-
Notifications
You must be signed in to change notification settings - Fork 229
Functional Block: GGU
The GT-GK Unit (sometimes "GK-GT Unit" or "GGU") is responsible for processing all policy decisions Grantor servers send to a Gatekeeper server. Each packet coming from a Grantor server carries a set of one or more decisions. All the GGU does is to perform some sanity checks on these packets and issues each decision to the corresponding GK mailbox.
Because the GGU block only receives packets sent by Grantor, it only listens on the back interface.
The GGU block is allocated one lcore in Gatekeeper.
All static configuration variables can be configured in lua/ggu.lua.
These variables are likely to change from deployment-to-deployment based on the operator's preferences.
log_level
The log level for the GGU block. Can be set to any one of the following values: RTE_LOG_EMERG, RTE_LOG_ALERT, RTE_LOG_CRIT, RTE_LOG_ERR, RTE_LOG_WARNING, RTE_LOG_NOTICE, RTE_LOG_INFO, RTE_LOG_DEBUG.
Since we typically use RTE_LOG_ERROR as the most severe log condition, we recommend not to set this value below RTE_LOG_ERROR.
It is not crucial to change these variables, and they only need to be changed to fine tune the performance of Gatekeeper. Otherwise, the default values are likely fine.
mailbox_max_entries_exp
The log (base 2) of the maximum size of the GGU mailbox. For example, if the variable is set to 7, then room for 2^7 = 128 entries will be made in the mailbox.
Also used to determine how many entries will actually be available for use in the mailbox, which for efficiency reasons is one less than the maximum size of the mailbox (127 in the example above).
mailbox_mem_cache_size
Number of mailbox entries to keep in the cache for more efficient use of the mailbox. Set to 0 to disable the cache of the memory pool for the mailbox.
mailbox_burst_size
Maximum number of entries to receive in a burst every time the mailbox is checked.
log_ratelimit_interval_ms
The interval at which logs are rate limited (in milliseconds). For a given interval, only log_ratelimit_burst log entries are permitted. The count of entries is reset for each new interval.
log_ratelimit_burst
The number of entries per interval allowed to be logged. When the number of log entries exceeds this limit in a given interval, the entries will be dropped.
max_pkt_burst
Maximum number of packets received in each burst when the GGU block receives packets on the back interface.
The GGU block only receives bursts of packets directly from the back interface when ntuple filters are available in hardware. Otherwise, packets relevant to the GGU block are received through the GGU mailbox and this variable is not used.
These variables likely only need to be changed under extreme circumstances or for deployment-specific reasons.
ggu_src_port & ggu_dst_port
These variables represent the UDP port numbers used in packets sent from Grantor to the GT-GK Unit. They essentially identify packets as being a part of the GGU protocol. They are typically set to 0xA0A0 and 0xB0B0 respectively, and must match the corresponding port numbers configured for the GT block.