# # Digital Voice Modem - Conference FNE Software Configuration # # Flag indicating whether the host will run as a background or foreground task. daemon: true # # Logging Configuration # Logging Levels: # 1 - Debug # 2 - Informational # 3 - Warning # 4 - Error # 5 - Fatal # log: # Console display logging level (used when in foreground). displayLevel: 1 # File logging level. fileLevel: 1 # Full path for the directory to store the log files. filePath: . # Flag indicating file logs should be sent to syslog instead of a file. useSyslog: false # Full path for the directory to store the activity log files. activityFilePath: . # Log filename prefix. fileRoot: DVM # # Master # (This is the endpoint that downstream peers connect to for this FNE instance.) # master: # Network Peer ID # NOTE: This ID is a uniquely identifying number. It *MUST* be a unique number across any networks this FNE # instance connects to. Failure to use a unique number *WILL* cause network issues. peerId: 9000100 # Hostname/IP address to listen on (blank for all). address: 0.0.0.0 # Port number to listen on. # NOTE: This port number includes itself for traffic, and master port + 1 for diagnostics and activity logging. (For # example, a master port of 62031 will use 62032 for diagnostic and activity messages.) port: 62031 # FNE access password. password: RPT1234 # Flag indicating whether or not verbose logging is enabled. verbose: true # Flag indicating whether or not verbose debug logging is enabled. debug: false # # High Availability # ha: # Flag indicating high availability advertisements are enabled. enable: false # WAN IP address of this FNE master. # This IP address is advertised to the network as a globally WAN accessible IP. advertisedWANAddress: 1.2.3.4 # WAN port for this FNE master. # This port is advertised to the network as a globally WAN accessible port. advertisedWANPort: 62031 # Flag indicating whether or not denied traffic will be logged. # (This is useful for debugging talkgroup rules and other ACL issues, but can be very noisy on a busy system.) logDenials: false # Flag indicating whether or not calls start/end events from a upstream peer will be logged. logUpstreamCallStartEnd: true # Maximum number of concurrent packet processing workers. workers: 16 # Maximum permitted connections (hard maximum is 250 peers). connectionLimit: 100 # Flag indicating whether or not the peer spanning tree is enabled. # NOTE: This should not be disabled. Disabling this can cause network loops # and other issues in a multi-peer FNE network. enableSpanningTree: true # Flag indicating whether or not spanning tree changes will be logged. logSpanningTreeChanges: false # Flag indicating whether or not the spanning tree allows fast peer reconnects. # (This is mainly useful for a peer announcing the same master to reconnect rapidly, inbetween # spanning tree updates.) spanningTreeFastReconnect: true # Flag indicating whether or not peer pinging will be reported. reportPeerPing: true # Flag indicating whether or not master endpoint networking is encrypted. encrypted: false # AES-256 32-byte Preshared Key # (This field *must* be 32 hex bytes in length or 64 characters # 0 - 9, A - F.) presharedKey: "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F" # Flag indicating whether or not DMR traffic will be passed. allowDMRTraffic: true # Flag indicating whether or not P25 traffic will be passed. allowP25Traffic: true # Flag indicating whether or not NXDN traffic will be passed. allowNXDNTraffic: true # Flag indicating whether or not analog traffic will be passed. allowAnalogTraffic: false # Flag indicating whether packet data will be passed. disablePacketData: false # Flag indicating whether verbose dumping of data packets is enabled. dumpPacketData: false # Flag indicating whether verbose logging of data packet operations is enabled. verbosePacketData: false # Delay from when a call on a parrot TG ends to when the playback starts (in milliseconds). parrotDelay: 2000 # Flag indicating whether or not a parrot TG call will generate a grant demand. parrotGrantDemand: true # Flag indicating whether or not a parrot TG call will only be sent to the originating peer. parrotOnlyToOrginiatingPeer: false # Flag indicating whether or not P25 OTAR KMF services are enabled. kmfServicesEnabled: false # Port number to listen on for P25 OTAR KMF services. kmfOtarPort: 64414 # Flag indicating whether or not verbose debug logging for P25 OTAR KMF services is enabled. kmfDebug: false # Amount of time in seconds for a call collision to last before switching over the source of a call. callCollisionTimeout: 5 # Flag indicating whether or not a grant responses will only be sent to TGs with affiliations, if the TG is configured for affiliation gating. restrictGrantToAffiliatedOnly: false # Flag indicating whether or not a private call will only be routed to the network peers the RID registers with. restrictPrivateCallToRegOnly: false # Flag indicating whether or not a adjacent site broadcasts will pass to any peers. disallowAdjStsBcast: false # Flag indicating whether or not a P25 ADJ_STS_BCAST will pass to connected external peers. disallowExtAdjStsBcast: true # Flag indicating whether or not a conventional site can override affiliation rules. allowConvSiteAffOverride: true # Flag indicating whether or not In-Call Control feedback is enabled. disallowInCallCtrl: false # Flag indicating whether or not RID ACL In-Call Control feedback is enabled. # (This will enforce RID ACLs network wide, regardless of local peer RID ACL setting.) enableRIDInCallCtrl: false # Flag indicating whether or not unknown/undefined RIDs will be rejected by the FNE. # (This is a strict rejection, any unknown or undefined RID not in the RID ACL list will be hard rejected.) rejectUnknownRID: false # Flag indicating whether or not a TDULC call terminations will pass to any peers. disallowCallTerm: false # Flag indicating whether or not the FNE will mask all outbound traffic to use the FNE's own peer ID. # (This is useful for FNEs that are public facing, and the originating traffic peer ID should be masked.) maskOutboundPeerID: false # Flag indicating whether or not the FNE will mask only non-Peer-Link outbound traffic to use the FNE's own peer ID. # (This is useful for networked FNEs that are have a mix of connections, and the originating traffic peer ID to non-Peer-Link FNEs should be masked.) maskOutboundPeerIDForNonPeerLink: false # Flag indicating that P25 terminators will be filtered by destination ID (i.e. valid RID or valid TGID). filterTerminators: true # Flag indicating the FNE will drop all inbound Unit-to-Unit calls. disallowAllUnitToUnit: false # List of peers that unit to unit calls are dropped for. dropUnitToUnit: [] # Flag indicating whether or not InfluxDB logging and metrics recording is enabled. enableInflux: false # Hostname/IP address of the InfluxDB instance to connect to. influxServerAddress: 127.0.0.1 # Port number of the InfluxDB instance to connect to. influxServerPort: 8086 # API Token to access the InfluxDB instance API. influxServerToken: "APITOKEN" # Organization Name on InfluxDB instance API. influxOrg: "dvm" # Data Bucket Name on InfluxDB instance API. influxBucket: "dvm" # Flag indicating whether TSBK/CSBK/RCCH messages will be logged to InfluxDB. influxLogRawData: false # # Crypto Container Configuration # crypto_container: # Flag indicating whether or not crypto services are enabled. enable: false # Full path to the KFDtool crypto container file. file: key_container.ekc # Container password. password: "PASSWORD" # Amount of time between updates of crypto container file. (minutes) time: 30 # # Talkgroup Rules Configuration # talkgroup_rules: # Full path to the talkgroup rules file. file: talkgroup_rules.yml # Amount of time between updates of talkgroup rules file. (minutes) time: 30 # # Adj. Site Map Configuration # adj_site_map: # Full path to the Adj. Site Map file. file: adj_site_map.yml # Amount of time between updates of Adj. Site Map file. (minutes) time: 30 # # Upstream FNE Neighbor Peering # (This is the list of connections to upstream FNEs this FNE instance should be connected to.) # peers: - name: MASTERFNE # Flag indicating whether or not the peer is enabled. enable: true # Hostname/IP address of the FNE master to connect to. masterAddress: 127.0.0.1 # Port number of the FNE master to connect to. masterPort: 32090 # FNE access password. password: RPT1234 # Network Peer ID of this peer on the upstream FNE master. peerId: 9000990 # Flag indicating whether or not peer endpoint networking is encrypted. encrypted: false # AES-256 32-byte Preshared Key # (This field *must* be 32 hex bytes in length or 64 characters # 0 - 9, A - F.) presharedKey: "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F" # Latitude. latitude: 0.0 # Longitude. longitude: 0.0 # Textual location for this host. location: Anywhere, USA # Flag indicating whether or not verbose debug logging is enabled. debug: false # # System Configuration # system: # Textual identity of this FNE (this is used when peering with upstream FNEs). identity: MASTERFNE # Time in seconds between pings to peers. pingTime: 5 # Maximum number of missable pings before a peer is considered disconnected. maxMissedPings: 10 # Time in minutes between updates of the ACL rules. aclRuleUpdateTime: 10 # Flag indicating the TGID information for this master will be sent to its peers. sendTalkgroups: true # Flag indicating when this FNE instance receives peer link configuration updates, it will save those # peer link configurations. peerLinkSaveACL: false # Flag indicating whether or not the host diagnostic log will be sent to the network. allowDiagnosticTransfer: true # Flag indicating whether or not REST API is enabled. restEnable: false # IP address of the network interface to listen for REST API on (or 0.0.0.0 for all). restAddress: 127.0.0.1 # Port number for REST API to listen on. restPort: 9990 # Flag indicating whether or not REST API is operating in SSL mode. restSsl: false # HTTPS/TLS certificate. restSslCertificate: web.crt # HTTPS/TLS key file. restSslKey: web.key # REST API authentication password. restPassword: "PASSWORD" # Flag indicating whether or not verbose REST API debug logging is enabled. restDebug: false # # Radio ID ACL Configuration # radio_id: # Full path to the Radio ID ACL file. file: rid_acl.dat # Amount of time between updates of Radio ID ACL file. (minutes) time: 2 # # Peer ACL configuration # peer_acl: # Flag indicating whether or not the peer ACLs are enabled. enable: false # Full path to the peer ACL file. file: peer_list.dat # Amount of time between updates of peer ACL file. (minutes) time: 2 # # Packet Data Virtual Network Tunnel Configuration # vtun: # Flag indicating the virtual network tunnel is enabled. # (If this is enabled, dvmfne must be run as root to create the TUN interface.) enable: false # Operational mode for the network tunnel (dmr or p25). digitalMode: p25 # Kernel Interface Name interfaceName: fne0 # IP address of the tunnel network interface address: 192.168.1.254 # Netmask of the tunnel network interface netmask: 255.255.255.0 # Broadcast address of the tunnel network interface broadcast: 192.168.1.255