Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| en:dpi:dpi_components:platform:dpi_install:start [2021/07/22 17:32] – ↷ Links adapted because of a move operation lexx26 | en:dpi:dpi_components:platform:dpi_install:start [2023/09/04 09:48] (current) – removed elena.krasnobryzh | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== 2 Stingray Service Gateway implementation ====== | ||
| - | {{indexmenu_n> | ||
| - | If you got the off-the-shelf system from us: please follow this section: [[en: | ||
| - | Otherwise, you should install the CentOS 8 operating system on your server manually and provide us with remote access via SSH and root privileges for installation and initial configuration of the platform. | ||
| - | Once the installation is completed the remote access can be closed. | ||
| - | |||
| - | ===== 2.1 Preparing the server and installing CentOS 8 ===== | ||
| - | - Before mounting the server in a rack make sure that it meets the [[en: | ||
| - | - Install CentOS 8.3 using the following link: [[http:// | ||
| - | <note tip> | ||
| - | Please take a look at [[en: | ||
| - | </ | ||
| - | |||
| - | <note warning> | ||
| - | CentOS version 7 currently is not supported! | ||
| - | </ | ||
| - | |||
| - | ===== 2.2 Preconfiguring of CentOS 8 ===== | ||
| - | |||
| - | - Create the **vasexpertsmnt** user: < | ||
| - | - Set the password for **vasexpertsmnt**: | ||
| - | - Please save **vasexpertsmnt** password. | ||
| - | - Set the permission the wheel group users to issue all the commands on behalf of all users. To do this, add the following line to / | ||
| - | - To provide remote access via SSH and to restrict on valid IP addresses from the list:< | ||
| - | 45.151.108.0/ | ||
| - | AllowUsers vasexpertsmnt@94.140.198.64 vasexpertsmnt@78.140.234.98 vasexpertsmnt@5.200.43.10 vasexpertsmnt@193.218.143.187 vasexpertsmnt@93.100.47.212 vasexpertsmnt@93.100.73.160 vasexpertsmnt@77.247.170.134 | ||
| - | PasswordAuthentication yes | ||
| - | </ | ||
| - | - Set the [[en: | ||
| - | - After you make sure the remote access via SSH is provided, send the password and username to the [[en: | ||
| - | **! Save your settings since the server will be restarted during the installation process! ** | ||
| - | |||
| - | < | ||
| - | Initial installation of the DPI platform has to be made by service engineers of the [[en: | ||
| - | </ | ||
| - | <note warning> | ||
| - | Do not upgrade the OS kernel before [[en: | ||
| - | </ | ||
| - | |||
| - | ===== 2.3 Configuring the VAS Experts DPI ===== | ||
| - | Once the license and the fastdpi are installed, at least 3 network interfaces will be available in the system:\\ 1) **dna0** is used as an **input** port for traffic transit via DPI;\\ | ||
| - | 2) **dna1** is used as an **output** port for traffic transit via DPI (it is absent when using mirroring connection scheme);\\ | ||
| - | 3) **eth0** is used as **management** port for the VAS Experts DPI.\\ | ||
| - | It is recommended to check the [[en: | ||
| - | Next, you should edit the **/ | ||
| - | |||
| - | ==== 2.3.1 Configuring of transit ==== | ||
| - | |||
| - | === When installing the Stingray Service Gateway using INLINE installation scheme: === | ||
| - | |||
| - | <code ini> | ||
| - | in_dev=dna0 | ||
| - | out_dev=dna1 | ||
| - | #Scale factor is about 1 for every 1 Gigabit of bandwidth | ||
| - | scale_factor=10 | ||
| - | timeout_check_dev=0 | ||
| - | |||
| - | #FDPI Control | ||
| - | ctrl_port=29000 | ||
| - | ctrl_dev=lo | ||
| - | |||
| - | #Turn on UDP detection | ||
| - | only_tcp=0 | ||
| - | |||
| - | #Turn on UDR | ||
| - | udr=1 | ||
| - | </ | ||
| - | |||
| - | === When installing the Stingray Service Gateway using MIRRORING installation scheme: === | ||
| - | |||
| - | <code ini> | ||
| - | in_dev=dna1: | ||
| - | asym_mode=1 | ||
| - | #Scale factor is about 1 for every 1 Gigabit of bandwidth | ||
| - | scale_factor=10 | ||
| - | timeout_check_dev=0 | ||
| - | |||
| - | #FDPI Control | ||
| - | ctrl_port=29000 | ||
| - | ctrl_dev=lo | ||
| - | |||
| - | #Turn on UDP detection | ||
| - | only_tcp=0 | ||
| - | |||
| - | #Turn on UDR | ||
| - | udr=1 | ||
| - | </ | ||
| - | ==== 2.3.2 Statistics gathering ==== | ||
| - | |||
| - | <code ini> | ||
| - | http_parse_reply=1 | ||
| - | |||
| - | # Enabling the collection and export of statistics | ||
| - | netflow=8 | ||
| - | # Managing the export format for a complete netflow | ||
| - | netflow_full_collector_type=2 | ||
| - | # Name of the network interface that sends netflow with statistics | ||
| - | netflow_dev=eth3 | ||
| - | # Periodicity of data export in seconds | ||
| - | netflow_timeout=20 | ||
| - | # IP address and port number of the netflow collector with full statistics | ||
| - | netflow_full_collector=172.18.254.124: | ||
| - | # The maximum netflow in Mbit/ | ||
| - | netflow_rate_limit=30 | ||
| - | # The time in seconds after which the non-active session is considered complete | ||
| - | netflow_passive_timeout=40 | ||
| - | # The length of the fragment for a long session in seconds | ||
| - | netflow_active_timeout=120 | ||
| - | |||
| - | #URL upload | ||
| - | # The name of the network interface for sending clickstream via ipfix | ||
| - | ipfix_dev=eth3 | ||
| - | # IP or the domain name (: port) of the clickstream header ipfix. You can specify several collectors separated by a comma. | ||
| - | ipfix_tcp_collectors=172.18.254.124: | ||
| - | # Unique domain (id) for the recognition by the collector | ||
| - | ipfix_observation=127 | ||
| - | |||
| - | #SIP | ||
| - | # IP or the domain name (: port) of the meta clickstream header ipfix. You can specify several collectors separated by a comma. | ||
| - | ipfix_meta_tcp_collectors=172.18.254.124: | ||
| - | rlimit_fsize=32000000000</ | ||
| - | |||
| - | <note tip> | ||