One of the great strengths of VNS3 has always been the ease with which you can look at your network traffic, a necessity for troubleshooting connectivity issues or attesting to correct packet flow. With our release of VNS3 5.0 we have added some big functional improvements that make our network sniffer even better.
Announcing the Release of VNS3 Controller Version 5.0
Earlier this month we released the 5.0 version of our VNS3 virtual controller. This update brings with it a major UI overhaul to improve the usability of VNS3 controllers, key improvements to network performance, IPsec connectivity & scalability, and much more. Below are some of the highlights of this release. You can find the full release notes for this version here. Stay tuned for new product tutorials and feature highlights in the near future.
New UI, Faster UX
VNS3 5.0 includes a swath of UI updates focused on improving usability while limiting major layout changes to retain simplicity. Highlights of the UI overhaul include:
- New color palette and fonts
- Administration menu
- Click-to-copy functionality for high-use ﬁelds and IPs
- Left column menu minimize
- Addition of Controller naming
- More paginated, sortable, searchable tables
- Fast-loading UI with increased performance
We’ll be digging deeper into these UI improvements in the near future, so keep an eye out for that!
System and Platform Updates
With the 5.0 update we’ve moved VNS3 to a hardened OS based on Ubuntu 20.04. All underlying systems and libraries have been upgraded in accordance with this change, bringing greater stability and scalability to the VNS3 platform. While previous VNS3 versions used a hardened Ubuntu 14.04 OS, Extended Security Maintenance has provided ongoing security patches for various system packages. As a result of these changes, VNS3 5.x will no longer display false positives on data-base scanning services like AlertLogic.
Improvements to Network, IPsec, and Multicast Performance & Connectivity
VNS3 also 5.0 brings with it additional kernel memory allocation for improved network performance. Our IPsec subsystem now makes more effective use of available CPU cores in order to increase support for complex networks of many of IPsec connections. With this release we’ve also improved IKEv2 support with added functionality to allow Aliased BGP ASN per-to-peer configuration. This new functionality prevents overlap when connecting to multiple BGP peers and maximizes the flexibility of network connectivity.
VNS3 5.0 is showing a 2-3x speed improvement in multicast deployments with reduced packet loss. These improvements enable deployments that include up to 10 overlay clients, properly configured and using VNS3 MulticastHub, to have bidirectional multicast streams of up to 150mbps with virtually no packet loss. This functionality was tested using a t3.med VNS3 controller and t3.small multicast sender and receivers.
Improved HTTPS Certification Upload and Visibility
This update includes a status improvement to show the existing certificate files being used by the VNS3 web server. The HTTPS certification file chain-of-custody is ensured with SHA-256 checksum/fingerprint. HTTPS certification upload now supports intelligent multi-file uploading of certificates to avoid confusion over which certificates need to be included (root, intermediate chain, end-user). This update is made to accomodate differing file/format preferences of various certificate authorities.
Improved Network Sniffer
VNS3 5.0 also includes usability and scalability improvements to our network sniffer functionality as follows:
- We’ve added an “any” interface for broader capture during troubleshooting.
- Multiple captures can now be run simultaneously so filters can inspect different network segments at the same time.
- Multiple users can now run various packet captures simultaneously. Defined captures are visible to all users for easy sharing.
- Outputs can now be downloaded in pcap format.
- All monitors now self-terminate after 1 hour to prevent overlogging.
- A network sniffer on an Interface home page now uses identical implementation as Network Sniffer page
VNS3 Plugin Manager BETA
As part of this 5.0 release, the VNS3 Plugin Manager has progressed to its BETA phase. The plugin manager now allow users to configure and manage their plugin containers via the UI or API. Simply include a Plugin Manager config file in a VNS3 container to allow complete control via either method. You can now edit specific container configuration files with an automated version history log. We’ve also introduced functionality that allows you to quickly view log files, stop & start services & processes, and export container configurations for easier controller upgrade & migration. We’ll be exploring the plugin manager in greater detail in the near future.