TNSR | Netgate Forum

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

TNSR Announcements

Discussions about TNSR

16
Topics

54
Posts

M

We're happy to announce the release of TNSR software version 25.02. This regularly scheduled release includes additional hardware support, updates, and bug fixes.

Here's what's new:
Unicast Reverse Path Forwarding: Introducing Unicast Reverse Path Forwarding (uRPF) to prevent IP spoofing attacks. Both "loose" and "strict" modes available. Enhanced BGP Protection: New BGP Roles implementation (RFC 9234) to prevent route leaks and hijacks. Powerful Threat Detection: Multi-threaded Snort 3 integration for advanced IDS/IPS. NETCONF: The NETCONF service has been made available starting with this release. Regular Updates and Maintenance: Updated VPP and DPDK versions and made over 30 bug fixes and stability enhancements.
Learn More:

Release Notes
Blog
Video
TNSR Feedback

Discussions about TNSR

57
Topics

130
Posts

J

@johnpoz I know I thought maybe he could be my study buddy for a while but never responded so I gave up .
Problems Installing or Upgrading TNSR Software

Discussions about installing or upgrading TNSR software

48
Topics

186
Posts

P

@pfsin excellent, happy it worked.

S

TNSR vs. PFSense+

• • sheebz

2

0
Votes

2
Posts

1.3k
Views

H

@sheebz
tnsr is needed for speeds >= 10GBe
M

NAT Reflection (Pure NAT)

• • matlear

1

0
Votes

1
Posts

795
Views

No one has replied
O

Multicore forwarding

• • oudenos

19

0
Votes

19
Posts

3.4k
Views

L

@oudenos check private message
L

problem on listing fullroute table with received-routes command

• • LukeCage

1

0
Votes

1
Posts

703
Views

No one has replied
W

TNSR Keyboard Layout (Question Mark Key)

• • weehooey

7

0
Votes

7
Posts

1.6k
Views

W

@jimp Ah! Cool. Thank you -- I appreciate your patience.

Sorry for the false alarm.
J

IPv6 RA / DHCPv6

• • johanl

3

1
Votes

3
Posts

1.9k
Views

V

Hello,,

any news? :)

Cheers.

Fabio.
J

tnsr/linux vs pfsense/freeBSD

• • jc1976

1

0
Votes

1
Posts

945
Views

No one has replied
F

Bridge not talking to Bridgeloop Interface

• • fargox

3

0
Votes

3
Posts

1.3k
Views

D

@fargox Sorry for the delay.

In my testing of this I had no trouble using two physical interfaces as bridge members but as soon as I started trying VLAN subifs and Bonds I saw inconsistent behavior. I never saw exactly what you are describing but siminlar things like the ability to ARP in one direction but not the other, etc.

I have opened an internal bug report on the matter.

Thank you for posting.
V

DNS queryes source interface

• • Ventresca

5

0
Votes

5
Posts

1.4k
Views

V

@jimp said in DNS queryes source interface:

The name resolution at the OS level uses systemd-resolve which as far as I can see in its docs (not the TNSR docs, but the docs for the OS) does not support specifying a source address.

Using unbound to control this behavior isn't a workaround, it's the most flexible and potentially only way to configure the behavior you want.

Ok, now is perfectly clear, thank you again for your help! :)
F

TNSR API payload requirements

• • fuzzysteve

5

0
Votes

5
Posts

1.7k
Views

F

@jimp Thanks!
N

Unexpected random crash & reboot

• • NBhatti

5

0
Votes

5
Posts

1.4k
Views

N

@derelict When you said what are you running it on, I thought you were asking for the hardware :)

Anyway, I have turned down the config to just 1 worker. 4 were working fine since last reboot, but since a single core should also service the purpose, I'll put that to 1 worker to see if that works fine.

Thanks for the help.
H

TNSR initial config issues

• • Homelabberdude

7

0
Votes

7
Posts

1.7k
Views

H

@derelict Thanks, I was not aware this would imply a certain direction from the router. I appreciate the help.

I solved the issue which wasn't present on my previous design (pfsense only). It was indeed the mikrotik switch and how it handled vlans in this context a bit differently. I was able to routing going after fiddling with bridge vlans on that device.

Sadly, my throughput did not increase as I expected from placing TNSR in as a router for the network, tried some tuning with the dpdk and it just did not get where I was hoping it to go.

I'll revisit tnsr when I get my GNS3/CML lab up and running.
N

Prometheus exporter service keeps on crashing

• • NBhatti

2

0
Votes

2
Posts

1.4k
Views

N

Turns out the service will not work without adding any filters in there. Once I add /interface as a filter, Prometheus service stands up fine showing metrics/data expected.

Thanks
P

This topic is deleted!

• • Presley

1

0
Votes

1
Posts

3
Views

No one has replied
N

System monitoring with cores 100% utilized

• • NBhatti

2

0
Votes

2
Posts

1.2k
Views

J

TNSR is unlike traditional firewalls and routers (including pfSense). The way TNSR works it is in a tight CPU loop looking for items to process. It's completely normal and expected for it to be using 100% of its configured CPU cores. Monitoring by CPU usage isn't going to be helpful as it has zero bearing on how busy the system is.

You can get better stats from Prometheus and look at some of the rate values there, such as vector rate per worker, input rate, and vector rate.

Pretty sure this is all well covered by previous threads as well, so search around on those terms and you should find more info.
M

Cpu 100% oon first installation

• • marsalans

4

0
Votes

4
Posts

1.5k
Views

G

@marsalans

https://forum.netgate.com/topic/152607/tnsr-cpu-utilization-on-sg-5100
T

This topic is deleted!

• • tt140411

1

0
Votes

1
Posts

4
Views

No one has replied
A

I have installed TNSR proxmox and now I can't access VM, i do realize this is my mistake.

• • AAFD_alex

5

0
Votes

5
Posts

2.0k
Views

A

Hi @Derelict and @johnpoz and thank you,

I created a VM in proxmox and use it to install tnsr. Installed proxmox in the VM didn't read all the tnsr requirements. After all the installation I did not did much just went around support and leave it to work on the weekend and that was when i found that when I started my server couldn't access the proxmox WebGUI.
I can access to proxmox ip via ssh but I think that tnsr "took control", the reason is when i login to the server it comes root as user but not the machine name so i get foot@tnsr not root@alexserver.
So when do qm status i get:

root@TNSR:~# qm status
ipcc_send_rec[1] failed: Connection refused
ipcc_send_rec[2] failed: Connection refused
ipcc_send_rec[3] failed: Connection refused
Unable to load access control list: Connection refused
root@TNSR:~#

or pvecm updatecerts

root@TNSR:~# pvecm updatecerts
ipcc_send_rec[1] failed: Connection refused
ipcc_send_rec[2] failed: Connection refused
ipcc_send_rec[3] failed: Connection refused
Unable to load access control list: Connection refused
root@TNSR:~#

This is a server I have to learn and test ideas and so on, so as a tnsr user i am completely new and with some experience in proxmox.
I don't know what i did and I have a post in proxmox to see how i can have the WebGUI back if it helps in some way.
Is there something I can do to fix it?

Cheers,
Alex
S

This topic is deleted!

• • sumizsh

1

0
Votes

1
Posts

7
Views

No one has replied
U

This topic is deleted!

• • uitrfdjk

1

0
Votes

1
Posts

3
Views

No one has replied

7 / 16

This topic is deleted!

This topic is deleted!

This topic is deleted!

This topic is deleted!