--- gvpe/doc/gvpe.conf.5.pod 2005/03/06 18:34:46 1.6 +++ gvpe/doc/gvpe.conf.5.pod 2005/03/17 22:28:53 1.11 @@ -324,8 +324,7 @@ =item dns-domain = domain-suffix -The DNS domain suffix that points to the DNS tunnel server. Needs to be -set on both client and server. +The DNS domain suffix that points to the DNS tunnel server for this node. The domain must point to a NS record that points to the I, i.e. @@ -346,34 +345,60 @@ =item dns-port = port-number -The port to bind the DNS tunnel socket to. Must be C<0> on all DNS tunnel -clients and C<53> on the server. +The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. + +=item enable-dns = yes|true|on | no|false|off + +See gvpe.protocol(7) for a description of the DNS transport +protocol. Avoid this protocol if you can. + +Enable the DNS tunneling protocol on this node, either as server or as +client. Support for this transport protocol is only available when gvpe +was compiled using the C<--enable-dns> option. + +=item enable-icmp = yes|true|on | no|false|off + +See gvpe.protocol(7) for a description of the ICMP transport protocol. + +Enable the ICMP transport using icmp packets of type C on this +node. =item enable-rawip = yes|true|on | no|false|off +See gvpe.protocol(7) for a description of the RAW IP transport protocol. + Enable the RAW IPv4 transport using the C protocol -(default: C). This is the best choice, since the overhead per packet -is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). +(default: C). =item enable-tcp = yes|true|on | no|false|off +See gvpe.protocol(7) for a description of the TCP transport protocol. + Enable the TCPv4 transport using the C port -(default: C). Support for this horribly unsuitable protocol is only -available when gvpe was compiled using the C<--enable-tcp> option. Never -use this transport unless you really must, it is horribly ineffiecent and -resource-intensive compared to the other transports. +(default: C). Support for this transport protocol is only available +when gvpe was compiled using the C<--enable-tcp> option. =item enable-udp = yes|true|on | no|false|off +See gvpe.protocol(7) for a description of the UDP transport protocol. + Enable the UDPv4 transport using the C port (default: C, unless no other protocol is enabled for a node, in which case this -protocol is enabled automatically). This is a good general choice since -UDP tunnels well through many firewalls. +protocol is enabled automatically). NOTE: Please specify C if you want t use it even though it might get switched on automatically, as some future version might default to another default protocol. +=item icmp-type = integer + +Sets the type value to be used for outgoing (and incoming) packets sent +via the ICMP transport. + +The default is C<0> (which is C, also known as +"ping-replies"). Other useful values include C<8> (C, a.k.a. +"ping") and C<11> (C), but any 8-bit value can be used. + =item inherit-tos = yes|true|on | no|false|off Wether to inherit the TOS settings of packets sent to the tunnel when @@ -383,14 +408,14 @@ =item max-retry = positive-number -The maximum interval in seconds (default: C<28800>, 8 hours) between +The maximum interval in seconds (default: C<3600>, one hour) between retries to establish a connection to this node. When a connection cannot be established, gvpe uses exponential backoff capped at this value. It's sometimes useful to set this to a much lower value (e.g. C<120>) on connections to routers that usually are stable but sometimes are down, to -assure quick reconnections. +assure quick reconnections even after longer downtimes. -=item router-priority = 0 | 1 | positive-number>2 +=item router-priority = 0 | 1 | positive-number>=2 Sets the router priority of the given host (default: C<0>, disabled). If some host tries to connect to another host without a hostname, it asks