Digi TransPort WR31 User Manual page 430

Configure Virtual Private Networking (VPN)
Use IPSec Egroups with an SQL database
When the router uses IPSec Egroups with a SQL database for dynamic Eroute configuration, several
commands can help you configure and troubleshoot the router.
Local Database commands
As well as using an external SQL database, the router can cache the SQL table entries it learns from
the SQL server in RAM so if the SQL server goes offline for any reason, the database entries are still
available to renew existing IPSec SAs.
To configure the caching options the command is:
sql 0 <parameter> <value>.
The following parameters are available to configure the caching of database entries:
dbsrvmem <n>
This parameter sets the amount of memory (RAM) the MySQL server cache should use. <n> is
specified in multiples of 1k, such as 10Mb=10240
To calculate the amount of memory to specify in this parameter:
Note the size of the database file (.csv) that will be loaded into the router memory.
•
Double this value and add 100Kb, for example, if the .csv file is 200Kb, this would make a
•
value of 500Kb for the memory allocation. Use this command: sql 0 dbsrvmem 500.
Load the database file into memory and check the memory allocated and free using the
•
smem command. This will show the memory allocated and left available. Increase the
memory in the dbsrvmem command if required.
dbfile <name>
This is the name of the .csv file that the router will use to store the table definitions (1st line) and
data records. This file is stored in flash. The router uses it to populate the database stored in
RAM on power-up or when a new file matching this name has just been stored. The dbfile can be
populated with records or be empty except for the definitions line. The dbfile stored in RAM will
be populated from both the dbfile stored in flash and (if configured) via caching items learned
from the main SQL server. The dbfile in flash can then be updated from the dbfile in RAM and
saved.
dbname <name>
This is the name of the backup database in case the main database goes offline. This name
needs to match the database name in use on the SQL server.
learn <off|on>
When enabled, the router will cache entries learned via the main SQL database in a file stored in
RAM. You can use this file as a backup if the main SQL database going offline. To use learning
mode, at least one column in the .csv dbfile must be marked as a unique key, with the U prefix.
For example, remip is marked as the unique key:
peerip[IP],bakpeerid[IP],peerid[K20],password[20],ourid[20],remip[
UKIP],remmsk[IP]
Digi TransPort WR Routers User Guide
IPsec parameters
430