Insane Mode POC Instructions

This document describes steps for testing functionality and performance with Insane Mode. For more information on Insane Mode, check out this document.

Preparation

  1. Custom upgrade to preview release. Settings -> Maintenance -> Upgrade -> UPGRADE TO CUSTOM RELEASE, enter preview for the “Release Version” field.
  2. Update IAM policies. It’s likely the Aviatrix required IAM policies are out of date. Follow the instructions here to update IAM policies for Controller account and all gateways accounts.

Tip

Use Aviatrix Useful Tools to create a new VPC. For Transit VPC, select Aviatrix Transit VPC option.

1. Test Spoke to Spoke Performance

This phase test performance between two instances in two different Spoke VPCs. The two Spoke VPCs are connected by two Aviatrix gateway launched in Insane Mode.

  1. Launch a Spoke gateway. Go to Transit Network -> Setup, scroll down to Step 4 to launch a Spoke gateway. Select “Insane Mode Encryption”. Select a C5 instance size. (See this table for performance guidance.) The “Public Subnet” field should be auto populated as the Aviatrix Controller looks for a unused /28 CIDR segment in the VPC to create a subnet and launch the Insane mode gateway.
  2. Launch another Spoke gateway. Repeat the above step for the second Spoke gateway.
  3. Build an encrypted tunnel between the two gateways. Go to Peering -> Encrypted Peering -> Add New. Select the two gateways and click OK.
  4. Test performance. Launch two Linux instances (the instance size should be comparable to the gateway size. For example, they should all be C5.2xlarge) in each Spoke VPC. Open security groups of the instances to allow for inbound traffic from the other Spoke VPC. Note you can launch the instances in public subnet in the Spoke VPC, or use Aviatrix User VPN feature to access the instance on the private subnet. When you run iperf test, you should run them with private IP addresses.
For example, the server Linux instance has IP address 10.10.10.109 and the client Linux instance has IP address 10.12.11.100. The client instance should run “iperf3 -c 10.10.10.109 -P 8” where P represents the number of TCP streams and where 10.10.10.109 represents the private IP address of the server Linux instance. .

Tip

You can discover MTU sizes of your network by go to Troubleshoot -> Network -> GATEWAY UTILITY, select a gateway and enter a destination IP address, click Trace Path.

2. Test Transit VPC to on-prem Performance

This phase tests performance between an instance in the Transit VPC and on-prem VM. It requires you deploy Aviatrix CloudN hardware appliance in your on-prem.

3. Test Spoke to on-prem Performance

This phase tests performance between an instanced in the Spoke VPC and on-prem.