Performance Testing (PTS) generates load from two types of stress sources: Internet and Alibaba Cloud Virtual Private Cloud (VPC). The stress source determines where load traffic originates, which affects network path, latency profile, and access permissions for the tested end.
| Stress source | How it works | When to use |
|---|---|---|
| Internet (default) | Distributes load from CDN nodes of ISPs across hundreds of cities worldwide. | The tested end is accessible over the public internet. |
| Alibaba Cloud VPC | Generates load from within a VPC in the same region as the tested end. | The tested end is an internal service not exposed to the internet, or the test requires private IP access. |
Internet
PTS distributes stress sources across Content Delivery Network (CDN) nodes of Internet service providers (ISPs) in hundreds of cities around the world. Node IP addresses are assigned based on the stress level of the stress test.
This is the default mode. No additional network configuration is required.
Alibaba Cloud VPC
When you use Alibaba Cloud VPC as the stress source, the stress testers and the tested servers are in the same region. Use this mode for the following scenarios:
Test internal services that are not accessible from the public internet.
Test services connected through leased lines to third-party clouds or on-premises data centers.
Set up VPC stress testing
Select the region, VPC, security group, and vSwitch in the PTS console. For step-by-step instructions, see Stress testing in the internal network of Alibaba Cloud VPCs.
The supported regions for VPC stress testing are displayed in the console.
Network and access requirements
Before starting a VPC stress test, configure the following network and access settings.
IP address requirements
| Requirement | Details |
|---|---|
| VPC selection | Select a VPC in which the tested end resides. |
| Private IP addresses | All API calls during the stress test must use private IP addresses of VPCs, or domain names that resolve to private IP addresses. To map a domain name to an IP address, see Domain name-IP address binding. |
| Single-region constraint | Each scenario supports only one region. All testing APIs must use internal network services within that region. |
| Leased-line connectivity | If a VPC is connected to a third-party cloud or an on-premises data center through leased lines, the VPC and the third-party cloud or on-premises data center must be in the same CIDR block (for example, 10.0.0.0/8). |
Security group and whitelist configuration
| Requirement | Details |
|---|---|
| Grant internal network access | Manually configure the Elastic Compute Service (ECS) security groups and Server Load Balancer (SLB) instances to allow traffic from the stress testers. |
| Outbound traffic | You cannot restrict outbound traffic on the security groups used for stress testing. Security groups managed by cloud services are not supported. |
| Add vSwitch CIDR block | Add the CIDR block of the vSwitch to the private IP address whitelists of the tested end. |
Resource limits
The maximum throughput ranges from 20,000 to 100,000 transactions per second (TPS), depending on the region.
Pre-test checklist
Before starting a VPC stress test, verify the following. Ensure that your configuration meets the IP address requirements and whitelist-based access requirements listed above. Otherwise, network connectivity will be affected.
[ ] The tested end is in the selected VPC and region.
[ ] All API endpoints use private IP addresses or domain names that resolve to private IP addresses.
[ ] All testing APIs use internal network services within a single region.
[ ] If leased lines are used, the VPC and the connected network are in the same CIDR block.
[ ] ECS security groups and SLB instances allow traffic from the stress testers.
[ ] The vSwitch CIDR block is added to the private IP address whitelists of the tested end.
[ ] Outbound traffic is not restricted on the security groups used for stress testing.