[global]
log_path = ./log/kni/kni.log
log_level = {{ kni_log_level }}
tfe_node_count = {{ kni.global.tfe_node_count }}
manage_eth = {{ nic_mgr.name }}
{% if tsg_running_type != 2 %}
deploy_mode = tun
{% else %}
deploy_mode = normal
{% endif %}
tun_name = tun_kni
src_mac_addr = 00:0e:c6:d6:72:c1
dst_mac_addr = fe:65:b7:03:50:bd
{% if tsg_access_type == 4 %}
[tfe0]
enabled = 1
dev_eth_symbol = {{ ATCA_data_incoming.vf1_name }}
ip_addr = 192.168.100.1
{% elif tsg_running_type == 2 %}
[tfe0]
enabled = {{ kni.tfe_nodes.tfe0_enabled }}
dev_eth_symbol = {{ nic_to_tfe.tfe0.name }}
ip_addr = 192.168.100.2

[tfe1]
enabled = {{ kni.tfe_nodes.tfe1_enabled }}
dev_eth_symbol = {{ nic_to_tfe.tfe1.name }}
ip_addr = 192.168.100.3

[tfe2]
enabled = {{ kni.tfe_nodes.tfe2_enabled }}
dev_eth_symbol = {{ nic_to_tfe.tfe2.name }}
ip_addr = 192.168.100.4
{% endif %}

[tfe_cmsg_receiver]
listen_eth = {{ nic_inner_ctrl.name }}
listen_port = 2475

[watch_dog]
switch = {{ kni.watch_dog.switch }}
listen_eth = {{ nic_inner_ctrl.name }}
listen_port = 2476
keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3

[marsio]
appsym = knifw

[dup_traffic]
switch = 1
action = 2
capacity = 10000000
error_rate = 0.00001
expiry_time = 60

[traceid2pme_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
mho_mutex_num = 160
mho_hash_slot_size = 640000
mho_hash_max_element_num = 2560000
mho_expire_time = 30
mho_eliminate_type = LRU

#per thread
[tuple2stream_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 0
mho_mutex_num = 160
mho_hash_slot_size = 80000
mho_hash_max_element_num = 320000
mho_expire_time = 0
mho_eliminate_type = LRU

[field_stat]
remote_switch = 1
remote_ip = 127.0.0.1
remote_port = 58100
local_path = ./fs2_kni.status
stat_cycle = 1
print_mode = 1
# 1:FS_OUTPUT_STATSD; 2:FS_OUTPUT_INFLUX_LINE
statsd_format = 2
APP_NAME = fs2_kni

#self test Shunt rules security policy id
[tsg_diagnose]
enabled = 1
security_policy_id = 3,10


[ssl_dynamic_bypass]
enabled = 1

#kni dynamic bypass
[traceid2sslinfo_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
mho_mutex_num = 160
mho_hash_slot_size = 80000
mho_hash_max_element_num = 320000
mho_expire_time = 300
mho_eliminate_type = FIFO

[sslinfo2bypass_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
mho_mutex_num = 160
mho_hash_slot_size = 640000
mho_hash_max_element_num = 2560000
mho_expire_time = 300
mho_eliminate_type = FIFO

[proxy_tcp_option]
enabled = 1
maat_table_compile = PXY_TCP_OPTION_COMPILE
maat_table_addr = PXY_TCP_OPTION_ADDR
maat_table_fqdn = PXY_TCP_OPTION_SERVER_FQDN
enable_override = 0
client_tcp_maxseg_enable = 0
client_tcp_maxseg = 1460
client_tcp_nodelay =  1
client_tcp_ttl = 70
client_tcp_keepalive_enable = 1
client_tcp_keepalive_keepcnt = 8
client_tcp_keepalive_keepidle = 30
client_tcp_keepalive_keepintvl = 15
client_tcp_user_timeout = 600
server_tcp_maxseg_enable = 0
server_tcp_maxseg = 1460
server_tcp_nodelay = 1
server_tcp_ttl = 75
server_tcp_keepalive_enable = 1
server_tcp_keepalive_keepcnt = 8
server_tcp_keepalive_keepidle = 30
server_tcp_keepalive_keepintvl = 15
server_tcp_user_timeout = 600
bypass_duplicated_packet = 0
tcp_passthrough = 0

[share_session_attribute]
SESSION_ATTRIBUTE_LABEL=TSG_MASTER_INTERNAL_LABEL