| … | |
… | |
| 134 | The default is 47 (GRE), which has a good chance of tunneling through |
134 | The default is 47 (GRE), which has a good chance of tunneling through |
| 135 | firewalls (but note that the rawip protocol is not GRE compatible). Other |
135 | firewalls (but note that the rawip protocol is not GRE compatible). Other |
| 136 | common choices are 50 (IPSEC, ESP), 51 (IPSEC, AH), 4 (IPIP tunnels) or 98 |
136 | common choices are 50 (IPSEC, ESP), 51 (IPSEC, AH), 4 (IPIP tunnels) or 98 |
| 137 | (ENCAP, rfc1241) |
137 | (ENCAP, rfc1241) |
| 138 | |
138 | |
| 139 | =item enable-udp = yes|true|on | no|false|off |
|
|
| 140 | |
|
|
| 141 | Enable the UDPv4 transport using the C<udp-port> port |
|
|
| 142 | (default: C<yes>). This is a good general choice since UDP tunnels well |
|
|
| 143 | through many firewalls. |
|
|
| 144 | |
|
|
| 145 | =item enable-rawip = yes|true|on | no|false|off |
|
|
| 146 | |
|
|
| 147 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
|
|
| 148 | (default: C<no>). This is the best choice, since the overhead per packet |
|
|
| 149 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
|
|
| 150 | |
|
|
| 151 | =item if-up = relative-or-absolute-path |
139 | =item if-up = relative-or-absolute-path |
| 152 | |
140 | |
| 153 | Sets the path of a script that should be called immediately after the |
141 | Sets the path of a script that should be called immediately after the |
| 154 | network interface is initialized (but not neccessarily up). The following |
142 | network interface is initialized (but not neccessarily up). The following |
| 155 | environment variables are passed to it (the values are just examples): |
143 | environment variables are passed to it (the values are just examples): |
| … | |
… | |
| 170 | consistently on all hosts), but this is usually ineffective. |
158 | consistently on all hosts), but this is usually ineffective. |
| 171 | |
159 | |
| 172 | =item MAC=fe:fd:80:00:00:01 |
160 | =item MAC=fe:fd:80:00:00:01 |
| 173 | |
161 | |
| 174 | The MAC address to set the interface to. The script *must* set the |
162 | The MAC address to set the interface to. The script *must* set the |
| 175 | interface MAC to this value. On GNU/Linux you will most likely use this: |
163 | interface MAC to this value. You will most likely use one of these: |
| 176 | |
164 | |
| 177 | ip link set $IFNAME address $MAC mtu $MTU up |
165 | ip link set $IFNAME address $MAC mtu $MTU up # GNU/Linux |
|
|
166 | ifconfig $IFNAME ether $MAC mtu $MTU up # FreeBSD |
|
|
167 | |
|
|
168 | Please see the C<vpe.osdep(5)> manpage for platform-specific information. |
|
|
169 | |
|
|
170 | =item IFTYPE=native # or tincd |
|
|
171 | |
|
|
172 | =item IFSUBTYPE=linux # or freebsd, darwin etc.. |
|
|
173 | |
|
|
174 | The interface type (C<native> or C<tincd>) and the subtype (usually the os |
|
|
175 | name in lowercase) that this vpe was configured for. Can be used to select |
|
|
176 | the correct syntax to use for network-related commands. |
| 178 | |
177 | |
| 179 | =item NODENAME=branch1 |
178 | =item NODENAME=branch1 |
| 180 | |
179 | |
| 181 | The nickname of the current node, as passed to the vped daemon. |
180 | The nickname of the current node, as passed to the vped daemon. |
| 182 | |
181 | |
| … | |
… | |
| 218 | =item DESTIP=188.13.66.8 |
217 | =item DESTIP=188.13.66.8 |
| 219 | |
218 | |
| 220 | The numerical IP address of the remote host (vped accepts connections from |
219 | The numerical IP address of the remote host (vped accepts connections from |
| 221 | everywhere, as long as the other host can authenticate itself). |
220 | everywhere, as long as the other host can authenticate itself). |
| 222 | |
221 | |
| 223 | =item DESTPORT=407 # deprecated |
222 | =item DESTPORT=655 # deprecated |
| 224 | |
223 | |
| 225 | The UDP port used by the other side. |
224 | The UDP port used by the other side. |
| 226 | |
225 | |
| 227 | =item STATE=UP |
226 | =item STATE=UP |
| 228 | |
227 | |
| … | |
… | |
| 243 | |
242 | |
| 244 | =item node-down = relative-or-absolute-path |
243 | =item node-down = relative-or-absolute-path |
| 245 | |
244 | |
| 246 | Same as C<node-up>, but gets called whenever a connection is lost. |
245 | Same as C<node-up>, but gets called whenever a connection is lost. |
| 247 | |
246 | |
|
|
247 | =item http-proxy-host = hostname/ip |
|
|
248 | |
|
|
249 | The C<http-proxy-*> family of options are only available if vpe was |
|
|
250 | compiled with the C<--enable-http-proxy> option and enable tunneling of |
|
|
251 | tcp connections through a http proxy server. |
|
|
252 | |
|
|
253 | C<http-proxy-host> and C<http-proxy-port> should specify the hostname and |
|
|
254 | port number of the proxy server. See C<http-proxy-loginpw> if your proxy |
|
|
255 | requires authentication. |
|
|
256 | |
|
|
257 | Please note that vpe will still try to resolve all hostnames in the |
|
|
258 | configuration file, so if you are behind a proxy without access to a dns |
|
|
259 | server better use numerical IP addresses. |
|
|
260 | |
|
|
261 | To make best use of this option disable all protocols except tcp in your |
|
|
262 | config file and make sure your routers (or all other hosts) are listening |
|
|
263 | on a port that the proxy allows (443, https, is a common choice). |
|
|
264 | |
|
|
265 | If you have a router, connecting to it will suffice. Otherwise tcp must be |
|
|
266 | enabled on all hosts. |
|
|
267 | |
|
|
268 | Example: |
|
|
269 | |
|
|
270 | http-proxy-host = proxy.example.com |
|
|
271 | http-proxy-port = 3128 # 8080 is another common choice |
|
|
272 | http-proxy-auth = schmorp:grumbeere |
|
|
273 | |
|
|
274 | =item http-proxy-port = proxy-tcp-port |
|
|
275 | |
|
|
276 | The port where your proxy server listens. |
|
|
277 | |
|
|
278 | =item http-proxy-auth = login:password |
|
|
279 | |
|
|
280 | The optional login and password used to authenticate to the proxy server, |
|
|
281 | seperated by a literal colon (C<:>). Only basic authentication is |
|
|
282 | currently supported. |
|
|
283 | |
| 248 | =back |
284 | =back |
| 249 | |
285 | |
| 250 | =head2 NODE SPECIFIC SETTINGS |
286 | =head2 NODE SPECIFIC SETTINGS |
| 251 | |
287 | |
| 252 | The following settings are node-specific, that is, every node can have |
288 | The following settings are node-specific, that is, every node can have |
| … | |
… | |
| 256 | |
292 | |
| 257 | =over 4 |
293 | =over 4 |
| 258 | |
294 | |
| 259 | =item udp-port = port-number |
295 | =item udp-port = port-number |
| 260 | |
296 | |
| 261 | Sets the port number used by the UDP protocol (default: C<407>, not |
297 | Sets the port number used by the UDP protocol (default: C<655>, not |
| 262 | officially assigned by IANA!). |
298 | officially assigned by IANA!). |
|
|
299 | |
|
|
300 | =item tcp-port = port-number |
|
|
301 | |
|
|
302 | Similar to C<udp-port> (default: C<655>), but sets the TCP port number. |
|
|
303 | |
|
|
304 | =item enable-rawip = yes|true|on | no|false|off |
|
|
305 | |
|
|
306 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
|
|
307 | (default: C<no>). This is the best choice, since the overhead per packet |
|
|
308 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
|
|
309 | |
|
|
310 | =item enable-udp = yes|true|on | no|false|off |
|
|
311 | |
|
|
312 | Enable the UDPv4 transport using the C<udp-port> port |
|
|
313 | (default: C<yes>). This is a good general choice since UDP tunnels well |
|
|
314 | through many firewalls. |
|
|
315 | |
|
|
316 | =item enable-tcp = yes|true|on | no|false|off |
|
|
317 | |
|
|
318 | Enable the TCPv4 transport using the C<tcp-port> port |
|
|
319 | (default: C<no>). Support for this horribly unsuitable protocol is only |
|
|
320 | available when vpe was compiled using the C<--enable-tcp> option. Never |
|
|
321 | use this transport unless you really must, it is horribly ineffiecent and |
|
|
322 | resource-intensive compared to the other transports. |
| 263 | |
323 | |
| 264 | =item router-priority = positive-number |
324 | =item router-priority = positive-number |
| 265 | |
325 | |
| 266 | Sets the router priority of the given host (default: C<0>, disabled). If |
326 | Sets the router priority of the given host (default: C<0>, disabled). If |
| 267 | some host tries to connect to another host without a hostname, it asks |
327 | some host tries to connect to another host without a hostname, it asks |
