Onepk Transport - Cisco ASR 9000 Series User Configuration Manual
Aggregation services router
Hide thumbs
Also See for ASR 9000 Series:
- Command reference manual (1138 pages) ,
- Routing configuration manual (702 pages) ,
- Reference manual (696 pages)
Table of Contents
Advertisement
OnePK Transport
• End node hosting enables applications to take advantage of industry platforms ranging from large compute
OnePK Transport
You can either use, Secure Sockets Layer (SSL) or Transport Layer Security (TLS) with onep applications
to secure communication between your applications and connected devices to avoid onep credentials being
sent over the network unencrypted.
For details about SSL, refer the Implementing SSL chapter in the Cisco ASR 9000 Series Aggregation Services
Router System Security Configuration Guide.
To use TLS:
Figure 5:
Use the transport type tls disable-remotecert-validation command for device authentication. For bidirectional
device support and oneP application authentication (client authentication), use thetransport type tls command.
When using TLS, the network device is the TLS server and is authenticated with a certificate. The certificate
must be issued by a Certification Authority (CA). It can be a private or a public certificate.
Data Path Service Set
The ONE-P Data Path Service Set (DPSS) presents a set of APIs to the end-developer. The user can work
with packets that are diverted or copied from the forwarding path of a network element, such as a switch or
router. It also enables the end-developer to re-inject diverted packets to the forwarding path of the network
element after (optional) modification or synthesize new packets and inject them.
With this service set, your application can perform the following operations on packets:
• Divert— The packet is sent to the application and does not continue on its way until the packet is returned
Note
IPv6 is not supported on DPSS for the Cisco ASR 9000 series routers.
Data Path Service Set Components
The Data Path Service Set (DPSS) is the service set used by developers to get access to packets punted or
copied from the host platform's data path. The main DPSS components are:
• The Common Flow Table (CFT), is a shared memory implementation of a flow table that provides
Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.x
266
intensive devices such as multi-cpu/multi-core servers running to compact mobile devices.
to the data path by the application. While the application is examining the packet and deciding what to
do, no other application, including the host platform itself, can do anything with the packet. The
application can modify the packet in any way it sees fit, including dropping it.
flow mapping, flow status and ways to manage application-specific flow feature objects. The CFT
Implementing OnePK
Advertisement
Table of Contents
Troubleshooting
