Fortinet Document Library

Version:

Version:


Table of Contents

Handbook

Download PDF
Copy Link

Starting a UDP Protocol DNS latency test

FortiTester tests the latency of the DUT while handling DNS query requests. The DUT could be a gateway device or a DNS server. This test traffic sends DNS requests to a DNS server and measures latency.

To start a DNS test:
  1. Go to Cases > Performance Testing > Protocol > UDP > DNS Latency to display the test case summary page.
  2. Click + Create New to display the Select case options dialog box.
  3. In the popup dialog, for the Network Config option, select the network template you have created in Cases > Security Testing > Objects > Networks. Then the network related options will automatically be filled. See Using network configuration templates for how to create a network template.
  4. Select a Certificate Group if applicable.
  5. Click OK to continue.
  6. Configure the test case options described below.
  7. Click Start to run the test case.

FortiTester saves the configuration automatically so you can run the test again later. You can also click Save to save the test case without running it.

Tip: You can also copy an existing case, and change its settings to create a new case. In the case list, click Clone to clone the configuration. Only the case name is different from the original case.

DNS Latency Test Case configuration

Settings Guidelines
Basic Information
Name Specify the case name, or just use the default. The name appears in the list of test cases.
Ping Server Timeout If a FortiTester connects to a DUT via a switch, the switch might cause a ping timeout, resulting in the test case failing to run. If this occurs, increase the timeout. The default is 15 seconds. The valid range is 0 to 600.
Note: You can disable this end-to-end connectivity test by entering a setting of 0. If the DUT is unable to return packets, it is recommended you do so.
Number of Samples Select the number of samples. The default is 20, which means the web UI will show the last 20 sample data (about 20 seconds) in the test case running page. You can select 20, 60, or 120.

Script Config

Select the script that will run before/after the test. To create a script, see Using script object templates.

Steady Duration Specify the test duration. The default is 10 minutes. The test stops automatically after the duration you specify.
Stopping Status in Second The maximum time out in seconds allotted for FortiTester to close all TCP connections after the test finishes.

DNS Host Group

Select the DNS host group to look up the IP address of a domain name. To create a DNS host group, see Creating DNS host group.

DUT Monitor

Select to monitor a FortiGate device under test (DUT). If selected, you can monitor the DUT from the DUT Monitor tab on the management interface. To create a DUT monitoring, see Using DUT monitoring.

Network Settings
If you have selected a network config template, the network settings automatically inherit the configurations in the template. See Using network configuration templates for the description of network settings.
Load
Simulated Users Number of users to simulate.
Ramp Up Time Time in seconds for traffic to ramp up when you start the test.
Ramp Down Time Time in seconds for traffic to ramp down when you stop the test.
Time Out The default is 1000 microseconds.
Renew Socket Specify Yes or No. If Yes, the client side renews a socket to send out the next query (note if the client profile “Domain Policy” is set as List, all queries for the names in the domain list will use the same socket; after that a new socket will be created for next batch of queries). If No, use the old socket.
Client Profile
Domain Policy Random or List. If Random is selected, FortiTester generates random domain names for queries. If List is select, FortiTester uses queries in the specified list.
Random Length Specify the random length of the domain policy.
Domain If Domain Policy is List, specify a list of domain name records. For example: fortinet.com:A,www.fortinet.com:A,
fortitester.com:MX

A name followed with a “:A” means it’s an address record, while a “:MX” means a mail exchange record.
Source Port Range Specify a client port range. The valid range is 10,000 to 65,535, which is also the default.
IP Change Algorithm/Port Change Algorithm Select a change algorithm: Increment or Random. This setting determines how the system changes source/destination IP addresses and ports to simulate multiple client requests. The Increment option uses the next IP address or port in the range, for example: 10.11.12.1 -> 10.11.12.2; port 10000 -> 10001. The Random option selects an IP address or port in the range randomly.
Server Profile
Case Server Port The server port where the test case traffic arrives.
Client/Server Network
Network MTU The maximum transmission unit size.
IP Option DSCP Provide quality of service (QoS).
Client Limit
Bandwidth Bandwidth in Mbps. The default is 0, which means the device will send traffic as fast as possible.
Packets per Second Rate of the packets per second. The default is 0, which means the device will create transactions as fast as possible.
Server Limit
Bandwidth Bandwidth in Mbps. The default is 0, which means the device will send traffic as fast as possible.
Packets per Second Rate of the packets per second. The default is 0, which means the device will create transactions as fast as possible.

Starting a UDP Protocol DNS latency test

FortiTester tests the latency of the DUT while handling DNS query requests. The DUT could be a gateway device or a DNS server. This test traffic sends DNS requests to a DNS server and measures latency.

To start a DNS test:
  1. Go to Cases > Performance Testing > Protocol > UDP > DNS Latency to display the test case summary page.
  2. Click + Create New to display the Select case options dialog box.
  3. In the popup dialog, for the Network Config option, select the network template you have created in Cases > Security Testing > Objects > Networks. Then the network related options will automatically be filled. See Using network configuration templates for how to create a network template.
  4. Select a Certificate Group if applicable.
  5. Click OK to continue.
  6. Configure the test case options described below.
  7. Click Start to run the test case.

FortiTester saves the configuration automatically so you can run the test again later. You can also click Save to save the test case without running it.

Tip: You can also copy an existing case, and change its settings to create a new case. In the case list, click Clone to clone the configuration. Only the case name is different from the original case.

DNS Latency Test Case configuration

Settings Guidelines
Basic Information
Name Specify the case name, or just use the default. The name appears in the list of test cases.
Ping Server Timeout If a FortiTester connects to a DUT via a switch, the switch might cause a ping timeout, resulting in the test case failing to run. If this occurs, increase the timeout. The default is 15 seconds. The valid range is 0 to 600.
Note: You can disable this end-to-end connectivity test by entering a setting of 0. If the DUT is unable to return packets, it is recommended you do so.
Number of Samples Select the number of samples. The default is 20, which means the web UI will show the last 20 sample data (about 20 seconds) in the test case running page. You can select 20, 60, or 120.

Script Config

Select the script that will run before/after the test. To create a script, see Using script object templates.

Steady Duration Specify the test duration. The default is 10 minutes. The test stops automatically after the duration you specify.
Stopping Status in Second The maximum time out in seconds allotted for FortiTester to close all TCP connections after the test finishes.

DNS Host Group

Select the DNS host group to look up the IP address of a domain name. To create a DNS host group, see Creating DNS host group.

DUT Monitor

Select to monitor a FortiGate device under test (DUT). If selected, you can monitor the DUT from the DUT Monitor tab on the management interface. To create a DUT monitoring, see Using DUT monitoring.

Network Settings
If you have selected a network config template, the network settings automatically inherit the configurations in the template. See Using network configuration templates for the description of network settings.
Load
Simulated Users Number of users to simulate.
Ramp Up Time Time in seconds for traffic to ramp up when you start the test.
Ramp Down Time Time in seconds for traffic to ramp down when you stop the test.
Time Out The default is 1000 microseconds.
Renew Socket Specify Yes or No. If Yes, the client side renews a socket to send out the next query (note if the client profile “Domain Policy” is set as List, all queries for the names in the domain list will use the same socket; after that a new socket will be created for next batch of queries). If No, use the old socket.
Client Profile
Domain Policy Random or List. If Random is selected, FortiTester generates random domain names for queries. If List is select, FortiTester uses queries in the specified list.
Random Length Specify the random length of the domain policy.
Domain If Domain Policy is List, specify a list of domain name records. For example: fortinet.com:A,www.fortinet.com:A,
fortitester.com:MX

A name followed with a “:A” means it’s an address record, while a “:MX” means a mail exchange record.
Source Port Range Specify a client port range. The valid range is 10,000 to 65,535, which is also the default.
IP Change Algorithm/Port Change Algorithm Select a change algorithm: Increment or Random. This setting determines how the system changes source/destination IP addresses and ports to simulate multiple client requests. The Increment option uses the next IP address or port in the range, for example: 10.11.12.1 -> 10.11.12.2; port 10000 -> 10001. The Random option selects an IP address or port in the range randomly.
Server Profile
Case Server Port The server port where the test case traffic arrives.
Client/Server Network
Network MTU The maximum transmission unit size.
IP Option DSCP Provide quality of service (QoS).
Client Limit
Bandwidth Bandwidth in Mbps. The default is 0, which means the device will send traffic as fast as possible.
Packets per Second Rate of the packets per second. The default is 0, which means the device will create transactions as fast as possible.
Server Limit
Bandwidth Bandwidth in Mbps. The default is 0, which means the device will send traffic as fast as possible.
Packets per Second Rate of the packets per second. The default is 0, which means the device will create transactions as fast as possible.