1 .. This work is licensed under a Creative Commons Attribution 4.0 International
3 .. http://creativecommons.org/licenses/by/4.0
4 .. (c) OPNFV, National Center of Scientific Research "Demokritos" and others.
6 =========================================================
8 =========================================================
13 This is a beta release for Sample Virtual Firewall VNF.
14 This vFW can application can be run independently (refer INSTALL.rst).
18 Refer to README.rst for further details on vFW, HLD, features supported, test
19 plan. For build configurations and execution requisites please refer to
22 Feature for this release
23 ===========================
24 This release supports following features as part of vFW
26 - Basic packet filtering (malformed packets, IP fragments)
27 - Connection tracking for TCP and UDP
28 - Access Control List for rule based policy enforcement
29 - SYN-flood protection via Synproxy* for TCP
30 - UDP, TCP and ICMP protocol pass-through
31 - CLI based enable/disable connection tracking, synproxy, basic packet
33 - L2L3 stack support for ARP/ICMP handling
34 - ARP (request, response, gratuitous)
35 - ICMP (terminal echo, echo response, passthrough)
36 - ICMPv6 and ND (Neighbor Discovery)
37 - Hardware and Software Load Balancing
39 - Multiple physical port support
41 System requirements - OS and kernel version
42 ==============================================
43 This is supported on Ubuntu 14.04 and Ubuntu 16.04 and kernel version less than 4.5
45 VNFs on BareMetal support:
46 OS: Ubuntu 14.04 or 16.04 LTS
48 http://releases.ubuntu.com/16.04/
49 Download/Install the image: ubuntu-16.04.1-server-amd64.iso
51 VNFs on Standalone Hypervisor:
52 HOST OS: Ubuntu 14.04 or 16.04 LTS
53 http://releases.ubuntu.com/16.04/
54 Download/Install the image: ubuntu-16.04.1-server-amd64.iso
59 - VM OS - Ubuntu 16.04/Ubuntu 14.04
61 Known Bugs and limitations
62 =============================
64 - Hadware Load Balancer feature is supported on fortville nic FW version 4.53 and below.
65 - Hardware Checksum offload is not supported for IPv6 traffic.
66 - vFW on sriov is tested upto 4 threads
67 - Http Multiple clients/server with HWLB is not working
71 Following would be possible enhancement functionalities
73 - Automatic enable/disable of synproxy
74 - Support TCP timestamps with synproxy
76 - Performance optimization on different platforms
80 Following links provides additional information for differenet version of DPDKs
83 http://dpdk.org/doc/guides-16.04/linux_gsg/quick_start.html
84 http://dpdk.org/doc/guides-16.11/linux_gsg/quick_start.html
85 http://dpdk.org/doc/guides-17.02/linux_gsg/quick_start.html
86 http://dpdk.org/doc/guides-17.05/linux_gsg/quick_start.html
89 http://dpdk.org/doc/guides-16.04/prog_guide/index.html
90 http://dpdk.org/doc/guides-16.11/prog_guide/index.html
91 http://dpdk.org/doc/guides-17.02/prog_guide/index.html
92 http://dpdk.org/doc/guides-17.05/prog_guide/index.html