-
Notifications
You must be signed in to change notification settings - Fork 232
Network
The Gatekeeper network configuration allows the user to specify parameters that are relevant to the interfaces and network in general. Since the network configuration is used by each functional block, some of its state serves as a sort of global configuration for Gatekeeper.
The network configuration allows users to fully specify the Gatekeeper interfaces. Gatekeeper interfaces are composed of one or more component interfaces (or ports). Each Gatekeeper interface is assigned at most one IPv4 address and at most one IPv6 address.
Gatekeeper servers have a front and a back interface. The front interface announces routes via BGP to peers in the vantage point, and accepts incoming traffic on behalf of the protected destination. It then forwards traffic through the back interface, either to a Grantor server, to a gateway to be delivered to another network, or to a neighbor in the same network.
Grantor servers have only a front interface. They accept packets from Gatekeeper servers on the front interface, and for granted packets, they transmit them back through the front interface to the ultimate destination.
The network configuration allows users to specify other options on Gatekeeper interfaces, such as a VLAN tag, the MTU, and a bonding mode (when more than one port is used to compose a single Gatekeeper interface).