Out-of-line network schema for SKAT [Документация VAS Experts]
Документация VAS Experts Документация VAS Experts-mobile
in

Settings

  • Show pagesource
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • Backlinks
  • Show pagesource
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • Backlinks
    • Out-of-line network schema for SKAT

    This is an old revision of the document!

    Let SKAT be connected as follows: 

    dna1,dna2,dna3 - receive the mirrored traffic
dna0 - is connected to the router that receives and redirects subscribers' queries and to Internet

    One has to configure DPI for mirrored traffic processing as follows:

    First, assign the input ports that receive the mirrored traffic to in_dev: 

    in_dev=dna1:dna2:dna3

    Second, assign the ports that get the redirection request to out_dev: 

    out_dev=dna0:dna0:dna0

    Enable asymmetric mode: 

    asym_mode=1

    Set direction of replies out_dev: 

    emit_direction=2

    Disable traffic bypass: 

    tap_mode=2

    And configure MAC replacement: 

    replace_source_mac=00:25:90:E9:43:59 - MAC address of out_dev card: dna0
replace_destination_mac=78:19:F7:0E:B1:F4 - the switch MAC address that receives packets

    It is advised to use an additional 1GbE network card to send the replies in mirrored traffic mode. For example, intel i350 (with DNA license) can be used. This allows to configure an individual port for sending redirection replies and to reserve 10GbE ports to receive the mirrored traffic.