Learn the Basics¶
TNSR utilizes an optimized userspace data plane to forward packets at very high rates. On Azure, TNSR runs on a customized VM instance and is managed by connecting to a command-line interface (CLI) over SSH.
There are many different network designs possible in Azure. This guide assumes a TNSR instance will sit in a Virtual Network connected to a private subnet and a public subnet (one which has access to the Internet).
This guide will show how to bring up a TNSR instance with 3 Virtual Network Interfaces attached:
- Management Interface:
The primary network interface on the instance is used for management of the TNSR instance. This is the interface reached via SSH to connect to the CLI on the TNSR instance. Packets received on this interface will not be forwarded to another interface. The interface is used for system functions such as DNS resolution and downloading software updates.
The management interface is required but it doesn’t need to have IP Forwarding and Accelerated Networking options set.
- TNSR WAN/Internet Interface:
The TNSR WAN interface is used by TNSR to connect to the Internet. A WAN interface will have a Public IP Address assigned and it will be attached to a subnet that has a route to an Internet Gateway in its Route Table.
- TNSR LAN/Private Interface:
The TNSR LAN interface connects TNSR to a private Subnet in the Virtual Network. The instances in the private subnet do not have their own Public IP Addresses and the Route Table for the subnet does not have a route to an Internet Gateway, but instead has a route to the TNSR LAN interface.
Instances on the private subnet will use TNSR as their gateway to the Internet.
Each of the three network interfaces resides on a distinct subnet.
The examples in this guide use the following configuration:
Item |
Value |
---|---|
Virtual Network Address Space |
10.5.0.0/16 |
WAN Subnet |
10.5.0.0/24 |
LAN Subnet |
10.5.1.0/24 |
Management Subnet |
10.5.2.0/24 |
In a real production Virtual Network, the TNSR instance may have more than one WAN interface and/or more than one LAN interface. The concepts covered in this guide can be extended to additional interfaces.
There are some needed flags that cannot be configured using Azure Portal. This guide will cover all necessary steps using azure-cli.