| … | |
… | |
| 116 | get request timeouts. The default of C<8> means that the DNS transport |
116 | get request timeouts. The default of C<8> means that the DNS transport |
| 117 | will resend the request when no reply has been received for longer than |
117 | will resend the request when no reply has been received for longer than |
| 118 | eight times the minimum (= expected) latency, assuming the request or |
118 | eight times the minimum (= expected) latency, assuming the request or |
| 119 | reply has been lost. |
119 | reply has been lost. |
| 120 | |
120 | |
| 121 | For congested links a higher value might be necessary (e.g. C<30>). If the |
121 | For congested links a higher value might be necessary (e.g. C<30>). If |
| 122 | link is very stable lower values (e.g. C<2>) might work nicely. Values |
122 | the link is very stable lower values (e.g. C<2>) might work |
| 123 | near or below C<1> makes no sense whatsoever. |
123 | nicely. Values near or below C<1> makes no sense whatsoever. |
| 124 | |
124 | |
| 125 | The default should be working ok for most links. |
125 | The default should be working ok for most links but will result in low |
|
|
126 | throughput if packet loss is high. |
| 126 | |
127 | |
| 127 | =item if-up = relative-or-absolute-path |
128 | =item if-up = relative-or-absolute-path |
| 128 | |
129 | |
| 129 | Sets the path of a script that should be called immediately after the |
130 | Sets the path of a script that should be called immediately after the |
| 130 | network interface is initialized (but not neccessarily up). The following |
131 | network interface is initialized (but not neccessarily up). The following |
| … | |
… | |
| 372 | |
373 | |
| 373 | =head2 NODE SPECIFIC SETTINGS |
374 | =head2 NODE SPECIFIC SETTINGS |
| 374 | |
375 | |
| 375 | The following settings are node-specific, that is, every node can have |
376 | The following settings are node-specific, that is, every node can have |
| 376 | different settings, even within the same gvpe instance. Settings that are |
377 | different settings, even within the same gvpe instance. Settings that are |
| 377 | executed before the first node section set the defaults, settings that are |
378 | set before the first node section set the defaults, settings that are |
| 378 | executed within a node section only apply to the given node. |
379 | set within a node section only apply to the given node. |
| 379 | |
380 | |
| 380 | =over 4 |
381 | =over 4 |
|
|
382 | |
|
|
383 | =item allow-direct = nodename |
|
|
384 | |
|
|
385 | Allow direct connections to this node. See C<deny-direct> for more info. |
| 381 | |
386 | |
| 382 | =item compress = yes|true|on | no|false|off |
387 | =item compress = yes|true|on | no|false|off |
| 383 | |
388 | |
| 384 | Wether to compress data packets sent to this host (default: C<yes>). |
389 | Wether to compress data packets sent to this host (default: C<yes>). |
| 385 | Compression is really cheap even on slow computers and has no size |
390 | Compression is really cheap even on slow computers and has no size |
| … | |
… | |
| 388 | =item connect = ondemand | never | always | disabled |
393 | =item connect = ondemand | never | always | disabled |
| 389 | |
394 | |
| 390 | Sets the connect mode (default: C<always>). It can be C<always> (always |
395 | Sets the connect mode (default: C<always>). It can be C<always> (always |
| 391 | try to establish and keep a connection to the given host), C<never> |
396 | try to establish and keep a connection to the given host), C<never> |
| 392 | (never initiate a connection to the given host, but accept connections), |
397 | (never initiate a connection to the given host, but accept connections), |
| 393 | C<ondemand> (try to establish a connection on the first packet sent, and |
398 | C<ondemand> (try to establish a connection when there are outstanding |
| 394 | take it down after the keepalive interval) or C<disabled> (node is bad, |
399 | packets in the queue and take it down after the keepalive interval) or |
| 395 | don't talk to it). |
400 | C<disabled> (node is bad, don't talk to it). |
|
|
401 | |
|
|
402 | =item deny-direct = nodename | * |
|
|
403 | |
|
|
404 | Deny direct connections to the specified node (or all nodes when C<*> |
|
|
405 | is given). Only one node can be specified, but you can use multiple |
|
|
406 | C<allow-direct> and C<deny-direct> statements. This only makes sense in |
|
|
407 | networks with routers, as routers are required for indirect connections. |
|
|
408 | |
|
|
409 | Sometimes, a node cannot reach some other nodes for reasons of network |
|
|
410 | connectivity. For example, a node behind a firewall that only allows |
|
|
411 | conenctions to/from a single other node in the network. In this case one |
|
|
412 | should specify C<deny-direct = *> and C<allow-direct = othernodename> (the other |
|
|
413 | node I<must> be a router for this to work). |
|
|
414 | |
|
|
415 | The algorithm to check wether a connection may be direct is as follows: |
|
|
416 | |
|
|
417 | 1. Other node mentioned in a C<allow-direct>? If yes, allow the connection. |
|
|
418 | |
|
|
419 | 2. Other node mentioned in a C<deny-direct>? If yes, deny direct connections. |
|
|
420 | |
|
|
421 | 3. Allow the connection. |
|
|
422 | |
|
|
423 | That is, C<allow-direct> takes precedence over C<deny-direct>. |
|
|
424 | |
|
|
425 | The check is done in both directions, i.e. both nodes must allow a direct |
|
|
426 | connection before one is attempted, so you only need to specify connect |
|
|
427 | limitations on one node. |
| 396 | |
428 | |
| 397 | =item dns-domain = domain-suffix |
429 | =item dns-domain = domain-suffix |
| 398 | |
430 | |
| 399 | The DNS domain suffix that points to the DNS tunnel server for this node. |
431 | The DNS domain suffix that points to the DNS tunnel server for this node. |
| 400 | |
432 | |
| … | |
… | |
| 459 | protocol is enabled automatically). |
491 | protocol is enabled automatically). |
| 460 | |
492 | |
| 461 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
493 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
| 462 | it might get switched on automatically, as some future version might |
494 | it might get switched on automatically, as some future version might |
| 463 | default to another default protocol. |
495 | default to another default protocol. |
|
|
496 | |
|
|
497 | =item hostname = hostname | ip [can not be defaulted] |
|
|
498 | |
|
|
499 | Forces the address of this node to be set to the given dns hostname or ip |
|
|
500 | address. It will be resolved before each connect request, so dyndns should |
|
|
501 | work fine. If this setting is not specified and a router is available, |
|
|
502 | then the router will be queried for the address of this node. Otherwise, |
|
|
503 | the connection attempt will fail. |
| 464 | |
504 | |
| 465 | =item icmp-type = integer |
505 | =item icmp-type = integer |
| 466 | |
506 | |
| 467 | Sets the type value to be used for outgoing (and incoming) packets sent |
507 | Sets the type value to be used for outgoing (and incoming) packets sent |
| 468 | via the ICMP transport. |
508 | via the ICMP transport. |
| … | |
… | |
| 489 | retries to establish a connection to this node. When a connection cannot |
529 | retries to establish a connection to this node. When a connection cannot |
| 490 | be established, gvpe uses exponential backoff capped at this value. It's |
530 | be established, gvpe uses exponential backoff capped at this value. It's |
| 491 | sometimes useful to set this to a much lower value (e.g. C<120>) on |
531 | sometimes useful to set this to a much lower value (e.g. C<120>) on |
| 492 | connections to routers that usually are stable but sometimes are down, to |
532 | connections to routers that usually are stable but sometimes are down, to |
| 493 | assure quick reconnections even after longer downtimes. |
533 | assure quick reconnections even after longer downtimes. |
|
|
534 | |
|
|
535 | =item max-ttl = seconds |
|
|
536 | |
|
|
537 | Expire packets that couldn't be sent after this many seconds |
|
|
538 | (default: C<60>). Gvpe will normally queue packets for a node without an |
|
|
539 | active connection, in the hope of establishing a connection soon. This |
|
|
540 | value specifies the maximum lifetime a packet will stay in the queue, if a |
|
|
541 | packet gets older, it will be thrown away. |
|
|
542 | |
|
|
543 | =item max-queue = positive-number |
|
|
544 | |
|
|
545 | The maximum number of packets that will be queued (default: C<512>) |
|
|
546 | for this node. If more packets are sent then earlier packets will be |
|
|
547 | expired. See C<max-ttl>, above. |
| 494 | |
548 | |
| 495 | =item router-priority = 0 | 1 | positive-number>=2 |
549 | =item router-priority = 0 | 1 | positive-number>=2 |
| 496 | |
550 | |
| 497 | Sets the router priority of the given host (default: C<0>, disabled). If |
551 | Sets the router priority of the given host (default: C<0>, disabled). If |
| 498 | some host tries to connect to another host without a hostname, it asks |
552 | some host tries to connect to another host without a hostname, it asks |
