tango-kni/conf/kni/kni.conf

[global]
log_path = ./log/kni/kni.log
log_level = 10
tfe_node_count = 3
manage_eth = enp6s0
deploy_mode = normal
tun_name = tun_kni
src_mac_addr = 00:0e:c6:d6:72:c1
dst_mac_addr = fe:65:b7:03:50:bd


reassembled_packets_num = 2

[tfe0]
enabled = 1
dev_eth_symbol = ens1f5
ip_addr = 192.168.100.2

[tfe1]
enabled = 1
dev_eth_symbol = ens1f6
ip_addr = 192.168.100.3

[tfe2]
enabled = 1
dev_eth_symbol = ens1f7
ip_addr = 192.168.100.4

[tfe_cmsg_receiver]
listen_eth = ens1.100
listen_port = 2475

[watch_dog]
switch = 1
listen_eth = ens1.100
listen_port = 2476
keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3

[marsio]
appsym = knifw

[dup_traffic]
switch = 1
action = 2
capacity = 10000000
error_rate = 0.00001
expiry_time = 60

[traceid2pme_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
mho_mutex_num = 160
mho_hash_slot_size = 640000
mho_hash_max_element_num = 2560000
mho_expire_time = 30
mho_eliminate_type = LRU

#per thread
[tuple2stream_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 0
mho_mutex_num = 160
mho_hash_slot_size = 80000
mho_hash_max_element_num = 320000
mho_expire_time = 0
mho_eliminate_type = LRU

[field_stat]
remote_switch = 1
remote_ip = 127.0.0.1
remote_port = 58100
local_path = ./fs2_kni.status
stat_cycle = 1
print_mode = 1
# 1:FS_OUTPUT_STATSD; 2:FS_OUTPUT_INFLUX_LINE
statsd_format = 2
APP_NAME = fs2_kni

#self test Shunt rules security policy id
[tsg_diagnose]
enabled = 1
security_policy_id = 3,10


[ssl_dynamic_bypass]
enabled = 1

#kni dynamic bypass
[traceid2sslinfo_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
mho_mutex_num = 160
mho_hash_slot_size = 80000
mho_hash_max_element_num = 320000
mho_expire_time = 300
mho_eliminate_type = FIFO

[sslinfo2bypass_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
mho_mutex_num = 160
mho_hash_slot_size = 640000
mho_hash_max_element_num = 2560000
mho_expire_time = 300
mho_eliminate_type = FIFO

[proxy_tcp_option]
enabled = 1
maat_table_compile = PXY_TCP_OPTION_COMPILE
maat_table_addr = PXY_TCP_OPTION_ADDR
maat_table_fqdn = PXY_TCP_OPTION_SERVER_FQDN
enable_override = 0
client_tcp_maxseg_enable = 0
client_tcp_maxseg = 1460
client_tcp_nodelay =  1
client_tcp_ttl = 70
client_tcp_keepalive_enable = 1
client_tcp_keepalive_keepcnt = 8
client_tcp_keepalive_keepidle = 30
client_tcp_keepalive_keepintvl = 15
client_tcp_user_timeout = 600
server_tcp_maxseg_enable = 0
server_tcp_maxseg = 1460
server_tcp_nodelay = 1
server_tcp_ttl = 75
server_tcp_keepalive_enable = 1
server_tcp_keepalive_keepcnt = 8
server_tcp_keepalive_keepidle = 30
server_tcp_keepalive_keepintvl = 15
server_tcp_user_timeout = 600
bypass_duplicated_packet = 0
tcp_passthrough = 0

[share_session_attribute]
SESSION_ATTRIBUTE_LABEL=TSG_MASTER_INTERNAL_LABEL