3 ==========================================
4 VPP Configuration - CLI and 'startup.conf'
5 ==========================================
7 After a successful installation, VPP installs a startup config file named
8 *startup.conf* in the */etc/vpp/* directory. This file can be tailored to
9 make VPP run as desired, but contains default values for typical installations.
11 Below are more details about this file and some of the the parameters and values
14 Command-line Arguments
15 ----------------------
17 Before we describe details of the startup configuration file (startup.conf) it
18 should be mentioned that VPP can be started without a startup configuration
21 Parameters are grouped by a section name. When providing more than one
22 parameter to a section, all parameters for that section must be wrapped in
23 curly braces. For example, to start VPP with configuration data via the
24 command line with the section name *'unix'*:
26 .. code-block:: console
28 $ sudo /usr/bin/vpp unix { interactive cli-listen 127.0.0.1:5002 }
30 The command line can be presented as a single string or as several; anything
31 given on the command line is concatenated with spaces into a single string
32 before parsing. VPP applications must be able to locate their own executable
33 images. The simplest way to ensure this will work is to invoke a VPP
34 application by giving its absolute path. For example:
35 *'/usr/bin/vpp <options>'* At startup, VPP applications parse through their
36 own ELF-sections [primarily] to make lists of init, configuration, and exit
39 When developing with VPP, in gdb it's often sufficient to start an application
42 .. code-block:: console
44 (gdb) run unix interactive
47 Startup Configuration File (startup.conf)
48 -----------------------------------------
50 The more typical way to specify the startup configuration to VPP is with the
51 startup configuration file (startup.conf).
53 The path of the file is provided to the VPP application on the command line.
54 This is typically at /etc/vpp/startup.conf. If VPP is installed as a package
55 a default startup.conf file is provided at this location.
57 The format of the configuration file is a simple text file with the same content
60 **A very simple startup.conf file:**
62 .. code-block:: console
64 $ cat /etc/vpp/startup.conf
67 log /var/log/vpp/vpp.log
69 cli-listen localhost:5002
80 VPP is instructed to load this file with the -c option. For example:
82 .. code-block:: console
84 $ sudo /usr/bin/vpp -c /etc/vpp/startup.conf
86 Configuration Parameters
87 ------------------------
89 Below is the list of some section names and their associated parameters.
90 This is not an exhaustive list, but should give you an idea of how VPP can be configured.
92 For all of the configuration parameters search the source code for instances of
93 **VLIB_CONFIG_FUNCTION** and **VLIB_EARLY_CONFIG_FUNCTION**.
95 For example, the invocation *'VLIB_CONFIG_FUNCTION (foo_config, "foo")'* will
96 cause the function *'foo_config'* to receive all parameters given in a
97 parameter block named "foo": "foo { arg1 arg2 arg3 ... }".
102 Configures VPP startup and behavior type attributes, as well and any OS based
105 .. code-block:: console
109 log /var/log/vpp/vpp.log
111 cli-listen /run/vpp/cli.sock
118 Do not fork / background the vpp process. Typical when invoking VPP
119 applications from a process monitor. Set by default in the default
120 *'startup.conf'* file.
122 .. code-block:: console
129 Attach CLI to stdin/out and provide a debugging command line interface.
131 .. code-block:: console
138 Logs the startup configuration and all subsequent CLI commands in filename.
139 Very useful in situations where folks don't remember or can't be bothered
140 to include CLI commands in bug reports. The default *'startup.conf'* file
141 is to write to *'/var/log/vpp/vpp.log'*.
143 In VPP 18.04, the default log file location was moved from '/tmp/vpp.log'
144 to '/var/log/vpp/vpp.log' . The VPP code is indifferent to the file location.
145 However, if SELinux is enabled, then the new location is required for the file
146 to be properly labeled. Check your local *'startup.conf'* file for the log file
147 location on your system.
149 .. code-block:: console
151 log /var/log/vpp/vpp-debug.log
153 exec | startup-config <filename>
154 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
156 Read startup operational configuration from filename. The contents of the file
157 will be performed as though entered at the CLI. The two keywords are aliases
158 for the same function; if both are specified, only the last will have an effect.
160 A file of CLI commands might look like:
162 .. code-block:: console
164 $ cat /usr/share/vpp/scripts/interface-up.txt
165 set interface state TenGigabitEthernet1/0/0 up
166 set interface state TenGigabitEthernet1/0/1 up
170 .. code-block:: console
172 startup-config /usr/share/vpp/scripts/interface-up.txt
177 Sets the effective group ID to the input group ID or group name of the calling
180 .. code-block:: console
187 Ask the Linux kernel to dump all memory-mapped address regions, instead of
190 .. code-block:: console
194 coredump-size unlimited | <n>G | <n>M | <n>K | <n>
195 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
197 Set the maximum size of the coredump file. The input value can be set in
198 GB, MB, KB or bytes, or set to *'unlimited'*.
200 .. code-block:: console
202 coredump-size unlimited
204 cli-listen <ipaddress:port> | <socket-path>
205 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
207 Bind the CLI to listen at address localhost on TCP port 5002. This will
208 accept an ipaddress:port pair or a filesystem path; in the latter case a
209 local Unix socket is opened instead. The default *'startup.conf'* file
210 is to open the socket *'/run/vpp/cli.sock'*.
212 .. code-block:: console
214 cli-listen localhost:5002
215 cli-listen /run/vpp/cli.sock
220 Disable character-by-character I/O on stdin. Useful when combined with,
221 for example, emacs M-x gud-gdb.
223 .. code-block:: console
230 Configure the CLI prompt to be string.
232 .. code-block:: console
236 cli-history-limit <n>
237 ^^^^^^^^^^^^^^^^^^^^^
239 Limit command history to <n> lines. A value of 0 disables command history.
242 .. code-block:: console
244 cli-history-limit 100
249 Disable the login banner on stdin and Telnet connections.
251 .. code-block:: console
258 Disable the output pager.
260 .. code-block:: console
264 cli-pager-buffer-limit <n>
265 ^^^^^^^^^^^^^^^^^^^^^^^^^^
267 Limit pager buffer to <n> lines of output. A value of 0 disables the
268 pager. Default value: 100000
270 .. code-block:: console
272 cli-pager-buffer-limit 5000
277 Set the runtime directory, which is the default location for certain
278 files, like socket files. Default is based on User ID used to start VPP.
279 Typically it is *'root'*, which defaults to *'/run/vpp/'*. Otherwise,
280 defaults to *'/run/user/<uid>/vpp/'*.
282 .. code-block:: console
289 Add a fixed-sleep between main loop poll. Default is 0, which is not to
292 .. code-block:: console
299 Writes the pid of the main thread in the given filename.
301 .. code-block:: console
303 pidfile /run/vpp/vpp1.pid
306 The api-trace Section
307 ---------------------
309 The ability to trace, dump, and replay control-plane API traces makes all the
310 difference in the world when trying to understand what the control-plane has
311 tried to ask the forwarding-plane to do.
313 Typically, one simply enables the API message trace scheme:
315 .. code-block:: console
324 Enable API trace capture from the beginning of time, and arrange for a
325 post-mortem dump of the API trace if the application terminates abnormally.
326 By default, the (circular) trace buffer will be configured to capture
327 256K traces. The default *'startup.conf'* file has trace enabled by default,
328 and unless there is a very strong reason, it should remain enabled.
330 .. code-block:: console
337 Configure the circular trace buffer to contain the last <n> entries. By
338 default, the trace buffer captures the last 256K API messages received.
340 .. code-block:: console
344 save-api-table <filename>
345 ^^^^^^^^^^^^^^^^^^^^^^^^^
347 Dumps the API message table to /tmp/<filename>.
349 .. code-block:: console
351 save-api-table apiTrace-07-04.txt
354 The api-segment Section
355 -----------------------
357 These values control various aspects of the binary API interface to VPP.
359 The default looks like the following:
361 .. code-block:: console
371 Sets the prefix prepended to the name used for shared memory (SHM)
372 segments. The default is empty, meaning shared memory segments are created
373 directly in the SHM directory *'/dev/shm'*. It is worth noting that on
374 many systems *'/dev/shm'* is a symbolic link to somewhere else in the file
375 system; Ubuntu links it to *'/run/shm'*.
377 .. code-block:: console
384 Sets the user ID or name that should be used to set the ownership of the
385 shared memory segments. Defaults to the same user that VPP is started
388 .. code-block:: console
395 Sets the group ID or name that should be used to set the ownership of the
396 shared memory segments. Defaults to the same group that VPP is started
399 .. code-block:: console
403 **The following parameters should only be set by those that are familiar with the
404 interworkings of VPP.**
409 Set the base address for SVM global region. If not set, on AArch64, the
410 code will try to determine the base address. All other default to
413 .. code-block:: console
417 global-size <n>G | <n>M | <n>
418 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
420 Set the global memory size, memory shared across all router instances,
421 packet buffers, etc. If not set, defaults to 64M. The input value can be
422 set in GB, MB or bytes.
424 .. code-block:: console
428 global-pvt-heap-size <n>M | size <n>
429 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
431 Set the size of the global VM private mheap. If not set, defaults to 128k.
432 The input value can be set in MB or bytes.
434 .. code-block:: console
436 global-pvt-heap-size size 262144
438 api-pvt-heap-size <n>M | size <n>
439 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
441 Set the size of the api private mheap. If not set, defaults to 128k.
442 The input value can be set in MB or bytes.
444 .. code-block:: console
448 api-size <n>M | <n>G | <n>
449 ^^^^^^^^^^^^^^^^^^^^^^^^^^
451 Set the size of the API region. If not set, defaults to 16M. The input
452 value can be set in GB, MB or bytes.
454 .. code-block:: console
461 Enables a Unix domain socket which processes binary API messages. See
462 .../vlibmemory/socket_api.c. If this parameter is not set, vpp
463 won't process binary API messages over sockets.
465 .. code-block:: console
468 # Explicitly name a socket file
469 socket-name /run/vpp/api.sock
471 # Use defaults as described below
475 The "default" keyword instructs vpp to use /run/vpp/api.sock when
476 running as root, otherwise to use /run/user/<uid>/api.sock.
481 In the VPP there is one main thread and optionally the user can create worker(s)
482 The main thread and worker thread(s) can be pinned to CPU core(s) manually or automatically
484 .. code-block:: console
488 corelist-workers 2-3,18-19
492 Manual pinning of thread(s) to CPU core(s)
493 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
498 Set logical CPU core where main thread runs, if main core is not set VPP will use
501 .. code-block:: console
508 Set logical CPU core(s) where worker threads are running
510 .. code-block:: console
512 corelist-workers 2-3,18-19
514 Automatic pinning of thread(s) to CPU core(s)
515 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
520 Sets number of CPU core(s) to be skipped (1 ... N-1), Skipped CPU core(s) are
521 not used for pinning main thread and working thread(s).
523 The main thread is automatically pinned to the first available CPU core and worker(s)
524 are pinned to next free CPU core(s) after core assigned to main thread
526 .. code-block:: console
533 Specify a number of workers to be created Workers are pinned to N consecutive
534 CPU cores while skipping "skip-cores" CPU core(s) and main thread's CPU core
536 .. code-block:: console
540 scheduler-policy other | batch | idle | fifo | rr
541 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
543 Set scheduling policy and priority of main and worker threads
545 Scheduling policy options are: other (SCHED_OTHER), batch (SCHED_BATCH)
546 idle (SCHED_IDLE), fifo (SCHED_FIFO), rr (SCHED_RR)
548 .. code-block:: console
550 scheduler-policy fifo
552 scheduler-priority number
553 ^^^^^^^^^^^^^^^^^^^^^^^^^
555 Scheduling priority is used only for "real-time policies (fifo and rr),
556 and has to be in the range of priorities supported for a particular policy
558 .. code-block:: console
560 scheduler-priority 50
565 .. code-block:: console
568 buffers-per-numa 128000
569 default data-size 2048
572 buffers-per-numa number
573 ^^^^^^^^^^^^^^^^^^^^^^^
575 Increase number of buffers allocated, needed only in scenarios with
576 large number of interfaces and worker threads. Value is per numa node.
577 Default is 16384 (8192 if running unpriviledged)
579 .. code-block:: console
581 buffers-per-numa 128000
583 default data-size number
584 ^^^^^^^^^^^^^^^^^^^^^^^^
586 Size of buffer data area, default is 2048
588 .. code-block:: console
590 default data-size 2048
596 .. code-block:: console
610 dev <pci-dev> | default { .. }
611 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
613 White-list [as in, attempt to drive] a specific PCI device. PCI-dev is a
614 string of the form "DDDD:BB:SS.F" where:
621 If the keywork **default** is used the values will apply to all the devices.
623 This is the same format used in the linux sysfs tree (i.e./sys/bus/pci/devices)
624 for PCI device directory names.
626 .. code-block:: console
637 Whitelist specific interface by specifying PCI address. When whitelisting specific
638 interfaces by specifying PCI address, additional custom parameters can also be
639 specified. Valid options include:
641 .. code-block:: console
649 Blacklist specific device type by specifying PCI vendor:device Whitelist entries
652 .. code-block:: console
661 .. code-block:: console
670 Number of receive queues. Also enables RSS. Default value is 1.
672 .. code-block:: console
681 Number of transmit queues. Default is equal to number of worker threads
682 or 1 if no workers treads.
684 .. code-block:: console
693 Number of descriptors in receive ring. Increasing or reducing number
694 can impact performance. Default is 1024.
696 .. code-block:: console
702 vlan-strip-offload on | off
703 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
705 VLAN strip offload mode for interface. VLAN stripping is off by default
706 for all NICs except VICs, using ENIC driver, which has VLAN stripping on
709 .. code-block:: console
712 vlan-strip-offload on|off
715 uio-driver driver-name
716 ^^^^^^^^^^^^^^^^^^^^^^
718 Change UIO driver used by VPP, Options are: igb_uio, vfio-pci, uio_pci_generic
722 .. code-block:: console
729 Disable multi-segment buffers, improves performance but disables Jumbo MTU support
731 .. code-block:: console
738 Change hugepages allocation per-socket, needed only if there is need for
739 larger number of mbufs. Default is 256M on each detected CPU socket
741 .. code-block:: console
745 no-tx-checksum-offload
746 ^^^^^^^^^^^^^^^^^^^^^^
748 Disables UDP / TCP TX checksum offload. Typically needed for use faster
749 vector PMDs (together with no-multi-seg)
751 .. code-block:: console
753 no-tx-checksum-offload
755 enable-tcp-udp-checksum
756 ^^^^^^^^^^^^^^^^^^^^^^^
758 Enable UDP / TCP TX checksum offload This is the reversed option of
759 'no-tx-checksum-offload'
761 .. code-block:: console
763 enable-tcp-udp-checksum
768 Configure VPP plugins.
770 .. code-block:: console
773 path /ws/vpp/build-root/install-vpp-native/vpp/lib/vpp_plugins
774 plugin dpdk_plugin.so enable
780 Adjust the plugin path depending on where the VPP plugins are.
782 .. code-block:: console
784 path /ws/vpp/build-root/install-vpp-native/vpp/lib/vpp_plugins
786 plugin plugin-name | default enable | disable
787 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
789 Disable all plugins by default and then selectively enable specific plugins
791 .. code-block:: console
793 plugin default disable
794 plugin dpdk_plugin.so enable
795 plugin acl_plugin.so enable
797 Enable all plugins by default and then selectively disable specific plugins
799 .. code-block:: console
801 plugin dpdk_plugin.so disable
802 plugin acl_plugin.so disable
807 .. code-block:: console
813 socket-name <filename>
814 ^^^^^^^^^^^^^^^^^^^^^^
816 Name of the stats segment socket defaults to /run/vpp/stats.sock.
818 .. code-block:: console
820 socket-name /run/vpp/stats.sock
825 The size of the stats segment, defaults to 32mb
827 .. code-block:: console
831 per-node-counters on | off
832 ^^^^^^^^^^^^^^^^^^^^^^^^^^
836 .. code-block:: console
840 update-interval <f64-seconds>
841 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
843 Sets the segment scrape / update interval
845 .. code-block:: console
850 Some Advanced Parameters:
851 -------------------------
857 These parameters change the configuration of the ACL (access control list) plugin,
858 such as how the ACL bi-hash tables are initialized.
860 They should only be set by those that are familiar with the interworkings of VPP
863 The first three parameters, *connection hash buckets*, *connection hash memory*,
864 and *connection count max*, set the **connection table per-interface parameters**
865 for modifying how the two bounded-index extensible hash tables for
866 IPv6 (40\*8 bit key and 8\*8 bit value pairs) and IPv4
867 (16\*8 bit key and 8\*8 bit value pairs) **ACL plugin FA interface sessions**
870 connection hash buckets <n>
871 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
873 Sets the number of hash buckets (rounded up to a power of 2) in each
874 of the two bi-hash tables. Defaults to 64\*1024 (65536) hash buckets.
876 .. code-block:: console
878 connection hash buckets 65536
880 connection hash memory <n>
881 ^^^^^^^^^^^^^^^^^^^^^^^^^^
883 Sets the allocated memory size (in bytes) for each of the two bi-hash tables.
884 Defaults to 1073741824 bytes.
886 .. code-block:: console
888 connection hash memory 1073741824
890 connection count max <n>
891 ^^^^^^^^^^^^^^^^^^^^^^^^
893 Sets the maximum number of pool elements when allocating each per-worker
894 pool of sessions for both bi-hash tables. Defaults to 500000 elements in each pool.
896 .. code-block:: console
898 connection count max 500000
900 main heap size <n>G | <n>M | <n>K | <n>
901 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
903 Sets the size of the main memory heap that holds all the ACL module related
904 allocations (other than hash.) Default size is 0, but during
905 ACL heap initialization is equal to
906 *per_worker_size_with_slack * tm->n_vlib_mains + bihash_size + main_slack*.
907 Note that these variables are partially based on the
908 **connection table per-interface parameters** mentioned above.
910 .. code-block:: console
914 The next three parameters, *hash lookup heap size*, *hash lookup hash buckets*,
915 and *hash lookup hash memory*, modify the initialization of the bi-hash lookup
916 table used by the ACL plugin. This table is initialized when attempting to apply
917 an ACL to the existing vector of ACLs looked up during packet processing
918 (but it is found that the table does not exist / has not been initialized yet.)
920 hash lookup heap size <n>G | <n>M | <n> K | <n>
921 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
923 Sets the size of the memory heap that holds all the miscellaneous allocations
924 related to hash-based lookups. Default size is 67108864 bytes.
926 .. code-block:: console
928 hash lookup heap size 70M
930 hash lookup hash buckets <n>
931 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
933 Sets the number of hash buckets (rounded up to a power of 2) in the bi-hash
934 lookup table. Defaults to 65536 hash buckets.
936 .. code-block:: console
938 hash lookup hash buckets 65536
940 hash lookup hash memory <n>
941 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
943 Sets the allocated memory size (in bytes) for the bi-hash lookup table.
944 Defaults to 67108864 bytes.
946 .. code-block:: console
948 hash lookup hash memory 67108864
953 Sets a boolean value indicating whether or not to use TupleMerge
954 for hash ACL's. Defaults to 1 (true), meaning the default implementation
955 of hashing ACL's does use TupleMerge.
957 .. code-block:: console
961 tuple merge split threshold <n>
962 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
964 Sets the maximum amount of rules (ACE's) that can collide in a bi-hash
965 lookup table before the table is split into two new tables. Splitting ensures
966 less rule collisions by hashing colliding rules based on their common tuple
967 (usually their maximum common tuple.) Splitting occurs when the
968 *length of the colliding rules vector* is greater than this threshold amount.
969 Defaults to a maximum of 39 rule collisions per table.
971 .. code-block:: console
973 tuple merge split threshold 30
975 reclassify sessions <n>
976 ^^^^^^^^^^^^^^^^^^^^^^^
978 Sets a boolean value indicating whether or not to take the epoch of the session
979 into account when dealing with re-applying ACL's or changing already applied ACL's.
980 Defaults to 0 (false), meaning the default implementation does NOT take the
981 epoch of the session into account.
983 .. code-block:: console
985 reclassify sessions 1
995 Sets the api queue length. Minimum valid queue length is 1024, which is
998 .. code-block:: console
1007 The circular journal (CJ) thread-safe circular log buffer scheme is
1008 occasionally useful when chasing bugs. Calls to it should not be checked in.
1009 See .../vlib/vlib/unix/cj.c. The circular journal is disables by default.
1010 When enabled, the number of records must be provided, there is no default
1016 Configure the number of circular journal records in the circular buffer.
1017 The number of records should be a power of 2.
1019 .. code-block:: console
1026 Turns on logging at the earliest possible moment.
1028 .. code-block:: console
1038 Set the maximum number of active elements allowed in the pool of
1039 dns cache entries. When resolving an expired entry or adding a new
1040 static entry and the max number of active entries is reached,
1041 a random, non-static entry is deleted. Defaults to 65535 entries.
1043 .. code-block:: console
1045 max-cache-size 65535
1050 Heapsize configuration controls the size of the main heap. The heap size is
1051 configured very early in the boot sequence, before loading plug-ins or doing
1052 much of anything else.
1054 heapsize <n>M | <n>G
1055 ^^^^^^^^^^^^^^^^^^^^
1057 Specifies the size of the heap in MB or GB. The default is 1GB. Setting the
1058 main heap size to 4GB or more requires recompilation of the entire system
1059 with CLIB_VEC64 > 0. See .../clib/clib/vec_bootstrap.h.
1061 .. code-block:: console
1068 IPv4 heap configuration. he heap size is configured very early in the boot
1069 sequence, before loading plug-ins or doing much of anything else.
1071 heap-size <n>G | <n>M | <n>K | <n>
1072 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1074 Set the IPv4 mtrie heap size, which is the amount of memory dedicated to
1075 the destination IP lookup table. The input value can be set in GB, MB, KB
1076 or bytes. The default value is 32MB.
1078 .. code-block:: console
1085 IPv6 heap configuration. he heap size is configured very early in the boot
1086 sequence, before loading plug-ins or doing much of anything else.
1089 heap-size <n>G | <n>M | <n>K | <n>
1090 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1092 Set the IPv6 forwarding table heap size. The input value can be set in GB,
1093 MB, KB or bytes. The default value is 32MB.
1095 .. code-block:: console
1102 Set the number of IPv6 forwarding table hash buckets. The default value is
1105 .. code-block:: console
1112 Configure Layer 2 MAC Address learning parameters.
1117 Configures the number of L2 (MAC) addresses in the L2 FIB at any one time,
1118 which limits the size of the L2 FIB to <n> concurrent entries. Defaults to
1119 4M entries (4194304).
1121 .. code-block:: console
1128 IPv6 Layer 2 Tunnelling Protocol Version 3 (IPv6-L2TPv3) configuration controls
1129 the method used to locate a specific IPv6-L2TPv3 tunnel. The following settings
1130 are mutually exclusive:
1135 Lookup tunnel by IPv6 source address.
1137 .. code-block:: console
1144 Lookup tunnel by IPv6 destination address.
1146 .. code-block:: console
1153 Lookup tunnel by L2TPv3 session identifier.
1155 .. code-block:: console
1165 Number of entries in the global logging buffer. Defaults to 512.
1167 .. code-block:: console
1174 Set the global value for the time to wait (in seconds) before resuming
1175 logging of a log subclass that exceeded the per-subclass message-per-second
1176 threshold. Defaults to 3.
1178 .. code-block:: console
1182 default-log-level emerg|alert | crit | err | warn | notice | info | debug | disabled
1183 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1185 Set the default logging level of the system log. Defaults to notice.
1187 .. code-block:: console
1189 default-log-level notice
1191 default-syslog-log-level emerg|alert | crit | err | warn | notice | info | debug | disabled
1192 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1194 Set the default logging level of the syslog target. Defaults to warning.
1196 .. code-block:: console
1198 default-syslog-log-level warning
1203 lookup-table-buckets <n>
1204 ^^^^^^^^^^^^^^^^^^^^^^^^
1206 Sets the number of hash buckets in the mactime bi-hash lookup table.
1207 Defaults to 128 buckets.
1209 .. code-block:: console
1211 lookup-table-buckets 128
1213 lookup-table-memory <n>G | <n>M | <n>K | <n>
1214 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1216 Sets the allocated memory size (in bytes) for the mactime bi-hash lookup table.
1217 The input value can be set in GB, MB, KB or bytes. The default value is 262144
1218 (256 << 10) bytes or roughly 256KB.
1220 .. code-block:: console
1222 lookup-table-memory 300K
1227 Sets the timezone offset from UTC. Defaults to an offset of -5 hours
1228 from UTC (US EST / EDT.)
1230 .. code-block:: console
1238 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
1240 Sets a boolean true to indicate that the MAP node is a Customer Edge (CE)
1241 router. The boolean defaults to false, meaning the MAP node is not treated
1244 .. code-block:: console
1251 These parameters change the configuration of the NAT (Network address translation)
1252 plugin, such as how the NAT & NAT64 bi-hash tables are initialized, if the NAT is
1253 endpoint dependent, or if the NAT is deterministic.
1255 For each NAT per thread data, the following 4 parameters change how certain
1256 bi-hash tables are initialized.
1258 translation hash buckets <n>
1259 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1261 Sets the number of hash buckets in each of the two in/out NAT bi-hash lookup
1262 tables. Defaults to 1024 buckets.
1264 If the NAT is indicated to be endpoint dependent, which can be set with the
1265 :ref:`endpoint-dependent parameter <endpointLabel>`, then this parameter sets
1266 the number of hash buckets in each of the two endpoint dependent sessions
1267 NAT bi-hash lookup tables.
1269 .. code-block:: console
1271 translation hash buckets 1024
1273 translation hash memory <n>
1274 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
1276 Sets the allocated memory size (in bytes) for each of the two in/out NAT
1277 bi-hash tables. Defaults to 134217728 (128 << 20) bytes, which is roughly 128 MB.
1279 If the NAT is indicated to be endpoint dependent, which can be set with the
1280 :ref:`endpoint-dependent parameter <endpointLabel>`, then this parameter sets the
1281 allocated memory size for each of the two endpoint dependent sessions NAT bi-hash
1284 .. code-block:: console
1286 translation hash memory 134217728
1288 user hash buckets <n>
1289 ^^^^^^^^^^^^^^^^^^^^^
1291 Sets the number of hash buckets in the user bi-hash lookup table
1292 (src address lookup for a user.) Defaults to 128 buckets.
1294 .. code-block:: console
1296 user hash buckets 128
1298 user hash memory <n>
1299 ^^^^^^^^^^^^^^^^^^^^
1301 Sets the allocated memory size (in bytes) for the user bi-hash lookup table
1302 (src address lookup for a user.) Defaults to 67108864 (64 << 20) bytes,
1303 which is roughly 64 MB.
1305 .. code-block:: console
1307 user hash memory 67108864
1309 max translations per user <n>
1310 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1312 Sets the maximum amount of dynamic and/or static NAT sessions each user can have.
1313 Defaults to 100. When this limit is reached, the least recently used translation
1316 .. code-block:: console
1318 max translations per user 50
1323 Sets a boolean value to 1 indicating that the NAT is deterministic. Defaults to 0,
1324 meaning the NAT is not deterministic.
1326 .. code-block:: console
1330 nat64 bib hash buckets <n>
1331 ^^^^^^^^^^^^^^^^^^^^^^^^^^
1333 Sets the number of hash buckets in each of the two in/out NAT64 BIB bi-hash
1334 tables. Defaults to 1024 buckets.
1336 .. code-block:: console
1338 nat64 bib hash buckets 1024
1340 nat64 bib hash memory <n>
1341 ^^^^^^^^^^^^^^^^^^^^^^^^^
1343 Sets the allocated memory size (in bytes) for each of the two in/out NAT64
1344 BIB bi-hash tables. Defaults to 134217728 (128 << 20) bytes,
1345 which is roughly 128 MB.
1347 .. code-block:: console
1349 nat64 bib hash memory 134217728
1351 nat64 st hash buckets <n>
1352 ^^^^^^^^^^^^^^^^^^^^^^^^^
1354 Sets the number of hash buckets in each of the two in/out NAT64 session table
1355 bi-hash tables. Defaults to 2048 buckets.
1357 .. code-block:: console
1359 nat64 st hash buckets 2048
1361 nat64 st hash memory <n>
1362 ^^^^^^^^^^^^^^^^^^^^^^^^
1364 Sets the allocated memory size (in bytes) for each of the two in/out NAT64 session
1365 table bi-hash tables. Defaults to 268435456 (256 << 20) bytes, which is roughly
1368 .. code-block:: console
1370 nat64 st hash memory 268435456
1377 Sets a boolean value to 1, indicating that the NAT is endpoint dependent.
1378 Defaults to 0, meaning the NAT is not endpoint dependent.
1380 .. code-block:: console
1387 OAM configuration controls the (ip4-icmp) interval, and number of misses
1388 allowed before reporting an oam target down to any registered listener.
1393 Interval, floating-point seconds, between sending OAM IPv4 ICMP messages.
1394 Default is 2.04 seconds.
1396 .. code-block:: console
1403 Configuration parameters used to specify base address and maximum size of
1404 the memory allocated for the pmalloc module in VPP. pmalloc is a NUMA-aware,
1405 growable physical memory allocator. pmalloc allocates memory for the DPDK
1411 Specify the base address for pmalloc memory space.
1413 .. code-block:: console
1415 base-addr 0xfffe00000000
1417 max-size <n>G | <n>M | <n>K | <n>
1418 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1420 Set the memory size for pmalloc memory space. The default is 16G.
1422 .. code-block:: console
1429 Configuration parameters for TAPCLI (dynamic tap interface hookup.)
1434 Sets interface MTU (maximum transmission unit) size in bytes. This size
1435 is also related to the number of MTU buffers. Defaults to 1500 bytes.
1437 .. code-block:: console
1444 Disables TAPCLI. Default is that TAPCLI is enabled.
1446 .. code-block:: console
1454 Configuration parameters for TCP host stack utilities. The following
1455 preallocation parameters are related to the initialization of fixed-size,
1456 preallocation pools.
1458 preallocated-connections <n>
1459 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1461 Sets the number of preallocated TCP connections. Defaults to 0.
1462 The preallocated connections per thread is related to this value,
1463 equal to (preallocated_connections / (num_threads - 1)).
1465 .. code-block:: console
1467 preallocated-connections 5
1469 preallocated-half-open-connections <n>
1470 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1472 Sets the number of preallocated TCP half-open connections. Defaults to 0.
1474 .. code-block:: console
1476 preallocated-half-open-connections 5
1478 buffer-fail-fraction <n.n>
1479 ^^^^^^^^^^^^^^^^^^^^^^^^^^
1481 Sets the TCP buffer fail fraction (a float) used for fault-injection
1482 when debugging TCP buffer allocation. Its use is found in *tcp_debug.h*.
1485 .. code-block:: console
1487 buffer-fail-fraction 0.0
1493 Configures TLS parameters, such as enabling the use of test certificates.
1494 These parameters affect the tlsmbedtls and tlsopenssl plugins.
1499 Sets a boolean value to 1 to indicate during the initialization of a
1500 TLS CA chain to attempt to parse and add test certificates to the chain.
1501 Defaults to 0, meaning test certificates are not used.
1503 .. code-block:: console
1507 ca-cert-path <filename>
1508 ^^^^^^^^^^^^^^^^^^^^^^^
1510 Sets the filename path of the location of TLS CA certificates, used when
1511 initializing and loading TLS CA certificates during the initialization
1512 of a TLS CA chain. If not set, the default filename path is
1513 */etc/ssl/certs/ca-certificates.crt*.
1515 .. code-block:: console
1517 ca-cert-path /etc/ssl/certs/ca-certificates.crt
1523 The "tuntap" driver configures a point-to-point interface between the vpp
1524 engine and the local Linux kernel stack. This allows e.g. users to ssh to the
1525 host | VM | container via vpp "revenue" interfaces. It's marginally useful, and
1526 is currently disabled by default. To [dynamically] create TAP interfaces - the
1527 preferred scheme - see the "tap_connect" binary API. The Linux network stack
1528 "vnet" interface needs to manually configure, and VLAN and other settings if
1535 Enable or disable the tun/tap driver.
1537 .. code-block:: console
1544 Create a tap device (ethernet MAC) instead of a tun device (point-to-point
1545 tunnel). The two keywords are aliases for the same function.
1547 .. code-block:: console
1551 have-normal-interface|have-normal
1552 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1554 Treat the host Linux stack as a routing peer instead of programming VPP
1555 interface L3 addresses onto the tun/tap devices. The two keywords are
1556 aliases for the same function.
1558 .. code-block:: console
1560 have-normal-interface
1565 Assign name to the tun/tap device.
1567 .. code-block:: console
1575 Vhost-user configuration parameters control the vhost-user driver.
1580 Subject to deadline-timer expiration - see next item - attempt to transmit
1581 at least <n> packet frames. Default is 32 frames.
1583 .. code-block:: console
1587 coalesce-time <seconds>
1588 ^^^^^^^^^^^^^^^^^^^^^^^
1590 Hold packets no longer than (floating-point) seconds before transmitting
1591 them. Default is 0.001 seconds
1593 .. code-block:: console
1600 vhost-user shared-memory segments can add up to a large amount of memory, so
1601 it's handy to avoid adding them to corefiles when using a significant number
1604 .. code-block:: console
1612 These parameters configure VLIB, such as allowing you to choose whether to
1613 enable memory traceback or a post-mortem elog dump.
1618 Enables memory trace (mheap traceback.) Defaults to 0, meaning memory
1621 .. code-block:: console
1628 Sets the number of elements/events (the size) of the event ring
1629 (a circular buffer of events.) This number rounds to a power of 2.
1630 Defaults to 131072 (128 << 10) elements.
1632 .. code-block:: console
1636 elog-post-mortem-dump
1637 ^^^^^^^^^^^^^^^^^^^^^
1639 Enables the attempt of a post-mortem elog dump to
1640 */tmp/elog_post_mortem.<PID_OF_CALLING_PROCESS>* if os_panic or
1643 .. code-block:: console
1645 elog-post-mortem-dump