Main runtime parameters¶
For convenience, this section gathers the most important runtime parameters. The default values are indicated for Virtual Accelerator and may differ for other 6WIND products.
Generic capabilities¶
- --max-ifnet¶
Maximum number of logical interfaces. The Linux logical interfaces are mirrored in the fast path as ifnet. It includes physical ports and all virtual ports like ethgrp, VRRP, GRE, VLAN, vti etc.
It must be at least greater than or equal to the maximum number of physical ports plus the number of VRs.
- Default value
2048
- Memory footprint per ifnet
3 KB
- Range
16 .. 50K
- --max-vr¶
Maximum number of VRs. Linux VRs based on network namespaces are mirrored as VR objects in the fast path.
Be careful if the number of VRs is increased it can be necessary to increase some other capabilities too:
Number of PBR rules. See –mod-opt=pbr:–max-rules for details.
Number of IPv4 Netfilter rules. See –mod-opt=filter:–max-rules for details.
Number of IPv6 Netfilter rules. –mod-opt=filter6:–max-rules for details.
- Default value
16
- Memory footprint per vr
4.6 MB
This memory footprint is mainly dependent of ipset. See –mod-opt=filter:–max-ipsets for details.
- Range
1 .. 2048
- --standalone¶
Start fast path as a standalone process. No Linux synchronization is expected.
Security¶
- export FP_DROP_CAPABILITIES=no¶
By default, the fast path will try to execute with the least privileges possible. That means it will only keep linux capabilities that it actually uses, and will also change from user “root” to user “fastpath” once initialization is finished.
Export this option in your
fast-path.envconfiguration in order to disable this behavior and run fast path as root with full capabilities.
See also
For more details about linux capabilities, see capabilities(7)