TNSR, Releases

Netgate® Releases TNSR® High Performance Router Version 21.07

Release advances configuration, operational management, and system resilience capabilities in response to new customer and commercial deployment expansion

Netgate's latest version of TNSR® software, Release 21.07, is now available. TNSR is a vRouter solution that integrates Linux Networking Foundation Vector Packet Processing (VPP), Free Range Routing (FRR), Clixon, and other open-source projects into a production-ready, secure networking solution capable of addressing the high-performance edge routing, cloud connectivity, and robust IPsec site-to-site VPN needs of businesses and service providers. TNSR saves organizations from expending the needed internal expertise, time, and cost required to convert open-source software into commercial solutions.

Since the prior release of TNSR in March, the product's user base has grown 43% to over 2,500 entities. Customer growth and production-environment deployment expansion continues to drive development focus on improved configuration flexibility, operational management, and system resilience.

Key improvements to TNSR software added or improved in TNSR Software Release 21.07 include:

  • CLI: Fixes for command generation for several modules, including: ACLs, FRR, NAT, BGP, VRRP, DNS, GRE, VXLAN, and IPv6

  • DHCP Server: Improvements to ongoing lease management and issuance

  • Dataplane: Added support for Intel 2.5G (igc) Ethernet interfaces, Improved Netlink socket processing stability and reliability. e.g., Netlink message processing will now continue if an overflow occurs

  • Configuration history management via git: Added the ability for users to optionally maintain configuration database change history in a local git repo.  This history can be used in either a manual or automated manner, depending on user preference. Stored versions can be manually loaded to roll back to earlier configurations as needed.

  • Interfaces: Added TCP MSS Clamping. When a host initiates a TCP session with a server, it negotiates the IP segment size by using the MSS option field in a TCP SYN packet.  The default MSS field is determined by the MTU for the endpoints.  TCP MSS clamping can be used to set a maximum value for TCP MSS on a per-interface basis. As well, the release adds the ability to configure the maximum number of fragments to be reassembled per packet for IP reassembly

  • NAT: Added support for forwarding inbound packets which do not match a translation in endpoint-independent mode. Additionally, the NAT forwarding option now uses the correct source address when multiple worker threads are used in endpoint-dependent mode.

  • Routing: The default output of ‘show route’ commands now omits broadcast and other special automatic route table entries

  • SNMP / IPFIX / Prometheus: SNMP subagent startup time is now significantly faster

  • Software module updates: VPP (updated from upstream), FRR 7.5.1 and strongSwan 5.9.2

During this development period, Netgate also began the effort to move the underlying OS base from CentOS to Ubuntu, in response to the recently announced shift from CentOS Linux to CentOS Stream. The company expects to have TNSR on Ubuntu commercially ready for users in November.

“Healthy growth in new users and commercial deployments demands continues to keep a sizable portion of our product development effort on configuration, management, and resilience improvements”, said Jim Thompson, CTO. "To the same end, progress towards our shift from CentOS to Ubuntu represents what we believe is the best path forward for our customers."

TNSR is available for deployment on Netgate’s 5100, 1537, and 1541 appliances; as a bare metal image for non-Netgate appliances and virtual machines; as software instances on AWS and Microsoft Azure Marketplaces; and from AWS Solution Providers and Microsoft Azure partners.

Netgate also makes available a fully-featured, no charge, Home + Lab instance for non-commercial home and lab use.

For more information on Release 21.07 see our blog. To learn more about TNSR as a vRouter in general, visit For additional questions, contact Netgate at +1 (512) 646-4100, or


About Netgate

Netgate is dedicated to developing and providing secure networking solutions to businesses, government and educational institutions around the world. Netgate is the only provider of pfSense® products, which include pfSense software - the world’s leading open-source firewall, router, and VPN solution. TNSR extends the company’s open-source leadership and expertise into high-performance secure networking – capable of delivering compelling value at a fraction of the cost of proprietary solutions.

Netgate is a registered trademark of Rubicon Communications, LLC in the United States. TNSR is a registered trademark of Rubicon Communications, LLC in the United States and other countries. pfSense is a registered trademark of Electric Sheep Fencing, LLC in the United States and other countries.

All other brands or product names are the property of their respective holders.