Documentation > Other Configuration > Atomic Configuration

Atomic Configuration

Index

  1. Introduction
  2. SIIT
  3. NAT64

Introduction

“Atomic Configuration” is a means to set up more than one of Jool’s parameters in a single jool/jool_siit command. The idea is that either all the configuration is applied at once (on success) or none of it (on any failures). This frees you from having to handle mid-configuration exceptions and have to roll back half commits.

You can also think of it as “file” configuration mode, since that’s the means by which Atomic Configuration is handled. You still need the userspace applications though.

SIIT NAT64
# jool_siit --file /path/to/config
# jool --file /path/to/config

The configuration is read from a Json file. Since the options are the same as their userspace application counterparts, I will simply showcase a couple of full Json examples and link to the app documentation.

Every tag is optional. Section tags (such as global, pool6 and eamt) and global parameters (eg. manually-enabled, tos and f-args) that you skip will be left intact as they used to be. For example, if your RFC6791 pool contains address 192.0.2.32 and you omit the pool6791 tag in the file, 192.0.2.32 will remain in pool6791 after the new configuration is applied. If, on the other hand, you intend to clear pool6791, you need to explicitly write an empty pool6791 tag.

Without further ado:

SIIT

{
	"global": {
		"manually-enabled": false,
		"zeroize-traffic-class": true,
		"override-tos": false,
		"tos": 254,
		"mtu-plateaus": [1, 2, 3, 4, 5, 6],
		"amend-udp-checksum-zero": true,
		"eam-hairpin-mode": 1,
		"randomize-rfc6791-addresses": false,
		"rfc6791v6-prefix": null
	},

	"pool6": "64:ff9b::/96",

	"eamt": [
		{
			"ipv6 prefix": "2001:db8:1::/128",
			"ipv4 prefix": "192.0.2.0"
		},
		{
			"ipv6 prefix": "2001:db8:2::",
			"ipv4 prefix": "192.0.2.1/32"
		},
		{
			"ipv6 prefix": "2001:db8:3::/124",
			"ipv4 prefix": "192.0.2.16/28"
		}
	],

	"blacklist": [
		"198.51.100.0",
		"198.51.100.2/32",
		"198.51.100.32/27"
	],

	"pool6791": [
		"203.0.113.0",
		"203.0.113.1/32",
		"203.0.113.64/26"
	]
}

NAT64

There is one major caveat here: atomic modification of static BIB entries is not supported. This is because the current implementation of BIB/session is not suitable to guarantee the atomicity of multiple modifications.

Sorry. This does not necessarily mean it will never be implemented, but there are no plans for now.

{
	"global": {
		"manually-enabled": false,

		"zeroize-traffic-class": true,
		"override-tos": false,
		"tos": 254,
		"mtu-plateaus": [1, 2, 3, 4, 5, 6],
		"maximum-simultaneous-opens": 16,
		"source-icmpv6-errors-better": true,
		"handle-rst-during-fin-rcv": true,
		"f-args": 10,

		"logging-bib": true,
		"logging-session": true,

		"address-dependent-filtering": true,
		"drop-icmpv6-info": true,
		"drop-externally-initiated-tcp": true,

		"udp-timeout": 213897,
		"tcp-est-timeout": 218937891,
		"tcp-trans-timeout": 289013021,
		"icmp-timeout": 129038,
		"fragment-arrival-timeout": 190238,

		"ss-enabled": true,
		"ss-flush-asap": false,
		"ss-flush-deadline": 1000,
		"ss-capacity": 256,
		"ss-max-payload": 600
	},

	"pool6": "64:ff9b::/96",

	"pool4": [
		{
			"mark": 1,
			"protocol": "UDP",
			"prefix": "192.0.2.1",
			"port range": "61001-62000"
		},
		{
			"mark": 1,
			"protocol": "ICMP",
			"prefix": "192.0.2.1/32",
			"port range": "1000-2000"
		},
		{
			"protocol": "TCP",
			"prefix": "192.0.2.1/31"
		}
	]
}