Fast path capabilities

Fast path capabilities can be tuned according to your requirements in terms of scalability. This is done through fast path runtime parameters that enable to configure, for example, the maximum number of VRs or the maximum number of Netfilter rules managed by the fast path.

Runtime parameters are set in the fast-path.env configuration file through the FP_OPTIONS variable. Changing them requires to stop and start the fast path.

To set a global runtime parameter use: –<option_name>=<value>. For example to allow the fast path to manage up to 512 VRs:

$ fast-path.sh stop
$ vi /etc/fast-path.env
  [...]
  FP_OPTIONS="--max-vr=512"
  [...]
$ fast-path.sh start

To set a specific module related parameter use: –mod-opt=<module name>:–<parameter name>=<value>. For example to allow the fast path to manage up to 100K IPsec tunnels (IPV4 or IPV6):

$ fast-path.sh stop
$ vi /etc/fast-path.env
  [...]
  FP_OPTIONS="--mod-opt=ipsec:--max-sp=100000 --mod-opt=ipsec:--max-sa=200000"
  FPNSDK_OPTIONS="--crypto-max-sessions=400000"
  [...]
$ fast-path.sh start

Important

Changing the fast path capabilities through runtime parameters has an impact on the memory footprint.

The default value for configurable fast path capabilities indicated in the documentation will be reduced if the available memory is lower than 6GB. The actual value can be retrieved by the following fp-cli command:

<fp-0> conf runtime
Global runtime values are:
        max-ifnet    :512
        max-vr       :16
[snip]
vlan runtime values are:
        ifaces      :31
        hash-order  :5
macvlan runtime values are:
        ifaces       :31
        hash-order   :5
[snip]