| … | |
… | |
| 343 | but for the DNS tunnel protocol only. Default: C<0.0.0.0>, but that might |
343 | but for the DNS tunnel protocol only. Default: C<0.0.0.0>, but that might |
| 344 | change. |
344 | change. |
| 345 | |
345 | |
| 346 | =item dns-port = port-number |
346 | =item dns-port = port-number |
| 347 | |
347 | |
| 348 | The port to bind the DNS tunnel socket to. Must be C<0> on all DNS tunnel |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
| 349 | clients and C<53> on the server. |
|
|
| 350 | |
349 | |
| 351 | =item enable-dns = yes|true|on | no|false|off |
350 | =item enable-dns = yes|true|on | no|false|off |
| 352 | |
351 | |
| 353 | Enable the DNS tunneling protocol on this node, either as server |
352 | Enable the DNS tunneling protocol on this node, either as server or as |
| 354 | C<dns-port != 0> or as client C<dns-port == 0> (both at the same time is |
353 | client (only available when gvpe was compiled with C<--enable-dns>). |
| 355 | not possible at the moment). |
354 | |
|
|
355 | B<WARNING:> Parsing and generating DNS packets is rather tricky. The code |
|
|
356 | almost certainly contains buffer overflows and other, likely exploitable, |
|
|
357 | bugs. You have been warned. |
|
|
358 | |
|
|
359 | This is the worst choice of transport protocol with respect to overhead |
|
|
360 | (overhead can be 2-3 times higher than the transferred data), and probably |
|
|
361 | the best choice when tunneling through firewalls. |
| 356 | |
362 | |
| 357 | =item enable-rawip = yes|true|on | no|false|off |
363 | =item enable-rawip = yes|true|on | no|false|off |
| 358 | |
364 | |
| 359 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
365 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
| 360 | (default: C<no>). This is the best choice, since the overhead per packet |
366 | (default: C<no>). This is the best choice, since the minimum overhead per |
| 361 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
367 | packet is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
| 362 | |
368 | |
| 363 | =item enable-tcp = yes|true|on | no|false|off |
369 | =item enable-tcp = yes|true|on | no|false|off |
| 364 | |
370 | |
| 365 | Enable the TCPv4 transport using the C<tcp-port> port |
371 | Enable the TCPv4 transport using the C<tcp-port> port |
| 366 | (default: C<no>). Support for this horribly unsuitable protocol is only |
372 | (default: C<no>). Support for this horribly unsuitable protocol is only |
| 367 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
373 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
| 368 | use this transport unless you really must, it is horribly ineffiecent and |
374 | use this transport unless you really must, it is very inefficient and |
| 369 | resource-intensive compared to the other transports. |
375 | resource-intensive compared to the other transports (except for DNS, which |
|
|
376 | is worse). |
| 370 | |
377 | |
| 371 | =item enable-udp = yes|true|on | no|false|off |
378 | =item enable-udp = yes|true|on | no|false|off |
| 372 | |
379 | |
| 373 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
380 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
| 374 | unless no other protocol is enabled for a node, in which case this |
381 | unless no other protocol is enabled for a node, in which case this |
| … | |
… | |
| 386 | outgoing tunnel packets will have the same TOS setting as the packets sent |
393 | outgoing tunnel packets will have the same TOS setting as the packets sent |
| 387 | to the tunnel device, which is usually what you want. |
394 | to the tunnel device, which is usually what you want. |
| 388 | |
395 | |
| 389 | =item max-retry = positive-number |
396 | =item max-retry = positive-number |
| 390 | |
397 | |
| 391 | The maximum interval in seconds (default: C<28800>, 8 hours) between |
398 | The maximum interval in seconds (default: C<3600>, one hour) between |
| 392 | retries to establish a connection to this node. When a connection cannot |
399 | retries to establish a connection to this node. When a connection cannot |
| 393 | be established, gvpe uses exponential backoff capped at this value. It's |
400 | be established, gvpe uses exponential backoff capped at this value. It's |
| 394 | sometimes useful to set this to a much lower value (e.g. C<120>) on |
401 | sometimes useful to set this to a much lower value (e.g. C<120>) on |
| 395 | connections to routers that usually are stable but sometimes are down, to |
402 | connections to routers that usually are stable but sometimes are down, to |
| 396 | assure quick reconnections. |
403 | assure quick reconnections even after longer downtimes. |
| 397 | |
404 | |
| 398 | =item router-priority = 0 | 1 | positive-number>2 |
405 | =item router-priority = 0 | 1 | positive-number>=2 |
| 399 | |
406 | |
| 400 | Sets the router priority of the given host (default: C<0>, disabled). If |
407 | Sets the router priority of the given host (default: C<0>, disabled). If |
| 401 | some host tries to connect to another host without a hostname, it asks |
408 | some host tries to connect to another host without a hostname, it asks |
| 402 | the router host for it's IP address. The router host is the one with the |
409 | the router host for it's IP address. The router host is the one with the |
| 403 | highest priority larger than C<1> that is currently reachable. |
410 | highest priority larger than C<1> that is currently reachable. |
