F5BigUdpSetting

The F5BigUdpSetting CR provides many option to fine-tune how Traffic Management Microkernel (TMM) handles UDP connections. Once configured and installed, the F5BigUdpSetting CR can then be referenced by one of the CNF CRs listed in the Additional CRs section below.

This document guides you through understanding, configuring and installing a simple F5BigUdpSetting CR.

CR parameters

The table below describes the CR spec parameters:

Parameter	Description
allowNoPayload	Allows UDP datagrams with no payload: true or false (default).
bufferMaxBytes	Specifies the ingress buffer byte limit: 0 to 16777215. The default is 655350.
bufferMaxPackets	Specifies the ingress buffer packet limit: 0 to 255. The default value is 0.
datagramLoadBalancing	Specifies the system load balances UDP traffic packet-by-packet and does not treat UDP packets from the same source and port as part of a connection: true or false (default).
idleTimeout	The number of seconds that a connection is idle before the connection is eligible for deletion: 0 to 4294967295. The default value is 60.
ipDFMode	Describe the outgoing packet Don't Fragment (DF) bit. Modes: pmtu - Set the packet DF big based on the ip pmtu setting. preserve - Preserve the incoming packet DF bit. set - Set the outgoing UDP packet DF bit. clear - Clear the outgoing UDP packet DF bit.
ipTOSToClient	Specifies the Type of Service level assigned to UDP packets sent to clients: 0 to 65535. The default value is 0.
linkQOSToClient	Specifies the Quality of Service level assigned to UDP packets sent to clients: 0 to 65535. The default value is 0.
ipTTLMode	Describe the outgoing packet TTL. Modes are: Proxy - Set the IPv4 TTL to 255 and IPv6 to 64. Preserve - Preserve the original IP TTL value. Decrement - Set IP TTL to original packet TTL minus 1. Set - Set IP TTL to values from ip-ttl-v4 and ip-ttl-v6 in the same profile.
ipTTLV4	Specifies the outgoing IPv4 Header TTL value when IP TTL Mode is set: 0 to 255. The default value is 225.
ipTTLV6	Specifies the outgoing IPv6 Header TTL value when IP TTL Mode is set: 0 to 255. The default value is 64.
noChecksum	Enables checksum processing: true or false (default).
proxyMSS	Enables advertising the same MSS to the server as negotiated with the client: true or false (default).
sendBufferSize	The send buffer byte limit: 536 to 16777215. The default value is 655350.

CR Example

apiVersion: k8s.f5net.com/v1
kind: F5BigUdpSetting
metadata:
  name: "cnf-udp-profile"
  namespace: "cnf-gateway"
spec:
  datagramLoadBalancing: true
  sendBufferSize: 15000000

CR shortName

CR shortNames provide an easy way to view installed CRs, and their configuration parameters. The CR shortName can also be used to delete the CR instance. The F5BigUdpSetting CR shortName is udpset.

View CR instance:

oc get udpset -n <namespace>

View CR configuration:

oc get udpset -n <namespace> -o yaml

Default profile

After installing the BIG-IP Controller, a default F5BigUdpSetting CR is created in each new namespace. In this example, a default F5BigUdpSetting CR exists in the cnf-gateway namespace:

oc get f5-big-udp-settings -n cnf-gateway

NAME
sys-default-udp

Requirements

Ensure you have:

• Installed the BIG-IP Controller.
• A Linux based workstation.

Installation

Use the steps below to install the F5BigUcpSetting CR.

1. The example F5BigUcpSetting CR modifies the datagramLoadbalancing and sendBufferSize parameters. Copy and paste the example into a YAML file:

   apiVersion: k8s.f5net.com/v1
   kind: F5BigUdpSetting
   metadata:
     name: "cnf-udp-profile"
     namespace: "cnf-gateway"
   spec:
     datagramLoadBalancing: true
     sendBufferSize: 15000000
   

2. Install the F5BigUdpSetting CR:

   oc apply -f cnf-udp-cr.yaml
   

   In this example, the BIG-IP Controller logs indicate the F5BigUdpSetting CR was added/updated:

   I0202 12:00:00.12349   1 event.go:282 Event(v1.ObjectReference{Kind:"F5UdpSetting",
   UdpSetting cnf-gateway/udp-client was added/updated
   

3. The example F5BigContextSecure CR listens for connections destined to IP addresses in the 2002::200:200:200:0/112 subnet, using the udp protocol, and only on the subscriber-vlan interface. The CR also references the F5BigTcpsettings profile. Copy and paste the example into a YAML file:

   apiVersion: k8s.f5net.com/v1
   kind: F5BigContextSecure
   metadata:
     name: "cnf-context"
     namespace: "cnf-gateway"
   spec:
      ipv6destinationAddress: "2002::200:200:200:0/112"
      destinationPort: 0
      ipProtocol: "udp"
      profile: "udp"
      udpSettings:
        clientSide: "cnf-udp-optimize"
        serverSide: "cnf-udp-optimize"
      vlans:
        vlanList:
          - "subscriber-vlan"
   

4. Install the F5BigContextSecure CR:

   oc apply -f f5-cnf-context.yaml
   

   In this example, the BIG-IP Controller logs indicate the F5BigContextSecure CR was added/updated:

   I0202 12:00:00:12350    1 event.go:282] Event(v1.ObjectReference{Kind:"F5SecureContext",
   SecureContext cnf-gateway/cnf-context was added/updated
   

5. The TMM Proxy Pod can now process application traffic using the F5BigUdpSetting CR.

Additional CRs

The F5BigTcpSetting CR can be references by the CNF CRs listed below:

• F5BigContextSecure - Full proxy TCP and UDP application layer gateway services.
• F5BigDnsApp - High-performance DNS resolution, caching, and DNS64 translations.

Feedback

Provide feedback to improve this document by emailing cnfdocs@f5.com.