ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/doc/gvpe.conf.5
(Generate patch)

Comparing gvpe/doc/gvpe.conf.5 (file contents):
Revision 1.7 by pcg, Sun Mar 6 18:34:46 2005 UTC vs.
Revision 1.12 by pcg, Wed Mar 23 17:03:58 2005 UTC

127.\} 127.\}
128.rm #[ #] #H #V #F C 128.rm #[ #] #H #V #F C
129.\" ======================================================================== 129.\" ========================================================================
130.\" 130.\"
131.IX Title "GVPE.CONF 5" 131.IX Title "GVPE.CONF 5"
132.TH GVPE.CONF 5 "2005-03-06" "1.8" "GNU Virtual Private Ethernet" 132.TH GVPE.CONF 5 "2005-03-23" "1.8" "GNU Virtual Private Ethernet"
133.SH "NAME" 133.SH "NAME"
134gvpe.conf \- configuration file for the GNU VPE daemon 134gvpe.conf \- configuration file for the GNU VPE daemon
135.SH "SYNOPSIS" 135.SH "SYNOPSIS"
136.IX Header "SYNOPSIS" 136.IX Header "SYNOPSIS"
137.Vb 3 137.Vb 3
202(default: \f(CW127.0.0.1\fR, changing it is highly recommended). 202(default: \f(CW127.0.0.1\fR, changing it is highly recommended).
203.IP "dns-forw-port = port-number" 4 203.IP "dns-forw-port = port-number" 4
204.IX Item "dns-forw-port = port-number" 204.IX Item "dns-forw-port = port-number"
205The port where the \f(CW\*(C`dns\-forw\-host\*(C'\fR is to be contacted (default: \f(CW53\fR, 205The port where the \f(CW\*(C`dns\-forw\-host\*(C'\fR is to be contacted (default: \f(CW53\fR,
206which is fine in most cases). 206which is fine in most cases).
207.IP "dns-max-outstanding = integer-number-of-requests" 4
208.IX Item "dns-max-outstanding = integer-number-of-requests"
209The maximum number of outstanding \s-1DNS\s0 transport requests
210(default: \f(CW100\fR). \s-1GVPE\s0 will never issue more requests then the given
211limit without receiving replies. In heavily overloaded situations it might
212help to set this to a low number (e.g. \f(CW3\fR or even \f(CW1\fR) to limit the
213number of parallel requests.
214.Sp
215The default should be working ok for most links.
216.IP "dns-overlap-factor = float" 4
217.IX Item "dns-overlap-factor = float"
218The \s-1DNS\s0 transport uses the minimum request latency (\fBmin_latency\fR) seen
219during a connection as it's timing base. This factor (default: \f(CW0.5\fR,
220must be > 0) is multiplied by \fBmin_latency\fR to get the maximum sending
221rate (= minimum send interval), i.e. a factor of \f(CW1\fR means that a new
222request might be generated every \fBmin_latency\fR seconds, which means on
223average there should only ever be one outstanding request. A factor of
224\&\f(CW0.5\fR means that \s-1GVPE\s0 will send requests twice as often as the minimum
225latency measured.
226.Sp
227For congested or picky dns forwarders you could use a value nearer to or
228exceeding \f(CW1\fR.
229.Sp
230The default should be working ok for most links.
231.IP "dns-send-interval = send-interval-in-seconds" 4
232.IX Item "dns-send-interval = send-interval-in-seconds"
233The minimum send interval (= maximum rate) that the \s-1DNS\s0 transport will
234use to send new \s-1DNS\s0 requests. \s-1GVPE\s0 will not exceed this rate even when
235the latency is very low. The default is \f(CW0.01\fR, which means \s-1GVPE\s0 will
236not send more than 100 \s-1DNS\s0 requests per connection per second. For
237high-bandwidth links you could go lower, e.g. to \f(CW0.001\fR or so. For
238congested or rate-limited links, you might want to go higher, say \f(CW0.1\fR,
239\&\f(CW0.2\fR or even higher.
240.Sp
241The default should be working ok for most links.
242.IP "dns-timeout-factor = float" 4
243.IX Item "dns-timeout-factor = float"
244Factor to multiply the \f(CW\*(C`min_latency\*(C'\fR (see \f(CW\*(C`dns\-overlap\-factor\*(C'\fR) by to
245get request timeouts. The default of \f(CW8\fR means that the \s-1DNS\s0 transport
246will resend the request when no reply has been received for longer than
247eight times the minimum (= expected) latency, assuming the request or
248reply has been lost.
249.Sp
250For congested links a higher value might be necessary (e.g. \f(CW30\fR). If the
251link is very stable lower values (e.g. \f(CW2\fR) might work nicely. Values
252near or below \f(CW1\fR makes no sense whatsoever.
253.Sp
254The default should be working ok for most links.
207.IP "if-up = relative-or-absolute-path" 4 255.IP "if-up = relative-or-absolute-path" 4
208.IX Item "if-up = relative-or-absolute-path" 256.IX Item "if-up = relative-or-absolute-path"
209Sets the path of a script that should be called immediately after the 257Sets the path of a script that should be called immediately after the
210network interface is initialized (but not neccessarily up). The following 258network interface is initialized (but not neccessarily up). The following
211environment variables are passed to it (the values are just examples): 259environment variables are passed to it (the values are just examples):
429\&\f(CW\*(C`ondemand\*(C'\fR (try to establish a connection on the first packet sent, and 477\&\f(CW\*(C`ondemand\*(C'\fR (try to establish a connection on the first packet sent, and
430take it down after the keepalive interval) or \f(CW\*(C`disabled\*(C'\fR (node is bad, 478take it down after the keepalive interval) or \f(CW\*(C`disabled\*(C'\fR (node is bad,
431don't talk to it). 479don't talk to it).
432.IP "dns-domain = domain-suffix" 4 480.IP "dns-domain = domain-suffix" 4
433.IX Item "dns-domain = domain-suffix" 481.IX Item "dns-domain = domain-suffix"
434The \s-1DNS\s0 domain suffix that points to the \s-1DNS\s0 tunnel server. Needs to be 482The \s-1DNS\s0 domain suffix that points to the \s-1DNS\s0 tunnel server for this node.
435set on both client and server.
436.Sp 483.Sp
437The domain must point to a \s-1NS\s0 record that points to the \fIdns-hostname\fR, 484The domain must point to a \s-1NS\s0 record that points to the \fIdns-hostname\fR,
438i.e. 485i.e.
439.Sp 486.Sp
440.Vb 2 487.Vb 2
453The address to bind the \s-1DNS\s0 tunnel socket to, similar to the \f(CW\*(C`hostname\*(C'\fR, 500The address to bind the \s-1DNS\s0 tunnel socket to, similar to the \f(CW\*(C`hostname\*(C'\fR,
454but for the \s-1DNS\s0 tunnel protocol only. Default: \f(CW0.0.0.0\fR, but that might 501but for the \s-1DNS\s0 tunnel protocol only. Default: \f(CW0.0.0.0\fR, but that might
455change. 502change.
456.IP "dns-port = port-number" 4 503.IP "dns-port = port-number" 4
457.IX Item "dns-port = port-number" 504.IX Item "dns-port = port-number"
458The port to bind the \s-1DNS\s0 tunnel socket to. Must be \f(CW0\fR on all \s-1DNS\s0 tunnel 505The port to bind the \s-1DNS\s0 tunnel socket to. Must be \f(CW53\fR on \s-1DNS\s0 tunnel servers.
459clients and \f(CW53\fR on the server. 506.IP "enable-dns = yes|true|on | no|false|off" 4
507.IX Item "enable-dns = yes|true|on | no|false|off"
508See \fIgvpe.protocol\fR\|(7) for a description of the \s-1DNS\s0 transport
509protocol. Avoid this protocol if you can.
510.Sp
511Enable the \s-1DNS\s0 tunneling protocol on this node, either as server or as
512client. Support for this transport protocol is only available when gvpe
513was compiled using the \f(CW\*(C`\-\-enable\-dns\*(C'\fR option.
514.IP "enable-icmp = yes|true|on | no|false|off" 4
515.IX Item "enable-icmp = yes|true|on | no|false|off"
516See \fIgvpe.protocol\fR\|(7) for a description of the \s-1ICMP\s0 transport protocol.
517.Sp
518Enable the \s-1ICMP\s0 transport using icmp packets of type \f(CW\*(C`icmp\-type\*(C'\fR on this
519node.
460.IP "enable-rawip = yes|true|on | no|false|off" 4 520.IP "enable-rawip = yes|true|on | no|false|off" 4
461.IX Item "enable-rawip = yes|true|on | no|false|off" 521.IX Item "enable-rawip = yes|true|on | no|false|off"
522See \fIgvpe.protocol\fR\|(7) for a description of the \s-1RAW\s0 \s-1IP\s0 transport protocol.
523.Sp
462Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol 524Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol
463(default: \f(CW\*(C`no\*(C'\fR). This is the best choice, since the overhead per packet 525(default: \f(CW\*(C`no\*(C'\fR).
464is only 38 bytes, as opposed to \s-1UDP\s0's 58 (or \s-1TCP\s0's 60+).
465.IP "enable-tcp = yes|true|on | no|false|off" 4 526.IP "enable-tcp = yes|true|on | no|false|off" 4
466.IX Item "enable-tcp = yes|true|on | no|false|off" 527.IX Item "enable-tcp = yes|true|on | no|false|off"
528See \fIgvpe.protocol\fR\|(7) for a description of the \s-1TCP\s0 transport protocol.
529.Sp
467Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port 530Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port
468(default: \f(CW\*(C`no\*(C'\fR). Support for this horribly unsuitable protocol is only 531(default: \f(CW\*(C`no\*(C'\fR). Support for this transport protocol is only available
469available when gvpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option. Never 532when gvpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option.
470use this transport unless you really must, it is horribly ineffiecent and
471resource-intensive compared to the other transports.
472.IP "enable-udp = yes|true|on | no|false|off" 4 533.IP "enable-udp = yes|true|on | no|false|off" 4
473.IX Item "enable-udp = yes|true|on | no|false|off" 534.IX Item "enable-udp = yes|true|on | no|false|off"
535See \fIgvpe.protocol\fR\|(7) for a description of the \s-1UDP\s0 transport protocol.
536.Sp
474Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR, 537Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR,
475unless no other protocol is enabled for a node, in which case this 538unless no other protocol is enabled for a node, in which case this
476protocol is enabled automatically). This is a good general choice since 539protocol is enabled automatically).
477\&\s-1UDP\s0 tunnels well through many firewalls.
478.Sp 540.Sp
479\&\s-1NOTE:\s0 Please specify \f(CW\*(C`enable\-udp = yes\*(C'\fR if you want t use it even though 541\&\s-1NOTE:\s0 Please specify \f(CW\*(C`enable\-udp = yes\*(C'\fR if you want t use it even though
480it might get switched on automatically, as some future version might 542it might get switched on automatically, as some future version might
481default to another default protocol. 543default to another default protocol.
544.IP "icmp-type = integer" 4
545.IX Item "icmp-type = integer"
546Sets the type value to be used for outgoing (and incoming) packets sent
547via the \s-1ICMP\s0 transport.
548.Sp
549The default is \f(CW0\fR (which is \f(CW\*(C`echo\-reply\*(C'\fR, also known as
550\&\*(L"ping\-replies\*(R"). Other useful values include \f(CW8\fR (\f(CW\*(C`echo\-request\*(C'\fR, a.k.a.
551\&\*(L"ping\*(R") and \f(CW11\fR (\f(CW\*(C`time\-exceeded\*(C'\fR), but any 8\-bit value can be used.
482.IP "inherit-tos = yes|true|on | no|false|off" 4 552.IP "inherit-tos = yes|true|on | no|false|off" 4
483.IX Item "inherit-tos = yes|true|on | no|false|off" 553.IX Item "inherit-tos = yes|true|on | no|false|off"
484Wether to inherit the \s-1TOS\s0 settings of packets sent to the tunnel when 554Wether to inherit the \s-1TOS\s0 settings of packets sent to the tunnel when
485sending packets to this node (default: \f(CW\*(C`yes\*(C'\fR). If set to \f(CW\*(C`yes\*(C'\fR then 555sending packets to this node (default: \f(CW\*(C`yes\*(C'\fR). If set to \f(CW\*(C`yes\*(C'\fR then
486outgoing tunnel packets will have the same \s-1TOS\s0 setting as the packets sent 556outgoing tunnel packets will have the same \s-1TOS\s0 setting as the packets sent
487to the tunnel device, which is usually what you want. 557to the tunnel device, which is usually what you want.
488.IP "max-retry = positive-number" 4 558.IP "max-retry = positive-number" 4
489.IX Item "max-retry = positive-number" 559.IX Item "max-retry = positive-number"
490The maximum interval in seconds (default: \f(CW28800\fR, 8 hours) between 560The maximum interval in seconds (default: \f(CW3600\fR, one hour) between
491retries to establish a connection to this node. When a connection cannot 561retries to establish a connection to this node. When a connection cannot
492be established, gvpe uses exponential backoff capped at this value. It's 562be established, gvpe uses exponential backoff capped at this value. It's
493sometimes useful to set this to a much lower value (e.g. \f(CW120\fR) on 563sometimes useful to set this to a much lower value (e.g. \f(CW120\fR) on
494connections to routers that usually are stable but sometimes are down, to 564connections to routers that usually are stable but sometimes are down, to
495assure quick reconnections. 565assure quick reconnections even after longer downtimes.
496.IP "router-priority = 0 | 1 | positive\-number>2" 4 566.IP "router-priority = 0 | 1 | positive\-number>=2" 4
497.IX Item "router-priority = 0 | 1 | positive-number>2" 567.IX Item "router-priority = 0 | 1 | positive-number>=2"
498Sets the router priority of the given host (default: \f(CW0\fR, disabled). If 568Sets the router priority of the given host (default: \f(CW0\fR, disabled). If
499some host tries to connect to another host without a hostname, it asks 569some host tries to connect to another host without a hostname, it asks
500the router host for it's \s-1IP\s0 address. The router host is the one with the 570the router host for it's \s-1IP\s0 address. The router host is the one with the
501highest priority larger than \f(CW1\fR that is currently reachable. 571highest priority larger than \f(CW1\fR that is currently reachable.
502.Sp 572.Sp

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines