… | |
… | |
322 | take it down after the keepalive interval) or C<disabled> (node is bad, |
322 | take it down after the keepalive interval) or C<disabled> (node is bad, |
323 | don't talk to it). |
323 | don't talk to it). |
324 | |
324 | |
325 | =item dns-domain = domain-suffix |
325 | =item dns-domain = domain-suffix |
326 | |
326 | |
327 | The DNS domain suffix that points to the DNS tunnel server. Needs to be |
327 | The DNS domain suffix that points to the DNS tunnel server for this node. |
328 | set on both client and server. |
|
|
329 | |
328 | |
330 | The domain must point to a NS record that points to the I<dns-hostname>, |
329 | The domain must point to a NS record that points to the I<dns-hostname>, |
331 | i.e. |
330 | i.e. |
332 | |
331 | |
333 | dns-domainname = tunnel.example.net |
332 | dns-domainname = tunnel.example.net |
… | |
… | |
344 | but for the DNS tunnel protocol only. Default: C<0.0.0.0>, but that might |
343 | but for the DNS tunnel protocol only. Default: C<0.0.0.0>, but that might |
345 | change. |
344 | change. |
346 | |
345 | |
347 | =item dns-port = port-number |
346 | =item dns-port = port-number |
348 | |
347 | |
349 | The port to bind the DNS tunnel socket to. Must be C<0> on all DNS tunnel |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
350 | clients and C<53> on the server. |
349 | |
|
|
350 | =item enable-dns = yes|true|on | no|false|off |
|
|
351 | |
|
|
352 | Enable the DNS tunneling protocol on this node, either as server or as |
|
|
353 | client (only available when gvpe was compiled with C<--enable-dns>). |
|
|
354 | |
|
|
355 | This is the worst choice of transport protocol with respect to overhead |
|
|
356 | (overhead cna be 2-3 times higher than the transferred data), and probably |
|
|
357 | the best choice when tunneling through firewalls. |
351 | |
358 | |
352 | =item enable-rawip = yes|true|on | no|false|off |
359 | =item enable-rawip = yes|true|on | no|false|off |
353 | |
360 | |
354 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
361 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
355 | (default: C<no>). This is the best choice, since the overhead per packet |
362 | (default: C<no>). This is the best choice, since the minimum overhead per |
356 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
363 | packet is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
357 | |
364 | |
358 | =item enable-tcp = yes|true|on | no|false|off |
365 | =item enable-tcp = yes|true|on | no|false|off |
359 | |
366 | |
360 | Enable the TCPv4 transport using the C<tcp-port> port |
367 | Enable the TCPv4 transport using the C<tcp-port> port |
361 | (default: C<no>). Support for this horribly unsuitable protocol is only |
368 | (default: C<no>). Support for this horribly unsuitable protocol is only |
362 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
369 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
363 | use this transport unless you really must, it is horribly ineffiecent and |
370 | use this transport unless you really must, it is very inefficient and |
364 | resource-intensive compared to the other transports. |
371 | resource-intensive compared to the other transports (except for DNS, which |
|
|
372 | is worse). |
365 | |
373 | |
366 | =item enable-udp = yes|true|on | no|false|off |
374 | =item enable-udp = yes|true|on | no|false|off |
367 | |
375 | |
368 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
376 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
369 | unless no other protocol is enabled for a node, in which case this |
377 | unless no other protocol is enabled for a node, in which case this |
… | |
… | |
381 | outgoing tunnel packets will have the same TOS setting as the packets sent |
389 | outgoing tunnel packets will have the same TOS setting as the packets sent |
382 | to the tunnel device, which is usually what you want. |
390 | to the tunnel device, which is usually what you want. |
383 | |
391 | |
384 | =item max-retry = positive-number |
392 | =item max-retry = positive-number |
385 | |
393 | |
386 | The maximum interval in seconds (default: C<28800>, 8 hours) between |
394 | The maximum interval in seconds (default: C<3600>, one hour) between |
387 | retries to establish a connection to this node. When a connection cannot |
395 | retries to establish a connection to this node. When a connection cannot |
388 | be established, gvpe uses exponential backoff capped at this value. It's |
396 | be established, gvpe uses exponential backoff capped at this value. It's |
389 | sometimes useful to set this to a much lower value (e.g. C<120>) on |
397 | sometimes useful to set this to a much lower value (e.g. C<120>) on |
390 | connections to routers that usually are stable but sometimes are down, to |
398 | connections to routers that usually are stable but sometimes are down, to |
391 | assure quick reconnections. |
399 | assure quick reconnections even after longer downtimes. |
392 | |
400 | |
393 | =item router-priority = 0 | 1 | positive-number>2 |
401 | =item router-priority = 0 | 1 | positive-number>=2 |
394 | |
402 | |
395 | Sets the router priority of the given host (default: C<0>, disabled). If |
403 | Sets the router priority of the given host (default: C<0>, disabled). If |
396 | some host tries to connect to another host without a hostname, it asks |
404 | some host tries to connect to another host without a hostname, it asks |
397 | the router host for it's IP address. The router host is the one with the |
405 | the router host for it's IP address. The router host is the one with the |
398 | highest priority larger than C<1> that is currently reachable. |
406 | highest priority larger than C<1> that is currently reachable. |