Insane Mode POC Instructions

This document describes the steps for testing functionality and performance with Insane Mode. For more information on Insane Mode, check out this document.

Preparation

  1. Upgrade Aviatrix software to the latest version by following the instructions here.

  2. Update IAM policies. It’s likely the Aviatrix required IAM policies are out of date. Follow the instructions here to update IAM policies for Controller account and all gateways accounts.

Tip

Use Aviatrix Useful Tools to create a new VPC. For Transit VPC, select Aviatrix Transit VPC option.

1. Test Spoke to Spoke Performance

This phase tests performance between two instances in two different Spoke VPCs. The two Spoke VPCs are connected by two Aviatrix gateways launched in Insane Mode.

  1. Launch a Spoke gateway. Go to Transit Network -> Setup, scroll down to Step 4 to launch a Spoke gateway. Select “Insane Mode Encryption”. Select a C5 instance size. (See this table for performance guidance.) The “Public Subnet” field should be auto populated as the Aviatrix Controller looks for an unused /28 CIDR segment in the VPC to create a subnet and launch the Insane Mode gateway.

  2. Launch another Spoke gateway. Repeat the above step for the second Spoke gateway.

  3. Build an encrypted tunnel between the two gateways. Go to Peering -> Encrypted Peering -> Add New. Select the two gateways and click OK.

  4. Test performance. Launch two Linux instances (the instance size should be comparable to the gateway size. For example, they should all be C5.2xlarge) in each Spoke VPC. Open security groups of the instances to allow for inbound traffic from the other Spoke VPC. Note: you can launch the instances in a public subnet in the Spoke VPC, or use Aviatrix User VPN feature to access the instance on the private subnet. When you run an iperf test, you should run them with private IP addresses.

For example, the server Linux instance has IP address 10.10.10.109 and the client Linux instance has IP address 10.12.11.100. The client instance should run “iperf3 -c 10.10.10.109 -P 8” where P represents the number of TCP streams and where 10.10.10.109 represents the private IP address of the server Linux instance.

Tip

You can discover the MTU sizes of your network by going to Troubleshoot -> Network -> GATEWAY UTILITY. Select a gateway, enter a destination IP address, click Trace Path.

2. Test Transit VPC to on-prem Performance

This phase tests performance between an instance in the Transit VPC and on-prem VM. It requires you deploy an Aviatrix CloudN hardware appliance in your on-prem.

3. Test Spoke to on-prem Performance

This phase tests performance between an instance in the Spoke VPC and on-prem.