Summary
This chapter describes installation or upgrade of Traffic Dictator, and basic configuration to enable network connectivity.
Traffic Dictator is supplied in 2 forms: (1) Docker container; (2) Virtual machine. Please check the relevant section for installation instructions.
TD quick start with Containerlab
To quickly run a pre-configured topology of Traffic Dictator with Cisco XRd or Arista cEOS in Containerlab environment, check the following guide:
https://vegvisir.ie/2024/06/11/traffic-dictator-quick-start-with-containerlab/
Install or upgrade Traffic Dictator container
Download the image from https://vegvisir.ie/downloads/, upload to your host that runs containers.
Load the image to Docker:
sudo docker load -i traffic-dictator-1.1.tar.gz
Verify the image has been imported correctly:
dima@container-lab:~$ sudo docker images REPOSITORY TAG IMAGE ID CREATED SIZE traffic_dictator 1.1 24cbb5dc47b1 2 hours ago 1.56GB
Then there are multiple ways to run the container.
If you have an existing configuration, or upgrading from an older version, run the container with provided config, for example:
sudo docker run --name traffic-dictator --hostname TD1 -v /home/dima/TD_config_ISIS:/usr/local/td/startup-config --privileged -d traffic_dictator:1.1
Alternatively, run TD with default config:
sudo docker run --name traffic-dictator --hostname TD1 --privileged -d traffic_dictator:1.1
If you want TD to use host networking:
sudo docker run --name traffic-dictator --hostname TD1 --privileged --network=host -d traffic_dictator:1.1
Verify the container runs:
dima@container-lab:~$ sudo docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5d5baa0db4c4 traffic_dictator:1.1 "/sbin/init" 6 seconds ago Up 5 seconds 22/tcp, 80/tcp, 179/tcp, 443/tcp traffic-dictator
Wait for 2-3 minutes after the container started so that all processes can start correctly.
Connect to container:
sudo docker exec -ti traffic-dictator /bin/bash
Verify that TD is running:
root@TD1:/# systemctl status td ● td.service - Vegvisir Systems Traffic Dictator Loaded: loaded (/etc/systemd/system/td.service; enabled; preset: enabled) Active: active (running) since Wed 2024-06-05 11:14:52 UTC; 4s ago Docs: https://vegvisir.ie/ Main PID: 10620 (traffic_dictato) Tasks: 3 (limit: 10834) Memory: 2.6M CPU: 8ms CGroup: /system.slice/td.service ├─10620 /bin/bash /usr/local/td/traffic_dictator_start.sh ├─10622 /usr/local/td/td_policy_engine └─10623 /bin/sleep 5 Jun 05 11:14:52 TD1 systemd[1]: Started td.service - Vegvisir Systems Traffic Dictator. Jun 05 11:14:52 TD1 traffic_dictator_start.sh[10620]: Requested Traffic Dictator start Jun 05 11:14:52 TD1 traffic_dictator_start.sh[10620]: Starting Policy Engine... Jun 05 11:14:52 TD1 traffic_dictator_start.sh[10622]: Policy engine started at: 2024-06-05 11:14:52.522
Connect to CLI:
root@TD1:/# tdcli ### Welcome to the Traffic Dictator CLI! ### TD1#
Alternatively, you can connect to TD CLI directly when connecting to Docker container:
sudo docker exec -ti traffic-dictator tdcli
Configure container networking
TD uses IP addresses configured on the container. Docker by default allocates IP addresses from 172.17.0.0/16 subnet and your container will get one of those addresses. It is possible to add more interfaces using Docker CLI, e.g. :
sudo docker network create net1 sudo docker network connect net1 traffic-dictator
This will create a new network net1, connect TD to this network and assign an IP address from configured range. Container orchestration tools like Kubernetes use their own networking modules.
From inside the container, you can use the regular linux ip commands such as “ip address add”, “ip route add” etc to manage networking.
Containerlab configuration
To connect Traffic Dictator to Container-lab as an external container, add this to .clab.yml file (replace with your IP addresses and interface names).
topology: nodes: # other nodes traffic-dictator: kind: ext-container exec: - ip address add 192.168.0.1/24 dev eth1 - ip -6 address add 2001:192::1/64 dev eth1 links: # other endpoints - endpoints: ["R1:Gi0-0-0-3", "traffic-dictator:eth1"]
Alternatively, if you run the container with “–network=host” argument, it will use IP addresses of your host.
Export relevant data from docker container
For system backup, software upgrade or troubleshooting you might want to export some files from container.
Export startup-config:
sudo docker cp traffic-dictator:/usr/local/td/startup-config TD_config.txt
Export logs:
sudo docker exec traffic-dictator sh -c 'tar cvf /tmp/TD_logs.tar /var/log/traffic_dictator.log*' && sudo docker cp traffic-dictator:/tmp/TD_logs.tar TD_logs.tar
Export historic show techs:
sudo docker exec traffic-dictator sh -c 'tar cvf /tmp/historic_show_tech.tar /usr/local/td/tech-support' && sudo docker cp traffic-dictator:/tmp/historic_show_tech.tar historic_show_tech.tar
Install or upgrade Traffic Dictator VM
TBD
Install licenses
Commercial deployment of TD requires an active license. It also includes technical support. Without a license, all functionality is available but the scale is limited to 50 policies, which should be sufficient for evaluation and studying.
To install a license obtained from Vegvísir Systems, add the following config using TD CLI:
root@TD1:/# tdcli ### Welcome to the Traffic Dictator CLI! ### TD1#configure TD1(config)#management licenses TD1(config-mgmt-licenses)#license general TD1(config-mgmt-licenses-general)#key <your license key>
Verify the license has been installed:
TD1#show logging | grep license ... 2024-06-20 08:47:51,251 TD1 INFO: Policy-engine: Received license update 2024-06-20 08:47:51,251 TD1 INFO: Policy-server: Activated license for company Vegvisir Systems, valid until 2025-12-31 TD1#sh ver Traffic Dictator by Vegvisir Systems Software version: 1.1 Image build date: 2024-06-20 System start time: June 20, 2024 08:29:18 Uptime: 2 hours, 4 minutes, 13 seconds Documentation: https://vegvisir.ie/documentation/ Support: support@vegvisir.ie Installed license: Company name: Vegvisir Systems Valid until: 2025-12-31
Note: if you have configured more than 50 policies without a valid license and then installed a license, run “clear traffic-eng *” to recalculate all inactive policies.
Verify TD health status
Run “show tech-support” to collect all diagnostics information about current TD instance.
show tech-support | gzip > /usr/local/td/show-tech-$HOSTNAME-$(date +%m_%d.%H%M).gz
Copy generated tech-support file from container to host:
sudo docker cp traffic-dictator:/usr/local/td/show-tech-TD1-06_05.1135.gz show-tech-TD1-06_05.1135.gz
Advanced networking configuration
While Traffic Dictator has a BGP daemon, it is used to collect network topology information and install SR-TE policies, so TD relies on system configuration for underlay networking. For advanced deployments it is possible to install a routing daemon such as FRR in a container or VM.
Install FRR:
apt-get install frr systemctl enable frr systemctl start frr
Add a static route:
root@TD1:/# vtysh Hello, this is FRRouting (version 8.4.4). Copyright 1996-2005 Kunihiro Ishiguro, et al. TD1# configure terminal TD1(config)# ip route 10.0.0.0/24 192.168.0.101
Verify routing:
TD1# show ip route --- S>* 10.0.0.0/24 [1/0] via 192.168.0.101, eth1, weight 1, 00:03:15 root@TD1:/# ip route ls --- 10.0.0.0/24 nhid 10 via 192.168.0.101 dev eth1 proto static metric 20
Similarly, it is possible to use dynamic routing protocols such as OSPF or BGP to provide underlay connectivity between TD and the network.