| … | |
… | |
| 69 | |
69 | |
| 70 | =item dns-forw-port = port-number |
70 | =item dns-forw-port = port-number |
| 71 | |
71 | |
| 72 | The port where the C<dns-forw-host> is to be contacted (default: C<53>, |
72 | The port where the C<dns-forw-host> is to be contacted (default: C<53>, |
| 73 | which is fine in most cases). |
73 | which is fine in most cases). |
|
|
74 | |
|
|
75 | =item dns-max-outstanding = integer-number-of-requests |
|
|
76 | |
|
|
77 | The maximum number of outstanding DNS transport requests |
|
|
78 | (default: C<100>). GVPE will never issue more requests then the given |
|
|
79 | limit without receiving replies. In heavily overloaded situations it might |
|
|
80 | help to set this to a low number (e.g. C<3> or even C<1>) to limit the |
|
|
81 | number of parallel requests. |
|
|
82 | |
|
|
83 | The default should be working ok for most links. |
|
|
84 | |
|
|
85 | =item dns-overlap-factor = float |
|
|
86 | |
|
|
87 | The DNS transport uses the minimum request latency (B<min_latency>) seen |
|
|
88 | during a connection as it's timing base. This factor (default: C<0.5>, |
|
|
89 | must be > 0) is multiplied by B<min_latency> to get the maximum sending |
|
|
90 | rate (= minimum send interval), i.e. a factor of C<1> means that a new |
|
|
91 | request might be generated every B<min_latency> seconds, which means on |
|
|
92 | average there should only ever be one outstanding request. A factor of |
|
|
93 | C<0.5> means that GVPE will send requests twice as often as the minimum |
|
|
94 | latency measured. |
|
|
95 | |
|
|
96 | For congested or picky dns forwarders you could use a value nearer to or |
|
|
97 | exceeding C<1>. |
|
|
98 | |
|
|
99 | The default should be working ok for most links. |
|
|
100 | |
|
|
101 | =item dns-send-interval = send-interval-in-seconds |
|
|
102 | |
|
|
103 | The minimum send interval (= maximum rate) that the DNS transport will |
|
|
104 | use to send new DNS requests. GVPE will not exceed this rate even when |
|
|
105 | the latency is very low. The default is C<0.01>, which means GVPE will |
|
|
106 | not send more than 100 DNS requests per connection per second. For |
|
|
107 | high-bandwidth links you could go lower, e.g. to C<0.001> or so. For |
|
|
108 | congested or rate-limited links, you might want to go higher, say C<0.1>, |
|
|
109 | C<0.2> or even higher. |
|
|
110 | |
|
|
111 | The default should be working ok for most links. |
|
|
112 | |
|
|
113 | =item dns-timeout-factor = float |
|
|
114 | |
|
|
115 | Factor to multiply the C<min_latency> (see C<dns-overlap-factor>) by to |
|
|
116 | get request timeouts. The default of C<8> means that the DNS transport |
|
|
117 | will resend the request when no reply has been received for longer than |
|
|
118 | eight times the minimum (= expected) latency, assuming the request or |
|
|
119 | reply has been lost. |
|
|
120 | |
|
|
121 | For congested links a higher value might be necessary (e.g. C<30>). If the |
|
|
122 | link is very stable lower values (e.g. C<2>) might work nicely. Values |
|
|
123 | near or below C<1> makes no sense whatsoever. |
|
|
124 | |
|
|
125 | The default should be working ok for most links. |
| 74 | |
126 | |
| 75 | =item if-up = relative-or-absolute-path |
127 | =item if-up = relative-or-absolute-path |
| 76 | |
128 | |
| 77 | Sets the path of a script that should be called immediately after the |
129 | Sets the path of a script that should be called immediately after the |
| 78 | network interface is initialized (but not neccessarily up). The following |
130 | network interface is initialized (but not neccessarily up). The following |
| … | |
… | |
| 347 | |
399 | |
| 348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
400 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
| 349 | |
401 | |
| 350 | =item enable-dns = yes|true|on | no|false|off |
402 | =item enable-dns = yes|true|on | no|false|off |
| 351 | |
403 | |
|
|
404 | See gvpe.protocol(7) for a description of the DNS transport |
|
|
405 | protocol. Avoid this protocol if you can. |
|
|
406 | |
| 352 | Enable the DNS tunneling protocol on this node, either as server or as |
407 | Enable the DNS tunneling protocol on this node, either as server or as |
| 353 | client (only available when gvpe was compiled with C<--enable-dns>). |
408 | client. Support for this transport protocol is only available when gvpe |
|
|
409 | was compiled using the C<--enable-dns> option. |
| 354 | |
410 | |
| 355 | This is the worst choice of transport protocol with respect to overhead |
411 | =item enable-icmp = yes|true|on | no|false|off |
| 356 | (overhead cna be 2-3 times higher than the transferred data), and probably |
412 | |
| 357 | the best choice when tunneling through firewalls. |
413 | See gvpe.protocol(7) for a description of the ICMP transport protocol. |
|
|
414 | |
|
|
415 | Enable the ICMP transport using icmp packets of type C<icmp-type> on this |
|
|
416 | node. |
| 358 | |
417 | |
| 359 | =item enable-rawip = yes|true|on | no|false|off |
418 | =item enable-rawip = yes|true|on | no|false|off |
| 360 | |
419 | |
|
|
420 | See gvpe.protocol(7) for a description of the RAW IP transport protocol. |
|
|
421 | |
| 361 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
422 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
| 362 | (default: C<no>). This is the best choice, since the minimum overhead per |
423 | (default: C<no>). |
| 363 | packet is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
|
|
| 364 | |
424 | |
| 365 | =item enable-tcp = yes|true|on | no|false|off |
425 | =item enable-tcp = yes|true|on | no|false|off |
| 366 | |
426 | |
|
|
427 | See gvpe.protocol(7) for a description of the TCP transport protocol. |
|
|
428 | |
| 367 | Enable the TCPv4 transport using the C<tcp-port> port |
429 | Enable the TCPv4 transport using the C<tcp-port> port |
| 368 | (default: C<no>). Support for this horribly unsuitable protocol is only |
430 | (default: C<no>). Support for this transport protocol is only available |
| 369 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
431 | when gvpe was compiled using the C<--enable-tcp> option. |
| 370 | use this transport unless you really must, it is very inefficient and |
|
|
| 371 | resource-intensive compared to the other transports (except for DNS, which |
|
|
| 372 | is worse). |
|
|
| 373 | |
432 | |
| 374 | =item enable-udp = yes|true|on | no|false|off |
433 | =item enable-udp = yes|true|on | no|false|off |
|
|
434 | |
|
|
435 | See gvpe.protocol(7) for a description of the UDP transport protocol. |
| 375 | |
436 | |
| 376 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
437 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
| 377 | unless no other protocol is enabled for a node, in which case this |
438 | unless no other protocol is enabled for a node, in which case this |
| 378 | protocol is enabled automatically). This is a good general choice since |
439 | protocol is enabled automatically). |
| 379 | UDP tunnels well through many firewalls. |
|
|
| 380 | |
440 | |
| 381 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
441 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
| 382 | it might get switched on automatically, as some future version might |
442 | it might get switched on automatically, as some future version might |
| 383 | default to another default protocol. |
443 | default to another default protocol. |
|
|
444 | |
|
|
445 | =item icmp-type = integer |
|
|
446 | |
|
|
447 | Sets the type value to be used for outgoing (and incoming) packets sent |
|
|
448 | via the ICMP transport. |
|
|
449 | |
|
|
450 | The default is C<0> (which is C<echo-reply>, also known as |
|
|
451 | "ping-replies"). Other useful values include C<8> (C<echo-request>, a.k.a. |
|
|
452 | "ping") and C<11> (C<time-exceeded>), but any 8-bit value can be used. |
| 384 | |
453 | |
| 385 | =item inherit-tos = yes|true|on | no|false|off |
454 | =item inherit-tos = yes|true|on | no|false|off |
| 386 | |
455 | |
| 387 | Wether to inherit the TOS settings of packets sent to the tunnel when |
456 | Wether to inherit the TOS settings of packets sent to the tunnel when |
| 388 | sending packets to this node (default: C<yes>). If set to C<yes> then |
457 | sending packets to this node (default: C<yes>). If set to C<yes> then |
