Versions Compared

Old Version 9

changes.mady.by.user Bruno Miretti

Saved on

compared with

New Version 10

changes.mady.by.user Bruno Miretti

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: headings level update for PDF export

Anchor
TOC
TOC
Include Page
KBCOMMON:KB-CSSstyle
KBCOMMON:KB-CSSstyle

Table of Contents

Table of Contents
excludeTable of Contents

General description

It is strongly recommended to use only physical network adapters for CHARON-VAX networking to gain maximum performances. In situations where the host has only one network adapter, you can use Linux virtual network Interfaces ("TUN/TAP") and map individual CHARON-VAX instances to their own virtual interfaces.

...

...

...

Using "ncu" utility to establish CHARON virtual network

Login a root and start the "ncu" utility:

...

Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc

Manual configuration of CHARON virtual network

...

Host preparation

  1. Login as "root" user.

  2. Configure the physical network interface to run in promiscuous mode using the following command. This interface will be dedicated to the whole network bridge (created later).

    # ifconfig eth<N> 0.0.0.0 promisc up

    The promiscuous mode allows the physical (or virtual) network interface to accept the entire volume of incoming packets. This mode is essential for consistency of the information transfer.

  3. In case the firewall is enabled on the host system, the following command should be executed to allow the bridge to forward IP packets:

    Red Hat Enterprise Linux 6.x:


    # /sbin/iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT

    This command can also be performed from the bridge configuration script. It has to be executed each time the iptables service is (re)started.

    It is also possible to make this setting system-wide. Either:

    1. Issue the given command from the firewall control panel.

    2. Add the following line to the end of the "/etc/sysconfig/iptables" file:


      -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT


    Red Hat Enterprise Linux 7.x and CentOS 7.x:


    # firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 1 -m physdev --physdev-is-bridged -j ACCEPT

    # firewall-cmd --permanent --direct --add-rule ipv6 filter INPUT 1 -m physdev --physdev-is-bridged -j ACCEPT

    # firewall-cmd --reload


Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc

Virtual interface creation

The creation of the desired number of virtual network interfaces (TAPs) can be performed in the following way:

...

Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc

Div
classpagebreak


Bridge creation

To interconnect the physical and virtual network interfaces created in the previous step, the network bridge must be introduced in the following way:

...


Example:

# /usr/sbin/brctl addif br0 eth1

# /usr/sbin/brctl addif br0 tap0


The proposed configuration assumes one and only one network bridge so loops are not possible. It is required to turn off the spanning tree protocol with the following command:

# /usr/sbin/brctl stp br0 off

Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc

Starting bridge

To start the created bridge “br0”, use the following command:

# /sbin/ifconfig br0 up

Include PageKBCOMMON:DOC-GoToTocKBCOMMON:DOC-GoToToc

Usage of the virtual interface in CHARON-VAX configuration

Once the “tap<N>” interfaces have been created, the load command maps those interfaces to CHARON-VAX:

...
load tap_port/chnetwrk XQA0 interface="tap<N>"
... 

Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc