| 1 | =head1 NAME |
1 | =head1 NAME |
| 2 | |
2 | |
| 3 | vped.conf - vpe daemon configuration file |
3 | vped.conf - configuration file for the GNU VPE daemon |
| 4 | |
4 | |
| 5 | =head1 SYNOPSIS |
5 | =head1 SYNOPSIS |
| 6 | |
6 | |
|
|
7 | enable-udp = yes |
| 7 | udp-port = 407 |
8 | udp-port = 407 |
| 8 | mtu = 1492 |
9 | mtu = 1492 |
| 9 | ifname = vpn0 |
10 | ifname = vpn0 |
| 10 | |
11 | |
| 11 | node = branch1 |
12 | node = branch1 |
| … | |
… | |
| 158 | consistently on all hosts), but this is usually ineffective. |
159 | consistently on all hosts), but this is usually ineffective. |
| 159 | |
160 | |
| 160 | =item MAC=fe:fd:80:00:00:01 |
161 | =item MAC=fe:fd:80:00:00:01 |
| 161 | |
162 | |
| 162 | The MAC address to set the interface to. The script *must* set the |
163 | The MAC address to set the interface to. The script *must* set the |
| 163 | interface MAC to this value. On GNU/Linux you will most likely use this: |
164 | interface MAC to this value. You will most likely use one of these: |
| 164 | |
165 | |
| 165 | ip link set $IFNAME address $MAC mtu $MTU up |
166 | ip link set $IFNAME address $MAC mtu $MTU up # GNU/Linux |
|
|
167 | ifconfig $IFNAME ether $MAC mtu $MTU up # FreeBSD |
|
|
168 | |
|
|
169 | Please see the C<vpe.osdep(5)> manpage for platform-specific information. |
|
|
170 | |
|
|
171 | =item IFTYPE=native # or tincd |
|
|
172 | |
|
|
173 | =item IFSUBTYPE=linux # or freebsd, darwin etc.. |
|
|
174 | |
|
|
175 | The interface type (C<native> or C<tincd>) and the subtype (usually the os |
|
|
176 | name in lowercase) that this vpe was configured for. Can be used to select |
|
|
177 | the correct syntax to use for network-related commands. |
| 166 | |
178 | |
| 167 | =item NODENAME=branch1 |
179 | =item NODENAME=branch1 |
| 168 | |
180 | |
| 169 | The nickname of the current node, as passed to the vped daemon. |
181 | The nickname of the current node, as passed to the vped daemon. |
| 170 | |
182 | |
| … | |
… | |
| 206 | =item DESTIP=188.13.66.8 |
218 | =item DESTIP=188.13.66.8 |
| 207 | |
219 | |
| 208 | The numerical IP address of the remote host (vped accepts connections from |
220 | The numerical IP address of the remote host (vped accepts connections from |
| 209 | everywhere, as long as the other host can authenticate itself). |
221 | everywhere, as long as the other host can authenticate itself). |
| 210 | |
222 | |
| 211 | =item DESTPORT=407 # deprecated |
223 | =item DESTPORT=655 # deprecated |
| 212 | |
224 | |
| 213 | The UDP port used by the other side. |
225 | The UDP port used by the other side. |
| 214 | |
226 | |
| 215 | =item STATE=UP |
227 | =item STATE=UP |
| 216 | |
228 | |
| … | |
… | |
| 233 | |
245 | |
| 234 | Same as C<node-up>, but gets called whenever a connection is lost. |
246 | Same as C<node-up>, but gets called whenever a connection is lost. |
| 235 | |
247 | |
| 236 | =item http-proxy-host = hostname/ip |
248 | =item http-proxy-host = hostname/ip |
| 237 | |
249 | |
| 238 | The C<http-proxy>-family of options are only available if vpe was |
250 | The C<http-proxy-*> family of options are only available if vpe was |
| 239 | compiled with the C<--enable-http-proxy> option and enable tunneling of |
251 | compiled with the C<--enable-http-proxy> option and enable tunneling of |
| 240 | tcp connections through a http proxy server. |
252 | tcp connections through a http proxy server. |
| 241 | |
253 | |
| 242 | C<http-proxy-host> and C<http-proxy-port> should specify the hostname and |
254 | C<http-proxy-host> and C<http-proxy-port> should specify the hostname and |
| 243 | port number of the proxy server. See C<http-proxy-loginpw> if your proxy |
255 | port number of the proxy server. See C<http-proxy-loginpw> if your proxy |
| … | |
… | |
| 267 | =item http-proxy-auth = login:password |
279 | =item http-proxy-auth = login:password |
| 268 | |
280 | |
| 269 | The optional login and password used to authenticate to the proxy server, |
281 | The optional login and password used to authenticate to the proxy server, |
| 270 | seperated by a literal colon (C<:>). Only basic authentication is |
282 | seperated by a literal colon (C<:>). Only basic authentication is |
| 271 | currently supported. |
283 | currently supported. |
|
|
284 | |
|
|
285 | =item pid-file = path |
|
|
286 | |
|
|
287 | The path to the pid file to check and create (Default: |
| 272 | |
288 | |
| 273 | =back |
289 | =back |
| 274 | |
290 | |
| 275 | =head2 NODE SPECIFIC SETTINGS |
291 | =head2 NODE SPECIFIC SETTINGS |
| 276 | |
292 | |
| … | |
… | |
| 281 | |
297 | |
| 282 | =over 4 |
298 | =over 4 |
| 283 | |
299 | |
| 284 | =item udp-port = port-number |
300 | =item udp-port = port-number |
| 285 | |
301 | |
| 286 | Sets the port number used by the UDP protocol (default: C<407>, not |
302 | Sets the port number used by the UDP protocol (default: C<655>, not |
| 287 | officially assigned by IANA!). |
303 | officially assigned by IANA!). |
| 288 | |
304 | |
| 289 | =item tcp-port = port-number |
305 | =item tcp-port = port-number |
| 290 | |
306 | |
| 291 | Similar to C<udp-port> (default: C<407>), but sets the TCP port number. |
307 | Similar to C<udp-port> (default: C<655>), but sets the TCP port number. |
| 292 | |
308 | |
| 293 | =item enable-rawip = yes|true|on | no|false|off |
309 | =item enable-rawip = yes|true|on | no|false|off |
| 294 | |
310 | |
| 295 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
311 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
| 296 | (default: C<no>). This is the best choice, since the overhead per packet |
312 | (default: C<no>). This is the best choice, since the overhead per packet |
| 297 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
313 | is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
| 298 | |
314 | |
| 299 | =item enable-udp = yes|true|on | no|false|off |
315 | =item enable-udp = yes|true|on | no|false|off |
| 300 | |
316 | |
| 301 | Enable the UDPv4 transport using the C<udp-port> port |
317 | Enable the UDPv4 transport using the C<udp-port> port (default: C<yes>, |
| 302 | (default: C<yes>). This is a good general choice since UDP tunnels well |
318 | but this will change!). This is a good general choice since UDP tunnels |
| 303 | through many firewalls. |
319 | well through many firewalls. |
|
|
320 | |
|
|
321 | NOTE: Please specify C<enable-udp = yes> even though it is the default, as |
|
|
322 | some future version will have all protocols disabled by default. |
| 304 | |
323 | |
| 305 | =item enable-tcp = yes|true|on | no|false|off |
324 | =item enable-tcp = yes|true|on | no|false|off |
| 306 | |
325 | |
| 307 | Enable the TCPv4 transport using the C<tcp-port> port |
326 | Enable the TCPv4 transport using the C<tcp-port> port |
| 308 | (default: C<no>). Support for this horribly unsuitable protocol is only |
327 | (default: C<no>). Support for this horribly unsuitable protocol is only |
