| … | |
… | |
| 127 | .\} |
127 | .\} |
| 128 | .rm #[ #] #H #V #F C |
128 | .rm #[ #] #H #V #F C |
| 129 | .\" ======================================================================== |
129 | .\" ======================================================================== |
| 130 | .\" |
130 | .\" |
| 131 | .IX Title "GVPE.CONF 5" |
131 | .IX Title "GVPE.CONF 5" |
| 132 | .TH GVPE.CONF 5 "2005-03-06" "1.8" "GNU Virtual Private Ethernet" |
132 | .TH GVPE.CONF 5 "2005-03-14" "1.8" "GNU Virtual Private Ethernet" |
| 133 | .SH "NAME" |
133 | .SH "NAME" |
| 134 | gvpe.conf \- configuration file for the GNU VPE daemon |
134 | gvpe.conf \- configuration file for the GNU VPE daemon |
| 135 | .SH "SYNOPSIS" |
135 | .SH "SYNOPSIS" |
| 136 | .IX Header "SYNOPSIS" |
136 | .IX Header "SYNOPSIS" |
| 137 | .Vb 3 |
137 | .Vb 3 |
| … | |
… | |
| 429 | \&\f(CW\*(C`ondemand\*(C'\fR (try to establish a connection on the first packet sent, and |
429 | \&\f(CW\*(C`ondemand\*(C'\fR (try to establish a connection on the first packet sent, and |
| 430 | take it down after the keepalive interval) or \f(CW\*(C`disabled\*(C'\fR (node is bad, |
430 | take it down after the keepalive interval) or \f(CW\*(C`disabled\*(C'\fR (node is bad, |
| 431 | don't talk to it). |
431 | don't talk to it). |
| 432 | .IP "dns-domain = domain-suffix" 4 |
432 | .IP "dns-domain = domain-suffix" 4 |
| 433 | .IX Item "dns-domain = domain-suffix" |
433 | .IX Item "dns-domain = domain-suffix" |
| 434 | The \s-1DNS\s0 domain suffix that points to the \s-1DNS\s0 tunnel server. Needs to be |
434 | The \s-1DNS\s0 domain suffix that points to the \s-1DNS\s0 tunnel server for this node. |
| 435 | set on both client and server. |
|
|
| 436 | .Sp |
435 | .Sp |
| 437 | The domain must point to a \s-1NS\s0 record that points to the \fIdns-hostname\fR, |
436 | The domain must point to a \s-1NS\s0 record that points to the \fIdns-hostname\fR, |
| 438 | i.e. |
437 | i.e. |
| 439 | .Sp |
438 | .Sp |
| 440 | .Vb 2 |
439 | .Vb 2 |
| … | |
… | |
| 453 | The address to bind the \s-1DNS\s0 tunnel socket to, similar to the \f(CW\*(C`hostname\*(C'\fR, |
452 | The address to bind the \s-1DNS\s0 tunnel socket to, similar to the \f(CW\*(C`hostname\*(C'\fR, |
| 454 | but for the \s-1DNS\s0 tunnel protocol only. Default: \f(CW0.0.0.0\fR, but that might |
453 | but for the \s-1DNS\s0 tunnel protocol only. Default: \f(CW0.0.0.0\fR, but that might |
| 455 | change. |
454 | change. |
| 456 | .IP "dns-port = port-number" 4 |
455 | .IP "dns-port = port-number" 4 |
| 457 | .IX Item "dns-port = port-number" |
456 | .IX Item "dns-port = port-number" |
| 458 | The port to bind the \s-1DNS\s0 tunnel socket to. Must be \f(CW0\fR on all \s-1DNS\s0 tunnel |
457 | The port to bind the \s-1DNS\s0 tunnel socket to. Must be \f(CW53\fR on \s-1DNS\s0 tunnel servers. |
| 459 | clients and \f(CW53\fR on the server. |
458 | .IP "enable-dns = yes|true|on | no|false|off" 4 |
|
|
459 | .IX Item "enable-dns = yes|true|on | no|false|off" |
|
|
460 | Enable the \s-1DNS\s0 tunneling protocol on this node, either as server or as |
|
|
461 | client (only available when gvpe was compiled with \f(CW\*(C`\-\-enable\-dns\*(C'\fR). |
|
|
462 | .Sp |
|
|
463 | \&\fB\s-1WARNING:\s0\fR Parsing and generating \s-1DNS\s0 packets is rather tricky. The code |
|
|
464 | almost certainly contains buffer overflows and other, likely exploitable, |
|
|
465 | bugs. You have been warned. |
|
|
466 | .Sp |
|
|
467 | This is the worst choice of transport protocol with respect to overhead |
|
|
468 | (overhead can be 2\-3 times higher than the transferred data), and probably |
|
|
469 | the best choice when tunneling through firewalls. |
| 460 | .IP "enable-rawip = yes|true|on | no|false|off" 4 |
470 | .IP "enable-rawip = yes|true|on | no|false|off" 4 |
| 461 | .IX Item "enable-rawip = yes|true|on | no|false|off" |
471 | .IX Item "enable-rawip = yes|true|on | no|false|off" |
| 462 | Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol |
472 | Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol |
| 463 | (default: \f(CW\*(C`no\*(C'\fR). This is the best choice, since the overhead per packet |
473 | (default: \f(CW\*(C`no\*(C'\fR). This is the best choice, since the minimum overhead per |
| 464 | is only 38 bytes, as opposed to \s-1UDP\s0's 58 (or \s-1TCP\s0's 60+). |
474 | packet is only 38 bytes, as opposed to \s-1UDP\s0's 58 (or \s-1TCP\s0's 60+). |
| 465 | .IP "enable-tcp = yes|true|on | no|false|off" 4 |
475 | .IP "enable-tcp = yes|true|on | no|false|off" 4 |
| 466 | .IX Item "enable-tcp = yes|true|on | no|false|off" |
476 | .IX Item "enable-tcp = yes|true|on | no|false|off" |
| 467 | Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port |
477 | Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port |
| 468 | (default: \f(CW\*(C`no\*(C'\fR). Support for this horribly unsuitable protocol is only |
478 | (default: \f(CW\*(C`no\*(C'\fR). Support for this horribly unsuitable protocol is only |
| 469 | available when gvpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option. Never |
479 | available when gvpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option. Never |
| 470 | use this transport unless you really must, it is horribly ineffiecent and |
480 | use this transport unless you really must, it is very inefficient and |
| 471 | resource-intensive compared to the other transports. |
481 | resource-intensive compared to the other transports (except for \s-1DNS\s0, which |
|
|
482 | is worse). |
| 472 | .IP "enable-udp = yes|true|on | no|false|off" 4 |
483 | .IP "enable-udp = yes|true|on | no|false|off" 4 |
| 473 | .IX Item "enable-udp = yes|true|on | no|false|off" |
484 | .IX Item "enable-udp = yes|true|on | no|false|off" |
| 474 | Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR, |
485 | Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR, |
| 475 | unless no other protocol is enabled for a node, in which case this |
486 | unless no other protocol is enabled for a node, in which case this |
| 476 | protocol is enabled automatically). This is a good general choice since |
487 | protocol is enabled automatically). This is a good general choice since |
| … | |
… | |
| 485 | sending packets to this node (default: \f(CW\*(C`yes\*(C'\fR). If set to \f(CW\*(C`yes\*(C'\fR then |
496 | sending packets to this node (default: \f(CW\*(C`yes\*(C'\fR). If set to \f(CW\*(C`yes\*(C'\fR then |
| 486 | outgoing tunnel packets will have the same \s-1TOS\s0 setting as the packets sent |
497 | outgoing tunnel packets will have the same \s-1TOS\s0 setting as the packets sent |
| 487 | to the tunnel device, which is usually what you want. |
498 | to the tunnel device, which is usually what you want. |
| 488 | .IP "max-retry = positive-number" 4 |
499 | .IP "max-retry = positive-number" 4 |
| 489 | .IX Item "max-retry = positive-number" |
500 | .IX Item "max-retry = positive-number" |
| 490 | The maximum interval in seconds (default: \f(CW28800\fR, 8 hours) between |
501 | The maximum interval in seconds (default: \f(CW3600\fR, one hour) between |
| 491 | retries to establish a connection to this node. When a connection cannot |
502 | retries to establish a connection to this node. When a connection cannot |
| 492 | be established, gvpe uses exponential backoff capped at this value. It's |
503 | be established, gvpe uses exponential backoff capped at this value. It's |
| 493 | sometimes useful to set this to a much lower value (e.g. \f(CW120\fR) on |
504 | sometimes useful to set this to a much lower value (e.g. \f(CW120\fR) on |
| 494 | connections to routers that usually are stable but sometimes are down, to |
505 | connections to routers that usually are stable but sometimes are down, to |
| 495 | assure quick reconnections. |
506 | assure quick reconnections even after longer downtimes. |
| 496 | .IP "router-priority = 0 | 1 | positive\-number>2" 4 |
507 | .IP "router-priority = 0 | 1 | positive\-number>=2" 4 |
| 497 | .IX Item "router-priority = 0 | 1 | positive-number>2" |
508 | .IX Item "router-priority = 0 | 1 | positive-number>=2" |
| 498 | Sets the router priority of the given host (default: \f(CW0\fR, disabled). If |
509 | Sets the router priority of the given host (default: \f(CW0\fR, disabled). If |
| 499 | some host tries to connect to another host without a hostname, it asks |
510 | some host tries to connect to another host without a hostname, it asks |
| 500 | the router host for it's \s-1IP\s0 address. The router host is the one with the |
511 | the router host for it's \s-1IP\s0 address. The router host is the one with the |
| 501 | highest priority larger than \f(CW1\fR that is currently reachable. |
512 | highest priority larger than \f(CW1\fR that is currently reachable. |
| 502 | .Sp |
513 | .Sp |
