Automatically configure multiple new packet forwarders from a DNCA

Each DNCA can support up to one Gbps. If you have multiple packet forwarders, you can set the configuration on the DNCA so that any packet forwarder that connects to the DNCA through initconn uses the defined configuration. Before you set up the configuration on the DNCA, you must pick a DNCA machine from which the auto-configuration service runs. This DNCA is the master machine for the auto-configuration process. To create a configuration to automatically configure new packet forwarders you modify files on the DNCA and the packet forwarders.

What automatic packet forwarder configuration does

The automatic packet forwarder configuration lets you use a single configuration set up to configure new packet forwarders in your deployment. You set up the configuration on one packet forwarder and run configuration service on the DNCA. Once the configuration is set and the service started, all addition packet forwarders created from the original packet forwarder machine use the configuration. You do not have to configure each packet forwarder individually.

What you do on the DNCA

You need to set up the auto-configuration service on the DNCA. This process includes:
  • Creating public and private rsa key pairs.
  • Modifying the <installdir>/etc/pfconf-conf.xml file on the DNCA. You modify the file to:
    • add the IP addresses for the DNCAss that the automatically added packet forwarders will use
    • specify the number of Max Peers each DNCA can interact with
  • Running the pfconf -s command to configure all of the other new packet forwarders.
  • If you have a custom default fwdr-conf-default.xml file that you want to use so that each packet forwarder uses a different configuration:
    1. copy the custom file that you have to the <installdir>/etc directory on the DNCA.
    2. add the file name in the <ConfigFile> tag in the pfconf-conf.xml

Optionally, you can manually modify the packet forwarder configuration locally on the master DNCA. If you want to set the configuration for just one of the packet forwarders, you edit the fwdr-conf.xml file for the packet forwarder. Each packet forwarder has a configuration file in <installdir>/etc/pf-confs/<ipaddress>/fwdr-conf.xml. Any changes you make to this file are picked up by the pfconf script when it runs. The script sends the edited configuration to the packet forwarder and restarts the service to use the new configuration. This is done after you set up auto-configuration.

What you do on the packet forwarder

You need to set up the auto-configuration on one packet forwarder in your deployment. The packet forwarder workflow includes:
  • Adding a public rsa key on the packet forwarder.
  • Modifying the <installdir>/sbin/initconn service on one packet forwarder. You modify the service and add the IP address for the master DNCA.

DNCA side commands and processes

On the primary DNCA machine, use this command for the configuration process:
  • pfconfig - located in <DNCAinstalldir>/sbin this command assigns a DNCA to the Packet Forwarder, sends the configuration file to the Packet Forwarder, then restarts the Packet Forwarder. By default this command sets the listening port to 1880. You can change this port if you need to for your solution.

On the DNCA, this process listens for initconn:

  • pfserv - by default, the process listens to port 1880 for information from the Packet Forwarder machine and creates the directory structure with the Packet Forwarder config file in <DNCAinstalldir>/etc/pf-confs/<ipaddress> on the DNCA. If you specified a different port to listen on with the pfconfig command, the pfserv process listens on that port.