Accelerated networking is a feature provided by Microsoft Azure which enables the user to improve the performance of the network. This is achieved by enabling Single-root input/output virtualization (SR-IOV) to a virtual machine.
In a virtual environment, SR-IOV specifies the isolation of PCIe resources to improve manageability and performance. The SR-IOV interface helps to virtualize, access, and share the PCIe resources, such as, the connection ports for graphic cards, hard drives, and so on. This successfully reduces the latency, network jitters and CPU utilization.
As shown in figure below, the virtual switch is an integral part of a network for connecting the hardware and the virtual machine. The virtual switch helps in enforcing the policies on the virtual machine. These policies include access control lists, isolation, network security controls, and so on, and are implemented on the virtual switch. The network traffic routes through the virtual switch and the policies are implemented on the virtual machine. This results in higher latency, network jitters, and higher CPU utilization.
However, in an accelerated network, the policies are applied on the hardware. The network traffic only routes through the network cards directly forwarding it to the virtual machine. The policies are applied on the hardware instead of the virtual switch. This helps the network traffic to bypass the virtual switch and the host while maintaining the policies applied at the host. Reducing the layers of communication between the hardware and the virtual machine helps to improve the network performance.
Following are the benefits of accelerated networking:
The following prerequisites are essential to enable or disable the Azure Accelerated Networking feature.
A machine with the Azure CLI should be configured. This must be a separate Windows or Linux machine.
For more information about installing the Azure CLI, refer to the following link.
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest
The Protegrity appliance must be in the stop (deallocated) state.
The virtual machine must use the supported instance size.
For more information about the supported series of virtual machines for the accelerated networking feature, refer to the Supported Instance Sizes for Accelerated Networking.
There are several series of instance sizes used on the virtual machines that support the accelerated networking feature.
These include the following:
The most generic and compute-optimized instance sizes for the accelerated networking feature is with 2 or more vCPUs. However, on the systems with supported hyperthreading features, the accelerated networking feature must have instance sizes with 4 or more vCPUs.
For more information about the supported instance sizes, refer to the following link.
If you want to enable accelerated networking while creating the instance, then it is achieved only from the Azure CLI. The Azure portal does not provide the option to create an instance with accelerated networking enabled.
For more information about creating a virtual machine with accelerated networking, refer to the following link.
To create a virtual machine with the accelerated networking feature enabled:
From the machine on which the Azure CLI is installed, login to Azure using the following command.
az login
Create a virtual machine using the following command.
az vm create --image <name of the Image> --resource-group <name of the resource group> --name <name of the new instance> --size <configuration of the instance> --admin-username <administrator username> --ssh-key-values <SSH key path> --public-ip-address "" --nsg <Azure virtual network> --accelerated-networking true
For example, the table below lists values to create a virtual machine with the following parameters.
Parameter | Value |
---|---|
Name of the image | ProtegrityESAAzure |
name-of-resource-group | MyResourcegroup |
size | Standard_DS3_v2 |
admin-username | admin |
nsg | TierpointAccessDev |
ssh-key-value | ./testkey.pub |
The virtual machine is created with the accelerated networking feature enabled.
Perform the following steps to enable the Azure Accelerated Networking feature on the Protegrity appliance.
To enable accelerated networking:
From the machine on which the Azure CLI is installed, login to Azure using the following command.
az login
Stop the Protegrity appliance using the following command.
az vm deallocate --resource-group <ResourceGroupName> --name <InstanceName>
Parameter | Description |
---|---|
ResourceGroupName | Name of the resource group where the instance is located. |
InstanceName | Name of the instance that you want to stop. |
Enable accelerated networking on your virtual machine’s network card using the following command.
az network nic update --name <nic-name> --resource-group <ResourceGroupName> --accelerated-networking true
Parameter | Description |
---|---|
nic-name | Name of the network interface card attached to the instance where you want to enable accelerated networking. |
ResourceGroupName | Name of the resource group where the instance is located. |
Start the Protegrity appliance.
Perform the following steps to disable the Azure Accelerated Networking features on the Protegrity appliance.
To disable accelerated networking:
From the machine on which the Azure CLI is installed, login to Azure using the following command.
az login
Stop the Protegrity appliance using the following command.
az vm deallocate --resource-group <ResourceGroupName> --name <InstanceName>
Parameter | Description |
---|---|
ResourceGroupName | Name of the resource group where the instance is located. |
InstanceName | Name of the instance that you want to stop. |
Disable accelerated networking on your virtual machine’s network card using the following command.
az network nic update --name <nic-name> --resource-group <ResourceGroupName> --accelerated-networking false
Parameter | Description |
---|---|
nic-name | Name of the network interface card attached to the instance where you want to enable accelerated networking. |
ResourceGroupName | Name of the resource group where the instance is located. |
Start the Protegrity appliance.
This section lists the Troubleshooting and FAQs for the Azure Accelerated Networking feature.
It is recommended to have at least two or more virtual machines in the Azure virtual network.
Yes. You can stop or deallocate your machine from the Web UI. Navigate to the Azure instance details page and click Stop from the top ribbon.
It is recommended to disable the accelerated networking feature before uninstalling the Cloud Utility Azure.
Perform the following steps:
Login to the CLI manager.
Navigate to Administration > OS Console.
Enter the root credentials.
Verify that the Azure Accelerated Networking feature is enabled by using the following commands.
# lspci | grep “Virtual Function”
Confirm the Mellanox VF device is exposed to the VM with the lspci command.
The following is a sample output:
001:00:02.0 Ethernet controller: Mellanox Technologies MT27500/MT27520 Family [ConnectX-3/ConnectX-3 Pro Virtual Function]
# ethtool -S ethMNG | grep vf
Check for activity on the virtual function (VF) with the ethtool -S eth0 | grep vf_ command. If you receive an output similar to the following sample output, accelerated networking is enabled and working. The value of the packets and bytes should not be zero`
vf_rx_packets: 992956
vf_rx_bytes: 2749784180
vf_tx_packets: 2656684
vf_tx_bytes: 1099443970
vf_tx_dropped: 0
Perform the following steps:
Yes, you can use the Cloud Shell for enabling or disabling the accelerated networking. For more information about the pricing of the cloud shell, refer to the following link.
https://azure.microsoft.com/en-in/pricing/details/cloud-shell
Perform the following steps to enable the accelerated networking feature using the Cloud Shell:
From the Microsoft Azure portal, launch the Cloud Shell.
Stop the Protegrity appliance using the following command.
az vm deallocate --resource-group <ResourceGroupName> --name <InstanceName>
Enable accelerated networking on your virtual machine’s network card using the following command.
az network nic update --name <nic-name> --resource-group <ResourceGroupName> --accelerated-networking true
Start the Protegrity appliance.
Perform the following steps to disable the accelerated networking feature using the Cloud Shell:
From the Microsoft Azure portal, launch the Cloud Shell.
Stop the Protegrity appliance using the following command.
az vm deallocate --resource-group <ResourceGroupName> --name <InstanceName>
Enable accelerated networking on your virtual machine’s network card using the following command.
az network nic update --name <nic-name> --resource-group <ResourceGroupName> --accelerated-networking false
Start the Protegrity appliance.
The accelerated networking feature is supported in all public Azure regions and Azure government clouds. For more information about the supported regions, refer to the following link:
https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-cli#regions
Yes. It is necessary to stop (deallocate) the machine to enable or disable the accelerated networking feature.This is because if the machine is not in the stop (deallocate) state, then it may cause the value of the vf packets to freeze. This results in an unexpected behaviour of the machine.
No. There is no additional cost required for using the accelerated networking feature. For more information about the costing, contact Protegrity Support.
Last modified January 30, 2025