Container network options (Docker)
The Docker default "bridge" network should be avoided for performance testing purposes to avoid network address translation (NAT) overheads. The "host" network namespace can be selected instead using the following docker run syntax:
docker run --net host ...
Other Docker network types are also available that are suitable for high-performance network performance testing, such as macvlan and ipvlan. Note that these alternatives may require additional configuration to work correctly within your networking environment.
It is important to understand your application requirements to ensure a container environment is configured appropriately for performance. For example, Docker containers do not mount a tmpfs filesystem by default, which may cause issues with certain memory mapping expectations with files rooted in /tmp. iperf3 and its zero-copy mode (-Z) is a good example of when a tmpfs mount should be specified to avoid a performance regression. Example docker run syntax:
docker run --tmpfs /tmp ...