To process web traffic in a cloud-based environment, a
packet forwarder must be configured to transmit data to a central DNCA that
is operating on a virtual machine.
Before you begin
The following prerequisites must be completed before you
configure the packet forwarder software.
- All installation and configuration operations must be completed
using the
root
user account. Using the sudo
command
may not provide sufficient permissions to allow system parameter modifications
and might cause an incomplete or incorrect installation.
About this task
Use the following steps to configure the packet forwarder
and DNCA for
communication in your cloud-based environment.
Procedure
- Locate
/usr/local/dncauser/etc/fwdr-conf.xml
on
the reverse proxy server or on the virtual web server that is hosting
the packet forwarder transmitter. - Back up the existing configuration file by copying
/usr/local/dncauser/etc/fwdr-conf.xml
to
a backup directory.If your configuration file becomes
corrupted or invalid, you can restore from your backup or create a
new configuration file from fwdr-conf-defaults.xml
. fwdr-conf-defaults.xml
contains
the default configuration settings for the packet forwarder.
- Edit the
/usr/local/dncauser/etc/fwdr-conf.xml
.
You can use the vi
editor or another text editor
to edit the configuration file.
- Locate the
<PrimaryInterface>
tag and
edit the virtual NIC device name for the packet forwarder.The
packet forwarder captures the traffic from the web server. For most
installations, eth0
is used as the device name.
- Edit the port numbers to reflect the traffic ports that
are used for your server.
The default capture traffic filter
rule is defined to listen to port 80 and 443 traffic.
Example port
settings:
<ListenTos>
<ListenTo>
<Port>80</Port>
<Port>443</Port>
</ListenTo>
</ListenTos>
- Locate the
Delivery
tag and edit the delivery
network connection for the packet forwarder. This connects the packet
forwarder to the centralized DNCA VM
instance.Example delivery network connection settings:
<Peers>
<Peer>
<Address>127.0.0.1</Address>>
<Port>1888</Port>
</Peer>
</Peers>
- Locate and edit the
<Address>
and <Port>
tag
match the assigned internal IP address and port of the DNCA that
is installed on the virtual machine.Example setting
for the DNCA VM
internal IP address:
Note: The <Port>
tag defines
the port number of the base network connection. This is a base port
number where it defines the block of port numbers that can be used
for the number of web server instances that can be provisioned. For
example, if you know that there will be a maximum of five web-server
instances that can be dynamically provisioned, then the block of ports
that are used start with 1888. In this example, port numbers 1888
- 1892 would be used based on the maximum of five instances.
<Peers>
<Peer>
<Address>127.0.0.1</Address>
<Port>1888</Port>
</Peer>
</Peers>
- Locate and edit the
<MaxRotatePeers>
tag
to define the maximum number of web server instances that can be dynamically
provisioned. The default is set to 1
for just one
web-server instance where there are no other instances of the packet
forwarder used in the web server tier.Note: If you are
statically assigning a fixed number of web server instances with associated
packet forwarders, then the <MaxRotatePeers>
would
remain set to the default value of 1
. Each packet
forwarder has to configured with a unique port number to identify
a unique network connection to the centralized DNCA VM
instance. The port numbers must be assigned in sequential order. This
is required by the socket receiver for the DNCA when
it is configured for the packet forwarder's network connections.
If you decide to start with port number 1888 for the first packet
forwarder, then defining five of them would be 1888 through 1892.
- Save your changes to the configuration file.
- You must configure a packet forwarder receiver instance
for each Packet
Forwarder transmitter instance that you have deployed. For
more information, see Configuring a Packet Forwarder Receiver and the DNCA to Receive Forwarded Packets.
What to do next
Once the packet forwarder is running, you can also perform
the following actions:
- Check the status of a packet forwarder, by running
service
pktfwdr status
.
- Stop a packet forwarder, by running
service pktfwdr stop
.
- View the statistics for a packet forwarder, by running
dcxstats
-p
.