… | |
… | |
2 | |
2 | |
3 | gvpe.conf - configuration file for the GNU VPE daemon |
3 | gvpe.conf - configuration file for the GNU VPE daemon |
4 | |
4 | |
5 | =head1 SYNOPSIS |
5 | =head1 SYNOPSIS |
6 | |
6 | |
7 | enable-udp = yes |
|
|
8 | udp-port = 407 |
7 | udp-port = 407 |
9 | mtu = 1492 |
8 | mtu = 1492 |
10 | ifname = vpn0 |
9 | ifname = vpn0 |
11 | |
10 | |
12 | node = branch1 |
11 | node = branch1 |
… | |
… | |
312 | (default: C<no>). This is the best choice, since the overhead per packet |
311 | (default: C<no>). This is the best choice, since the overhead per packet |
313 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
312 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
314 | |
313 | |
315 | =item enable-udp = yes|true|on | no|false|off |
314 | =item enable-udp = yes|true|on | no|false|off |
316 | |
315 | |
317 | Enable the UDPv4 transport using the C<udp-port> port (default: C<yes>, |
316 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
318 | but this will change!). This is a good general choice since UDP tunnels |
317 | unless no other protocol is enabled for a node, in which case this |
|
|
318 | protocol is enabled automatically). This is a good general choice since |
319 | well through many firewalls. |
319 | UDP tunnels well through many firewalls. |
320 | |
320 | |
321 | NOTE: Please specify C<enable-udp = yes> even though it is the default, as |
321 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
322 | some future version will have all protocols disabled by default. |
322 | it might get switched on automatically, as some future version might |
|
|
323 | default to another default protocol. |
323 | |
324 | |
324 | =item enable-tcp = yes|true|on | no|false|off |
325 | =item enable-tcp = yes|true|on | no|false|off |
325 | |
326 | |
326 | Enable the TCPv4 transport using the C<tcp-port> port |
327 | Enable the TCPv4 transport using the C<tcp-port> port |
327 | (default: C<no>). Support for this horribly unsuitable protocol is only |
328 | (default: C<no>). Support for this horribly unsuitable protocol is only |
328 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
329 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
329 | use this transport unless you really must, it is horribly ineffiecent and |
330 | use this transport unless you really must, it is horribly ineffiecent and |
330 | resource-intensive compared to the other transports. |
331 | resource-intensive compared to the other transports. |
331 | |
332 | |
332 | =item router-priority = positive-number |
333 | =item router-priority = 0 | 1 | positive-number>2 |
333 | |
334 | |
334 | Sets the router priority of the given host (default: C<0>, disabled). If |
335 | Sets the router priority of the given host (default: C<0>, disabled). If |
335 | some host tries to connect to another host without a hostname, it asks |
336 | some host tries to connect to another host without a hostname, it asks |
336 | the router host for it's IP address. The router host is the one with the |
337 | the router host for it's IP address. The router host is the one with the |
337 | highest priority that is currently reachable. Make sure all clients always |
338 | highest priority larger than C<1> that is currently reachable. |
|
|
339 | |
|
|
340 | Make sure all hosts always connect (C<connect = always>) to the router |
338 | connect to the router hosts, otherwise conencting to them is impossible. |
341 | hosts, otherwise connecting to them might be impossible. |
339 | |
342 | |
|
|
343 | The special value C<1> allows other hosts to route through the router |
|
|
344 | host, but they will never route through it by default. The value C<0> |
|
|
345 | disables routing. The idea behind this is that some hosts can, if |
|
|
346 | required, bump the C<router-priority> setting to higher than C<1> in their |
|
|
347 | local config to route through specific hosts. If C<router-priority> is |
|
|
348 | C<0>, then routing will be refused, so C<1> serves as a "enable, but do |
|
|
349 | not use by default" switch. |
|
|
350 | |
340 | =item connect = ondemand|never|always|disabled |
351 | =item connect = ondemand | never | always | disabled |
341 | |
352 | |
342 | Sets the connect mode (default: C<always>). It can be C<always> (always |
353 | Sets the connect mode (default: C<always>). It can be C<always> (always |
343 | try to establish and keep a conenction to the given host), C<never> |
354 | try to establish and keep a connection to the given host), C<never> |
344 | (nevr initiate a connection to the given host, but accept connections), |
355 | (never initiate a connection to the given host, but accept connections), |
345 | C<ondemand> (try to establish a connection on the first packet sent, and |
356 | C<ondemand> (try to establish a connection on the first packet sent, and |
346 | take it down after the keepalive interval) or C<disabled> (node is bad, |
357 | take it down after the keepalive interval) or C<disabled> (node is bad, |
347 | don't talk to it). |
358 | don't talk to it). |
348 | |
359 | |
349 | =item inherit-tos = yes|true|on | no|false|off |
360 | =item inherit-tos = yes|true|on | no|false|off |
… | |
… | |
374 | |
385 | |
375 | The default (or recommended) directory layout for the config directory is: |
386 | The default (or recommended) directory layout for the config directory is: |
376 | |
387 | |
377 | =over 4 |
388 | =over 4 |
378 | |
389 | |
379 | =item gvpe.conf |
390 | =item X<gvpe.conf> |
380 | |
391 | |
381 | The config file. |
392 | The config file. |
382 | |
393 | |
383 | =item if-up |
394 | =item X<if-up> |
384 | |
395 | |
385 | The if-up script |
396 | The if-up script |
386 | |
397 | |
387 | =item node-up, node-down |
398 | =item X<node-up>, X<node-down> |
388 | |
399 | |
389 | If used the node up or node-down scripts. |
400 | If used the node up or node-down scripts. |
390 | |
401 | |
391 | =item hostkey |
402 | =item X<hostkey> |
392 | |
403 | |
393 | The private key (taken from C<hostkeys/nodename>) of the current host. |
404 | The private key (taken from C<hostkeys/nodename>) of the current host. |
394 | |
405 | |
395 | =item pubkey/nodename |
406 | =item X<pubkey/nodename> |
396 | |
407 | |
397 | The public keys of the other nodes, one file per node. |
408 | The public keys of the other nodes, one file per node. |
398 | |
409 | |
399 | =back |
410 | =back |
400 | |
411 | |