Press Release Summary:
- TNSR 20.08 adds NAT traversal, a standards-based (RFC 3715, RFC 3947) approach for IPsec encapsulation in user datagram protocol
- Delivers packet processing performance in software, enabling businesses to fulfill edge networking needs far less expensively than with legacy brand solutions
- Available for deployment on SG-5100, XG-1537 and XG-1541 appliances
Original Press Release:
Netgate® Releases TNSR® High Performance Router Version 20.08
High-performance software router gets speed, scale and robustness boost with new router plugin
Austin, Texas (PRWeb) September 01, 2020 -- Netgate, the leading provider of open-source secure networking solutions, today announced its latest version of TNSR software, Release 20.08. TNSR is a high-performance software router based on FD.io’s Vector Packet Processing (VPP), of which Netgate is a leading contributor. TNSR delivers extraordinary packet processing performance in software, enabling businesses to fulfill edge networking needs far less expensively than with legacy brand solutions.
Release 20.08 adds routing performance, ease of router configuration and operation, and overall system robustness - driven by the following:
- Linux-cp Plugin – The original TNSR router plugin has been replaced with the linux-cp plugin. Routers can be thought of as a data plane and a control plane. The data plane transforms and forwards traffic, while the control plane determines how packets should be forwarded. BGP, OSPF, LDP, and spanning tree are all examples of control plane functions. TNSR uses VPP for its data plane and Free Range Routing (FRR) for its control plane. A plugin is required for the two to communicate. With the linux-cp plugin, flows to and from the host stack now run 30 to 40 times faster - and convergence times for protocols like BGP are substantially reduced. The new plugin also improves system stability, simplifies feature insertion, and generally provides for better control and data plane separation. Consistent with Netgate’s long standing contribution to open source projects, all linux-cp changes have been upstreamed to the FD.io VPP project.
- Network Namespaces – Host stack services have been moved to a non-default network namespace - providing cleaner isolation between the host OS and VPP data plane - which prevents the host OS from intentionally or unintentionally using TNSR network connectivity and vice versa.
- Virtual Routing and Forwarding – The addition of Virtual Routing and Forwarding (VRF) expands routing configuration flexibility with multiple instances of routing tables and forwarding tables with overlapping address spaces, destination-based policy routing on a per-interface basis, dynamic routing daemons to manage routes on a per interface(s) basis, and more.
- IPsec NAT-T – TNSR 20.08 adds NAT Traversal (NAT-T), a standards-based (RFC 3715, RFC 3947) approach for IPsec encapsulation in User Datagram Protocol (UDP). Now data protected by IPsec can pass through NAT, enabling IPsec VPN connections that traverse connections where NAT is present.
- System-level Updates – TNSR 20.08 also leverages embedded open-source software updates including CentOS 8.2, VPP 20.01, FRR 7.3.1, strongSwan 5.8.4, Clixon 4.5.0, and Kea 1.7.7.
“Release 20.08 represents yet another significant step forward for TNSR,” said Jim Thompson, CTO. “While a lot of what this release brings is ‘under the hood’, the architectural improvement in control and data plane communication substantially boosts router performance and robustness. There are times when product innerworkings need to take priority over the next batch of customer-requested features. This is one of those times for TNSR, and the internal plumbing changes make it a far more rugged software router for our customers.”
TNSR is available for deployment on Netgate’s SG-5100, XG-1537, XG-1541 appliances; as a bare metal image for non-Netgate appliances and virtual machines; as software instances on AWS and Microsoft Azure Marketplaces; and from AWS Solution Providers and Microsoft Azure partners.
Netgate is dedicated to developing and providing secure networking solutions to businesses, government and educational institutions around the world. Netgate is the only provider of pfSense® products, which include pfSense software - the world’s leading open-source firewall, router, and VPN solution. TNSR extends the company’s open-source leadership and expertise into high-performance secure networking – capable of delivering compelling value at a fraction of the cost of proprietary solutions.