RDK Resources
[*RDK Preferred*]
Code Management Facility
RDK Forums
[RDK Conferences]
RDK Support
Archives
Papers & Presentations Archive
...
Configuring the DHCP Server
L2 on board switches
Setting up the iptables
Process Monitors
Configuring MultiLan interfaces and creating bridges
Creating multiple VLans for isolating/securing the traffic across interfaces
Gliffy Diagramdrawio | |||||||
---|---|---|---|---|---|---|---|
|
Figure 1 - High level architecture of Utopia module
...
Utopia is a package with multiple independent utilities. These utilities are launched through a startup sequence using shell scripts.
Few of the sub components within componentswithin Utopia are:
Utopia also contains Open Source Utilities like brctl, vconfig, dropbear, dibbler, ifconfig, iptables, ip rule, ip route, ebtables, portmap and so onswctl.
Utopia also contains swctl:
...
As described in the previous section Utopia is launched and initialised through a set of shell scripts. This section details the scripts and the initialisation sequence.
draw.io Diagram | ||||||
---|---|---|---|---|---|---|
| ||||||
Gliffy Diagram | ||||||
|
Figure 2 - Utopia Initialization Sequence Diagram
...
Utility | Description | Reference |
---|---|---|
brctl | It is a tool used to configure Ethernet bridge (Network Bridging) | https://linux.die.net/man/8/brctl |
vconfig | It allows user to create and remove vlan-devices on a vlan enabled kernel. Vlan-devices are virtual Ethernet devices which represents the virtual lans on the physical lan. | https://linux.die.net/man/8/vconfig |
dropbear | It is a lightweight SSH2 server designed to be small enough to be used in small memory environments, while still being functional and secure enough. | |
dibbler | It is an implementation of DHCPv6 Server/Client | http://klub.com.pl/dhcpv6/ |
ifconfig | Utility used to configure a network interface | https://linux.die.net/man/8/ifconfig |
iptables | Administration tool for IPv4 packet filtering and NAT | https://linux.die.net/man/8/iptables |
ip rule | Utility used to manipulate rules in the routing policy database control the route selection algorithm | http://man7.org/linux/man-pages/man8/ip-rule.8.html |
ip route | Utility used to manipulate routing tables | http://linux-ip.net/html/tools-ip-route.html |
ebtables | It is an application program used to set up and maintain the tables of rules (inside the Linux kernel) that inspect Ethernet frames. It is analogous to the iptables application, but less complicated, due to the fact that the Ethernet protocol is much simpler than the IP protocol. | https://linux.die.net/man/8/ebtables |
portmap | It is a server that converts RPC program numbers into DARPA protocol port numbers. It must be running in order to make RPC calls. | https://linux.die.net/man/8/portmap |
Syscfg_create executable creates shared memory with user configuration data (/nvram/syscfg.db). This is present in the code base at the location /ccsp/utopia/source/syscfg
Apply_system_defaults executable reads the data from system_defaults file (path: /etc/utopia/system_defaults) and compares with syscfg.db, in case of any data is missing in syscfg, those defaults are written in to shared memory. On start of any module, data is read from the shared memory during initialization.
...
walled garden | Walled garden is used to restrict internet for devices prior to activation. Once the activation is completed, the device downloads a walled garden config file and the internet is provisioned. | https://www.computerhope.com/jargon/w/walled-garden.htm |
---|---|---|
igd | Internet Gateway Device (IGD) Standardized Device Control Protocol[1] is a protocol for mapping ports in network address translation (NAT) setups, supported by some NAT-enabled routers. It is a common communications protocol for automatically configuring port forwarding, and is part of an ISO/IEC Standard rather than an Internet Engineering Task Force standard. | https://en.wikipedia.org/wiki/Internet_Gateway_Device_Protocol |
HNAP | The Home Network Administration Protocol (HNAP) is an HTTP-Simple Object Access Protocol (SOAP)-based protocol that can be implemented inside of network devices to allow advanced programmatic configuration and management by remote entities. | HNAP |
Syscfg_create executable creates shared memory with user configuration data (/nvram/syscfg.db). This is present in the code base at the location /ccsp/utopia/source/syscfg
draw.io Diagram | ||||
---|---|---|---|---|
|
Apply_system_defaults executable reads the data from system_defaults file (path: /etc/utopia/system_defaults) and compares with syscfg.db, in case of any data is missing in syscfg, those defaults are written in to shared memory. On start of any module, data is read from the shared memory during initialization.
If syscfg.db does not exists (e.g in case of factory reset) apply_system_default executable writes all default data on to shared memory and syscfg_commit() gets called which in turn creates syscfg.db.
syscfg variable definations are defined under utopia(syscfg_lib.c file).
/nvram/syscfg.db, is a database of all the syscfg variables info. when ever we set a value using "syscfg set" the value will be updated in syscfg.db file.
Panel |
---|
Examples: syscfg get wan_physical_ifname Note: The RDK data model naming convention prefix was changed in March 2020 to “X_RDK_”. We request you use the new prefix going forward. |
Gw_prov_utopia exe calls Init script. Init script executes all executables present in /etc/utopia/registration.d/ directory. 10_firewall exe is responsible for firewall events and it registers for sysevent callback with service name as firewall. Handler script is firewall_log_handle.sh. If any firewall event occurs sysevent is triggered with firewall-restart event name.
draw.io Diagram diagramName firewall initialization process flow.drawio revision 1
Firewall Initialization Process
draw.io Diagram diagramName firewall initialization process 2.drawio revision 1
On firewall-restart event service_start() method gets called. Ip4table and Ip6table rules are prepared by reading data from shared memory, written into /tmp/.ipt and /tmp/.ipt_v6 files respectively. Iptable rules are restored using these files.
...
draw.io Diagram diagramName EXAMPLE SET FLOW FOR PC URL 1.drawio revision 1
Example set flow for PC URL