the mantra “do more with less.” ESG’s 2016 IT Spending Intentions Survey revealed that cost reduction initiatives ranked second (behind increasing cybersecurity) in the top ten most frequently cited 2016 business initiatives driving technology spending.[5] This is especially true for application load balancers, where the goal is to optimize the use of available resources.

ESG Lab validated that KEMP Technologies’ LoadMaster for Bare Metal provides a significant price/performance advantage when compared to market-leading purpose-built vendors in every metric we evaluated. KEMP LoadMaster delivered more than 3.7 times better cost per Gbps, more than 3.6 times better cost per HTTP request, more than 1.7 times better cost per encrypted HTTPS request, and more than 7.5 times better cost per million concurrent connections.

Additionally, KEMP technologies delivered near linear price/performance scalability, reflecting the advantages of software-based solutions leveraging industry-standard x86_64 server hardware.

The Bigger Truth

As previously noted, ESG found that meeting budget constraints was the most cited challenge facing networking teams in 2016 (38%).[6] Combined with budget factors such as return on investment and reducing operational and capital expenses being reported as important considerations for justifying investment across IT, it’s clear that getting more bang for the buck is an overarching theme for networking teams and IT in general.[7]

KEMP Technologies has a strong focus on delivering its Application Delivery Controller capabilities through its software offerings, and since it runs on a variety of platforms—including bare metal OS, virtual machines, hardware, and cloud- based—KEMP offers its customers a wide range of choices in scalability and deployment options. KEMP’s mature software base was designed from the ground up to provide a common, stable foundation, and users can adjust the underlying platform to meet a variety of requirements. The KEMP architecture allows organizations to leverage a pool of optimized x86_64 resources—of their choosing—for a variety of use cases, whether traditionally deployed or in an NFV architecture.

While the KEMP LoadMaster Operating System (LMOS) is supported on most x86_64 platforms that also support Linux OS, several major server vendor manufacturers have certified the KEMP LMOS as a fully supported OS and will honor their warranty and support agreements.  These vendors include Cisco UCS—B and C series, Dell, HP, Oracle Sun x86_64, and Fujitsu. KEMP disclosed to ESG Lab that more vendor certifications are in process. Because there is no abstraction layer between the hardware and the bootable KEMP OS, organizations can move LoadMaster licenses to higher performing server hardware as needed.

ESG Lab confirmed that KEMP LoadMaster for Bare Metal running on standard server hardware delivered not only excellent performance, but also excellent price/performance as compared with similarly configured, purpose-built load balancer solutions from a market-leading vendor. Using industry-standard test configurations, and compared with vendor-published performance results, KEMP LoadMaster delivered more than 3.7 times better cost per Gbps, more than 3.6 times better cost per HTTP request, more than 1.7 times better cost per encrypted HTTPS request, and more than 7.5 times better cost per million concurrent connections.

KEMP LoadMaster for Bare Metal enables organizations that have standardized on specific server platforms to leverage the common hardware that they already use. Organizations looking to reduce costs while optimizing the performance of their Application Delivery Controller infrastructure would be smart to take a close look at KEMP LoadMaster for Bare Metal.

Appendix

Technical specifications of the load balancers used for the price/performance comparison are summarized in Table 4.

Table 4. Load Balancer Technical Specifications

Total cost analyses of the load balancers used for the price/performance comparison are summarized in Table 5. Costing included three-year premium support for both the hardware and the software.

Table 5. Load Balancer Total Cost Analyses

ESG Lab Reports

The goal of ESG Lab reports is to educate IT professionals about data center technology products for companies of all types and sizes. ESG Lab reports are not meant to replace the evaluation process that should be conducted before making purchasing decisions, but rather to provide insight into these emerging technologies. Our objective is to go over some of the more valuable feature/functions of products, show how they can be used to solve real customer problems and identify any areas needing improvement. ESG Lab’s expert third-party perspective is based on our own hands-on testing as well as on interviews with customers who use these products in production environments. This ESG Lab report was sponsored by KEMP Technologies.

 


[1] Source: ESG Research Report, Trends in Data Center Networking, February 2016.

[2] Source: ESG Research Report, 2016 IT Spending Intentions Survey, to be published.

[3] Source: ESG Research Report, 2016 IT Spending Intentions Survey, to be published.

[4] Complete technical specifications and total cost analyses are provided in the Appendix.

[5] Source: ESG Research Report, 2016 IT Spending Intentions Survey, to be published.

[6] Source: ESG Research Report, Trends in Data Center Networking, February 2016.

[7] Source: ESG Research Report, 2016 IT Spending Intentions Survey, to be published.

Topics: IT Infrastructure Networking