mirror of https://github.com/TrustTunnel/TrustTunnel.git synced 2026-04-18 17:04:05 +00:00

Files

Andrey Yakushin 916dbee141 Pull request 125: More reliable bench tests

Squashed commit of the following:

commit 1fefa6fcfa65ed07e0dc28eb7aef7ef620495f95
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Thu Jan 29 14:31:49 2026 +0400

    Return socks5 tests

commit a71e1d6a44f955170bad6234d01b4879cce566da
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Thu Jan 22 18:45:35 2026 +0400

    Make small files download test common for all wg, ag and no-vpn

commit 33570bf4c805f903bd065a6b65ecf300ae47a687
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Thu Jan 22 18:44:53 2026 +0400

    Fix proxy url

commit 7ad4b9ea6e04e8c3b7b49ea672956cc1f4c04a89
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Thu Jan 22 18:44:49 2026 +0400

    Fix paths

commit 13fd358f2e8a68bdb4e834231d8c3dd65441facd
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Thu Jan 22 18:44:31 2026 +0400

    Parametrize upload with http2 or http3

commit 852789f96aed436a71b18e877ab08c879cbdea12
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Fri Jan 16 22:14:11 2026 +0400

    Install curl with http3 support

commit 5860b536a752dffe5fc34a33726fb98e5f3cb80b
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Fri Jan 16 22:13:57 2026 +0400

    Install prebuilt cmake instead of building from source

commit 42649ae32ef014afabaeafdc07ab3538f811bfef
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Fri Jan 16 17:16:09 2026 +0400

    http2 and http3 for nginx server

commit 771f9d067f2b4ebfa4c40020b4aa6fe9a7ff1beb
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Fri Jan 16 15:19:46 2026 +0400

    Parametrize download test with http proto

commit 572e59eb2fe52d9ad2745df99d9e22d3cdb0088d
Author: Andrey Yakushin <a.yakushin@adguard.com>
Date:   Fri Jan 16 14:34:30 2026 +0400

    Remove iperf benchs

2026-01-30 18:12:06 +00:00

2.8 KiB

Raw Blame History

Architecture

The benchmark consists of 3 isolated parts:

remote-side - acts as HTTP servers for the benchmark
middle-box - acts as a VPN endpoint host, either WireGuard or TrustTunnel
local-side - acts as a benchmark running host, can establish tunnels to the server residing on the remote side through the VPN endpoint

How to run

Single host

Build docker images
```
cd ./bench
./single_host.sh build --client=<TrustTunnelClient.git> --endpoint=<TrustTunnel.git>
```
This command prepares all the parts to run on the current host. To see the full set of the available options run:
```
./single_host.sh --help
```
Run the benchmark
```
./single_host.sh run
```
This command runs all the parts of the benchmark on the current host.

Separate hosts

Assume IP addresses of host_1, host_2 and host_3 are 1.1.1.1, 2.2.2.2 and 3.3.3.3 respectively.

Running host_1 as a remote side

scp Dockerfile user@1.1.1.1:~
scp -r remote-side user@1.1.1.1:~
ssh user@1.1.1.1
docker build -t bench-common .
docker build -t bench-rs ./remote-side
docker run -d -p 8080:8080 -p 5201:5201 -p 5201:5201/udp bench-rs

Running host_2 as a middle box

scp Dockerfile user@2.2.2.2:~
git clone <TrustTunnel.git> ./middle-box/trusttunnel-rust/trusttunnel-endpoint
scp -r middle-box user@2.2.2.2:~
ssh user@2.2.2.2
docker build -t bench-common .

WireGuard

docker build -t bench-mb-wg ./middle-box/wireguard
docker run -d \
  --cap-add=NET_ADMIN --cap-add=SYS_MODULE --device=/dev/net/tun \
  -p 51820:51820/udp \
  bench-mb-wg

TrustTunnel

docker build \
  --build-arg ENDPOINT_HOSTNAME=endpoint.bench \
  -t bench-mb-ag ./middle-box/trusttunnel-rust/
docker run -d \
  --cap-add=NET_ADMIN --cap-add=SYS_MODULE --device=/dev/net/tun \
  -p 4433:4433 -p 4433:4433/udp \
  bench-mb-ag

Run the benchmark from host_3

scp Dockerfile user@3.3.3.3:~
git clone <TrustTunnel.git> ./local-side/trusttunnel/trusttunnel-endpoint
scp -r local-side user@3.3.3.3:~
ssh user@3.3.3.3
docker build -t bench-common .
docker build -t bench-ls ./local-side

No VPN

./local-side/bench.sh no-vpn bridge 1.1.1.1 results/no-vpn