nfd: 0.4.0 release
This commit includes a new daemon package (ndn-autoconfig-client).
Also fixes #5, #6, #7, #8, #13
Change-Id: Ib51f12ea1d2bd78cd7f30a7c0018353bdf37e466
diff --git a/nfd/debian/nfd.conf b/nfd/debian/nfd.conf
index bc93199..a3232d7 100644
--- a/nfd/debian/nfd.conf
+++ b/nfd/debian/nfd.conf
@@ -28,7 +28,6 @@
;
; Run:
; nfd --modules
- ; nrd --modules
;
; Or look for NFD_LOG_INIT(<module name>) statements in .cpp files
;
@@ -45,15 +44,42 @@
; ContentStore size limit in number of packets
; default is 65536, about 500MB with 8KB packet size
cs_max_packets 65536
+
+ ; Set the forwarding strategy for the specified prefixes:
+ ; <prefix> <strategy>
+ strategy_choice
+ {
+ / /localhost/nfd/strategy/best-route
+ /localhost /localhost/nfd/strategy/multicast
+ /localhost/nfd /localhost/nfd/strategy/best-route
+ /ndn/broadcast /localhost/nfd/strategy/multicast
+ }
+
+ ; Declare network region names
+ ; These are used for mobility support. An Interest carrying a Link object is
+ ; assumed to have reached the producer region if any delegation name in the
+ ; Link object is a prefix of any region name.
+ network_region
+ {
+ ; /example/region1
+ ; /example/region2
+ }
}
; The face_system section defines what faces and channels are created.
face_system
{
- ; The unix section contains settings of UNIX stream faces and channels.
+ ; The unix section contains settings of Unix stream faces and channels.
+ ; Unix channel is always listening; delete unix section to disable
+ ; Unix stream faces and channels.
+ ;
+ ; The ndn-cxx library expects unix:///var/run/nfd.sock
+ ; to be used as the default transport option. Please change
+ ; the "transport" field in client.conf to an appropriate tcp4 FaceUri
+ ; if you need to disable unix sockets.
unix
{
- path /var/run/nfd.sock ; UNIX stream listener path
+ path /var/run/nfd.sock ; Unix stream listener path
}
; The tcp section contains settings of TCP faces and channels.
@@ -72,28 +98,73 @@
port 6363 ; UDP unicast port number
enable_v4 yes ; set to 'no' to disable IPv4 channels, default 'yes'
enable_v6 yes ; set to 'no' to disable IPv6 channels, default 'yes'
- idle_timeout 600 ; idle time (seconds) before closing a UDP unicast face
+
+ ; idle time (seconds) before closing a UDP unicast face, the actual timeout would be
+ ; anywhere within [idle_timeout, 2*idle_timeout), default is 600
+ idle_timeout 600
+
keep_alive_interval 25; interval (seconds) between keep-alive refreshes
; UDP multicast settings
; NFD creates one UDP multicast face per NIC
+ ;
+ ; In multi-homed Linux machines these settings will NOT work without
+ ; root or settings the appropriate permissions:
+ ;
+ ; sudo setcap cap_net_raw=eip /full/path/nfd
+ ;
mcast yes ; set to 'no' to disable UDP multicast, default 'yes'
mcast_port 56363 ; UDP multicast port number
mcast_group 224.0.23.170 ; UDP multicast group (IPv4 only)
}
; The ether section contains settings of Ethernet faces and channels.
+ ; These settings will NOT work without root or setting the appropriate
+ ; permissions:
+ ;
+ ; sudo setcap cap_net_raw,cap_net_admin=eip /full/path/nfd
+ ;
+ ; You may need to install a package to use setcap:
+ ;
+ ; **Ubuntu:**
+ ;
+ ; sudo apt-get install libcap2-bin
+ ;
+ ; **Mac OS X:**
+ ;
+ ; curl https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3373 -o ChmodBPF.tar.gz
+ ; tar zxvf ChmodBPF.tar.gz
+ ; open ChmodBPF/Install\ ChmodBPF.app
+ ;
+ ; or manually:
+ ;
+ ; sudo chgrp admin /dev/bpf*
+ ; sudo chmod g+rw /dev/bpf*
+
ether
{
; Ethernet multicast settings
; NFD creates one Ethernet multicast face per NIC
+
mcast yes ; set to 'no' to disable Ethernet multicast, default 'yes'
mcast_group 01:00:5E:00:17:AA ; Ethernet multicast group
}
+
+ ; The websocket section contains settings of WebSocket faces and channels.
+
+ websocket
+ {
+ listen yes ; set to 'no' to disable WebSocket listener, default 'yes'
+ port 9696 ; WebSocket listener port number
+ enable_v4 yes ; set to 'no' to disable listening on IPv4 socket, default 'yes'
+ enable_v6 yes ; set to 'no' to disable listening on IPv6 socket, default 'yes'
+ }
}
+; The authorizations section grants privileges to authorized keys.
authorizations
{
+ ; An authorize section grants privileges to a NDN certificate.
authorize
{
certfile certs/localhost_daemons_nfd.ndncert
@@ -114,6 +185,19 @@
strategy-choice
}
}
+
+ ; You may have multiple authorize sections that specify additional
+ ; certificates and their privileges.
+
+ ; authorize
+ ; {
+ ; certfile keys/this_cert_does_not_exist.ndncert
+ ; authorize
+ ; privileges
+ ; {
+ ; faces
+ ; }
+ ; }
}
rib
@@ -160,7 +244,8 @@
; filter
; {
; type name ; condition on interest name (w/o signature)
- ; regex ^[<localhop><localhost>]<nfd><rib>[<register><unregister>]<>{3}$
+ ; regex ^[<localhop><localhost>]<nfd><rib>[<register><unregister>]<>$ ; prefix before
+ ; ; timestamp
; }
; checker
; {
@@ -202,7 +287,7 @@
; ; file-name keys/ndn-testbed.ndncert
; ; }
; }
- ;
+
; The following localhop_security should be enabled when NFD runs on a hub,
; which accepts all remote registrations and is a short-term solution.
; localhop_security
@@ -213,14 +298,19 @@
; }
; }
- remote_register
+ auto_prefix_propagate
{
cost 15 ; forwarding cost of prefix registered on remote router
- timeout 10000 ; timeout (in milliseconds) of remote prefix registration command
- retry 0 ; maximum number of retries for each remote prefix registration command
+ timeout 10000 ; timeout (in milliseconds) of prefix registration command for propagation
- refresh_interval 300 ; interval (in seconds) before refreshing the registration
+ refresh_interval 300 ; interval (in seconds) before refreshing the propagation
; This setting should be less than face_system.udp.idle_time,
; so that the face is kept alive on the remote router.
+
+ base_retry_wait 50 ; base wait time (in seconds) before retrying propagation
+ max_retry_wait 3600 ; maximum wait time (in seconds) before retrying propagation
+ ; for consequent retries, the wait time before each retry is calculated based on the back-off
+ ; policy. Initially, the wait time is set to base_retry_wait, then it will be doubled for every
+ ; retry unless beyond the max_retry_wait, in which case max_retry_wait is set as the wait time.
}
}