Total Pageviews

My YouTube Channel

Wednesday, 29 January 2014

vCloud Networking and Security 5.1 Edge configuration limits and throughput(2042799)


This article provides information about the configuration limits and performance metrics of the vCloud Networking and Security 5.1 Edge – compact, large, and x-large versions. You can use this information to make a deployment choice for Edge instances.


Details of Edge instances used in performance metrics comparison

Edge (Compact)Edge (Large)Edge (X-Large)
Memory256 MB1 GB8 GB
Disk320 MB320 MB4.4 GB


Tested Limits

The following table provides information on the tested soft limits per vCloud Networking and Security Manager:
Note: These soft limits can be exceeded on a per feature basis depending on the resources and the set of features in use.
LimitvCloud Networking and Security Manager
Number of Edge HA appliances2,000 Compact / Large Edges or 1,000 X-Large Edges
Number of clusters8
Number of hosts with Edge in use256 (8 clusters * 32 hosts)
Number of hosts in inventory400
Number of virtual machines15000 total virtual machines, 5000 powered on
Number of networks5000 VXLANs
Number of firewall rules100,000
Number of firewall object groups130,000
Number of DHCP static bindings25,000
Number of DHCP pools10,000
Number of static routes100,000
Number of load balancer pools3,000
Number of load balancer virtual servers3,000
Number of members in load balancer pools30,000
The following table provides information on the tested soft limits per vCloud Networking and Security Edge:
LimitvCloud Networking and Security Edge
Number of interfaces10
Number of firewall rules2,000
Number of NAT rules2,000
Number of DHCP static bindings25
Number of DHCP pools10
Number of static routes100
Number of load balancer pools3 (Hard limit: 64)
Number of load balancer virtual servers3 (Hard limit: 64)
Number of members per load balancer pool10 (Hard limit: 32)
Concurrent IPSec VPN Tunnels64
Concurrent SSL VPN Tunnels25 (Compact), 100 (Large)


Firewall and VPN Performance Comparison

Edge (Compact)Edge (Large)
Firewall Performance (Gbps)39.7
Concurrent Sessions64,0001,000,000
New sessions/second8,00050,000
IPSec VPN throughput (Gbps) - H/W acceleration via AESNI0.92


Load Balancer Performance Comparison

Edge (Large)Edge (X-Large)
Load balancer throughput – L7 Proxy Mode (Gbps)2.23
Load balancer connections / sec – L7 Proxy Mode46,00050,000
Load balancer concurrent connections – L7 Proxy Mode8,00060,000
Load balancer throughput – L4 Mode (Gbps)66
Load balancer connections / sec – L4 Mode50,00050,000
Load balancer concurrent connections – L4 Mode600,0001,000,000
  • VMware recommends you to use Edge (Large) or Edge (X-Large) for load balancing
  • Edge (X-Large) is not available in the vCloud Director deployment

Test Server Configuration

  • Dell PowerEdge T610 with ESXi 5.1
  • CPU – 8 CPUs x 2.393 GHz Intel(R) Xeon(R) CPU E5620
  • Memory – 24 GB
  • Network – 2x Intel 82599EB 10-gigabit SFI/SFP+

Test Methodology

  • IXIA IX Chariot applications used for throughput, connections per second, and concurrent connections tests.
  • Throughput measured with 1500 byte TCP frame size.
  • Throughput measured with accept any to any firewall rule and no additional NAT rules.
  • Load balancer performance numbers are for HTTP traffic.
  • Feature performance quoted is independent of other features. For example, firewall throughput measured without load balancer or other services enabled.