DPI platform runs under CentOS 6.4 or higher. The standard administration approaches of this OS are applicable to DPI software.

This chapter describes the platform's installation and operation features that are important for the system administrator.

The main process is named fastdpi. It uses CPU resources even in an idle state (no data transmission). This mode is essential to minimize network delays and relates to peculiarities of LAN cards operation. The system treats this process as a service. The latest is controlled by common service commands.

For example, to restart the service:

service fastdpi restart

This process is monitored by the system watchdog. It restarts the process in case of abnormal termination. The process has internal self-monitoring means. They support some failure conditions. The process is self terminated in case of critical errors or suspension¹⁾ and then restarted by the watchdog. The latest is configured by the file: /etc/watchdog.d/wd_fastdpi.sh.

DPI supports the bypass functionality that is available in some LAN cards. If the LAN cards support such functionality, the platform temporary falls into direct traffic bypass in case of failure, suspension, power failure or scheduled termination of the service.

DPI is configured by /etc/dpi directory:

fastdpi.conf              configuration file
fastdpi.lic и fastdpi.sig licenses for optional features

There are "hot" and "cold" configuration file parameters. The "hot" parameters take effect immediately with no need to restart the service. The "cold" parameters require the service to be restarted to become effective.

For example: modification of "hot" parameters without restart²⁾:

service fastdpi reload

/etc/pf_ring directory holds licenses for DNA and Libzero. The service runs for 5 minutes only if some of these licenses are missed.

DPI logs are stored in /var/log/dpi:

fastdpi_alert.log messages' and errors' log file
fastdpi_stat.log  statistics' log file

Log files' rotation is handled by the standard tool logrotate. The logs are stored for 24 hours by default. The logrotate is configured by the file: /etc/logrotate.d/fastdpi The available disk space must be checked before modification of logs' storage time by an administrator.

The auxiliary data files can be loaded due to interaction with the cloud service. For example, the URL and IP list files are loaded to support filtration by Roscomnadzor and Minust lists. These files are loaded to /var/lib/dpi directory. The outbound Internet access is required on DPI computer via service network interface to support cloud services. The inbound SSH access can be required for remote support functionality.

The exact time synchronization by ntpd service is implemented on the DPI computer. The ntpd configuration file is: /etc/sysconfig/ntpd