caden-gate#
Repository: guenterfischer-public/networking/caden-gate
Summary#
CADEN-gate is a configurable high-performance network gateway, including firewall and data distribution capabilities.
It uses the Data Plane Development Kit (DPDK) to provide a high-performance data path between a physical network interface and multiple virtual interfaces. The architecture is based on a multi-core pipeline where each stage of the packet processing is assigned to a dedicated logical core (lcore). This allows for parallel processing and maximizes throughput by avoiding contention.
Installation#
Pre-built versions of the tool can be downloaded from the GitLab Repository.
cd /tmp
curl -O https://gitlab.com/api/v4/projects/80356659/packages/generic/releases/0.1.0/caden-gate_0.1.0_amd64.deb
sudo apt install /tmp/caden-gate_0.1.0_amd64.deb
The application and all its associated resources are installed in the directory /opt/caden/caden-gate.
Control via REST API#
CADEN-gate provides a REST API for configuration, control, and monitoring.
By default, the API is reachable at http://<host>:8000.
The port can be configured via the environment variable CADEN_GATE_API_PORT.
The API is documented using Swagger UI, which is available at http://<host>:<port>/swagger/ui.
GET /api/v1/ports
Retrieves information about all available physical network interfaces detected by DPDK.
Response Example:
[
{
"port_id": 0,
"name": "0000:02:00.0",
"driver_name": "mlx5_pci",
"if_index": 3,
"min_mtu": 68,
"max_mtu": 9978,
"max_rx_queues": 1024,
"max_tx_queues": 1024,
"tx_offload_capa": [
"VLAN_INSERT",
"IPV4_CKSUM",
"UDP_CKSUM",
"TCP_CKSUM",
"TCP_TSO",
"OUTER_IPV4_CKSUM",
"VXLAN_TNL_TSO",
"GRE_TNL_TSO",
"GENEVE_TNL_TSO",
"MULTI_SEGS",
"MBUF_FAST_FREE",
"UDP_TNL_TSO",
"IP_TNL_TSO"
],
"rx_offload_capa": [
"VLAN_STRIP",
"IPV4_CKSUM",
"UDP_CKSUM",
"TCP_CKSUM",
"TCP_LRO",
"VLAN_FILTER",
"SCATTER",
"TIMESTAMP",
"KEEP_CRC",
"RSS_HASH",
"BUFFER_SPLIT"
],
"link": "Link up at 100 Gbps FDX Autoneg None"
}
]
GET /api/v1/config/data-path
Retrieves the current data path and ACL configuration.
POST /api/v1/config/data-path
Sets the configuration for the data paths. This includes the mapping between physical and virtual ports, as well as the ACL rules.
Request Body Example:
[
{
"phys_port": { "port_id": 0 },
"virt_ports": [
{ "sub_id": 1 },
{ "sub_id": 2 }
],
"acl": {
"rules_ipv4": [
{
"priority": 10,
"protocol": 17,
"src_ip": "192.168.1.10/32",
"dst_ip": "192.168.1.11/32",
"action": { "type": "forward", "info": 0 }
},
{
"priority": 5,
"protocol": 6,
"src_ip": "192.168.2.0/24",
"dst_ip": "192.168.2.0/24",
"action": { "type": "drop", "info": 0 }
}
]
}
}
]
Note: For the forward action, the info field specifies the index of the virtual port in the virt_ports list (0-based).
POST /api/v1/start
Starts the packet processing pipeline based on the current configuration. All required lcores are launched and ports are initialized.
POST /api/v1/stop
Stops the packet processing pipeline and releases all resources (lcores, rings, mempools).
GET /api/v1/stats
Retrieves statistics and metrics for all active ports.
Query Parameters:
incl_stats(boolean, default: true): Include standard interface statistics.incl_xstats(boolean, default: false): Include extended DPDK statistics.incl_metrics(boolean, default: true): Include standard and CADEN-specific metrics.
Response Example:
{
"ports": [
{
"id": 0,
"stats": [
{ "key": "ipackets", "value": 123456 },
{ "key": "opackets", "value": 654321 }
],
"metrics": [
{ "key": "mean_bits_in", "value": 15000 },
{ "key": "mean_bits_out", "value": 14995 }
]
}
]
}
Status Codes
The API returns standard HTTP status codes:
200 OK: Request successful.
400 Bad Request: Invalid configuration or parameters.
500 Internal Server Error: Error during pipeline start/stop or internal failure.
In case of an error, the response body contains detailed information:
{
"code": -2,
"message": "Invalid physical port id",
"solution": "Change physical port id"
}
Control via Web-UI#
The application can also be controlled using the CADEN-UI.
Configuration
Dashboard