Network Function Virtualization (NFV) and Service Function Chaining (SFC) enable network functions to be deployed as Virtual Network Functions (VNFs) on flexible commodity servers. However, chaining multiple VNFs within a service chain may degrade data-plane performance, particularly in container-based environments. This study analyzes the performance of container-based SFC in a single-host Docker environment under three scenarios: (1) a direct client–server connection without VNFs (baseline), (2) the addition of a single Layer 3 (L3) VNF in the form of an iptables firewall, and (3) the integration of an L3 firewall VNF combined with a Layer 4 (L4) load balancer VNF based on HAProxy. Performance evaluation was conducted by measuring TCP throughput using iperf3, end-to-end latency using ping, and CPU utilization of each container using docker stats. The results indicate that adding the L3 firewall reduces throughput by approximately 33% and nearly doubles latency compared to the baseline. Meanwhile, incorporating the L4 load balancer causes throughput degradation of up to 92%. CPU utilization analysis shows that the kernel-space firewall introduces minimal additional overhead in user space, whereas the L4 VNF becomes the primary source of CPU saturation. These findings suggest that, in container-based SFC deployments on a single-host Docker environment, performance bottlenecks are primarily driven by user-space L4 VNFs rather than kernel-based L3 forwarding. Therefore, L4 VNFs require special consideration when designing service chaining architectures for resource-constrained edge nodes.

docker; network function virtualization; network performance; service function chaining; single-host

H. U. Adoga and D. P. Pezaros, “Network Function Virtualization and Service Function Chaining Frameworks: A Comprehensive Review of Requirements, Objectives, Implementations, and Open Research Challenges,” Future Internet, Vol. 14, No. 2, Feb. 2022, DOI: 10.3390/fi14020059.

K. Kaur, V. Mangat, and K. Kumar, “A Review on Virtualized Infrastructure Managers with Management and Orchestration Features in NFV Architecture,” Nov. 09, 2022, Elsevier B.V. DOI: 10.1016/j.comnet.2022.109281.

A. Abouaomar, S. Cherkaoui, Z. Mlika, and A. Kobbane, “Service Function Chaining in MEC: A Mean-Field Game and Reinforcement Learning Approach,” IEEE Syst J, Vol. 16, No. 4, pp. 5357–5368, 2022, DOI: 10.1109/JSYST.2022.3171232.

P. Tam, S. Math, and S. Kim, “Priority-Aware Resource Management for Adaptive Service Function Chaining in Real-Time Intelligent IoT Services,” Electronics (Switzerland), Vol. 11, No. 19, Oct. 2022, DOI: 10.3390/electronics11192976.

M. M. Erbati, M. M. Tajiki, and G. Schiele, “Service Function Chaining to Support Ultra-Low Latency Communication in NFV †,” Electronics (Switzerland), Vol. 12, No. 18, Sep. 2023, DOI: 10.3390/electronics12183843.

Y. Wu and J. Zhou, “Dynamic Service Function Chaining Orchestration in a Multi-Domain: A Heuristic Approach based on SRv6,” Sensors, Vol. 21, No. 19, Oct. 2021, DOI: 10.3390/s21196563.

H. Khalilnasl, P. Ferrari, A. Flammini, and E. Sisinni, “On the Use of Containers for LoRaWAN Node Virtualization: Practice and Performance Evaluation,” Electronics (Switzerland), Vol. 14, No. 8, Apr. 2025, DOI: 10.3390/electronics14081568.

C. Tipantuña, A. Yazán, and J. Carvajal-Rodriguez, “Containers-based Network Services Deployment: A Practical Approach,” Enfoque UTE, Vol. 15, No. 1, pp. 36–44, Jan. 2024, DOI: 10.29019/enfoqueute.1005.

H. Sturley, A. Fournier, A. Salcedo-Navarro, M. Garcia-Pineda, and J. Segura-Garcia, “Virtualization vs. Containerization, a Comparative Approach for Application Deployment in the Computing Continuum Focused on the Edge,” Future Internet, Vol. 16, No. 11, Nov. 2024, DOI: 10.3390/fi16110427.

S. Zahoor, I. Ahmad, A. U. Rehman, E. T. Eldin, N. A. Ghamry, and M. Shafiq, “Performance Evaluation of Virtualization Methodologies to Facilitate NFV Deployment,” Computers, Materials and Continua, Vol. 75, No. 1, pp. 311–329, 2023, DOI: 10.32604/cmc.2023.035960.

Y. Liu, D. Lan, Z. Pang, M. Karlsson, and S. Gong, “Performance Evaluation of Containerization in Edge-Cloud Computing Stacks for Industrial Applications: A Client Perspective,” IEEE Open Journal of the Industrial Electronics Society, Vol. 2, pp. 153–168, 2021, DOI: 10.1109/OJIES.2021.3055901.

I. Čilić, P. Krivić, I. Podnar Žarko, and M. Kušek, “Performance Evaluation of Container Orchestration Tools in Edge Computing Environments,” Sensors, Vol. 23, No. 8, Apr. 2023, DOI: 10.3390/s23084008.

A. Cañete, M. Amor, and L. Fuentes, “HADES: An NFV Solution for Energy-Efficient Placement and Resource Allocation in Heterogeneous Infrastructures,” Journal of Network and Computer Applications, Vol. 221, Jan. 2024, DOI: 10.1016/j.jnca.2023.103764.

L. H. Phuc, L. A. Phan, and T. Kim, “Traffic-Aware Horizontal Pod Autoscaler in Kubernetes-based Edge Computing Infrastructure,” IEEE Access, Vol. 10, pp. 18966–18977, 2022, DOI: 10.1109/ACCESS.2022.3150867.

Q. Su et al., “Low-Overhead Intra-Host Container Communication with Hardware Offloading,” IEEE Transactions on Networking, Vol. 33, No. 3, pp. 1070–1085, 2025, DOI: 10.1109/TON.2024.3520210.