System Configuration

System component configuration is under the top level system object in /etc/flockd/flockd.json

"system": {
    "api": {}
}

The system JSON object must exist, and the child api object must exist but can be empty.

Netlink Receive API Configuration

The Netlink Receive API listens for Netlink events generated by the Linux Kernel. The API listens to NETLINK_ROUTE events, which include:

Interface add, update or delete
IP address add or delete
Kernel route add or delete

The Netlink Receive API is configured using the netlink_recv JSON object. The netlink_recv object is optional. If the object is not specified or if the object value is set to false the Netlink Receive API will not be started.

"system": {
    "api": {
        "netlink_recv": true,
    }
},

Operations REST API Configuration

The Operations REST API is used to view flockd internal state. It is a 'read only' API. By design state can be viewed but cannot be changed using this API.

The Operations REST API is configured using the rest_api JSON object. The rest_api object is optional. If the object is not specified the Operations REST API will not be started.

This configuration will bind to all local IPv6 addresses.

"system": {
    "api": {
        "rest": {
            "bind_ip_addr": "::"
        }
    }
},

This configuration will bind to only the loopback IPv6 address. The Operations REST API will not be available from outside of the router.

"system": {
    "api": {
        "rest": {
            "bind_ip_addr": "::1"
        }
    }
},

By default a Linux host will operate as an IPv4/IPv6 dual stack node, meaning IPv4 requests will be serviced. If you only want to service IPv6 requests please see Bind IPv6 Only

This configuration will bind to all local IPv4 addresses.

"system": {
    "api": {
        "rest": {
            "bind_ip_addr": "0.0.0.0"
        }
    }
},

This configuration will bind to only the loopback IPv4 address. The Operations REST API will not be available from outside of the router.

"system": {
    "api": {
        "rest": {
            "bind_ip_addr": "127.0.0.1"
        }
    }
},

Filtering interfaces in system component

System component receives interfaces from the Linux kernel. Interfaces not used by any routing component can be filtered out at the system component level by using intf_denylist JSON object.

This configuration will ignore interface eth0 and all interfaces starting with en:

"system": {
    ...
    "intf_denylist": [
        # Specify the entire interface name i.e. "eth0"
        # or use ^ to match the start of interface names
        #   e.g. "^en" will match all interfaces that start with "en"
        # Multiple interface names and patterns can be used
        "eth0",
        "^en"
    ]
},

The intf_denylist object is optional. If it is not specified, all interfaces present in kernel will also be present in system component. The filtered out interfaces will not be present in the flockc system -i command output.

User Guide: Flock Networks Routing Suite 21.0.0 [Copyright 2020 - 2021]

System Configuration

Netlink Receive API Configuration

Operations REST API Configuration

Filtering interfaces in system component