1 | .\" Automatically generated by Pod::Man v1.36, Pod::Parser v1.13 |
1 | .\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.13 |
2 | .\" |
2 | .\" |
3 | .\" Standard preamble: |
3 | .\" Standard preamble: |
4 | .\" ======================================================================== |
4 | .\" ======================================================================== |
5 | .de Sh \" Subsection heading |
5 | .de Sh \" Subsection heading |
6 | .br |
6 | .br |
… | |
… | |
127 | .\} |
127 | .\} |
128 | .rm #[ #] #H #V #F C |
128 | .rm #[ #] #H #V #F C |
129 | .\" ======================================================================== |
129 | .\" ======================================================================== |
130 | .\" |
130 | .\" |
131 | .IX Title "VPED.CONF 5" |
131 | .IX Title "VPED.CONF 5" |
132 | .TH VPED.CONF 5 "2003-03-28" "0.1" "Virtual Private Ethernet" |
132 | .TH VPED.CONF 5 "2003-10-14" "1.0" "Virtual Private Ethernet" |
133 | .SH "NAME" |
133 | .SH "NAME" |
134 | vped.conf \- vpe daemon configuration file |
134 | vped.conf \- vpe daemon configuration file |
135 | .SH "SYNOPSIS" |
135 | .SH "SYNOPSIS" |
136 | .IX Header "SYNOPSIS" |
136 | .IX Header "SYNOPSIS" |
137 | .Vb 3 |
137 | .Vb 3 |
… | |
… | |
259 | .Sp |
259 | .Sp |
260 | The default is 47 (\s-1GRE\s0), which has a good chance of tunneling through |
260 | The default is 47 (\s-1GRE\s0), which has a good chance of tunneling through |
261 | firewalls (but note that the rawip protocol is not \s-1GRE\s0 compatible). Other |
261 | firewalls (but note that the rawip protocol is not \s-1GRE\s0 compatible). Other |
262 | common choices are 50 (\s-1IPSEC\s0, \s-1ESP\s0), 51 (\s-1IPSEC\s0, \s-1AH\s0), 4 (\s-1IPIP\s0 tunnels) or 98 |
262 | common choices are 50 (\s-1IPSEC\s0, \s-1ESP\s0), 51 (\s-1IPSEC\s0, \s-1AH\s0), 4 (\s-1IPIP\s0 tunnels) or 98 |
263 | (\s-1ENCAP\s0, rfc1241) |
263 | (\s-1ENCAP\s0, rfc1241) |
264 | .IP "enable-udp = yes|true|on | no|false|off" 4 |
|
|
265 | .IX Item "enable-udp = yes|true|on | no|false|off" |
|
|
266 | Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port |
|
|
267 | (default: \f(CW\*(C`yes\*(C'\fR). This is a good general choice since \s-1UDP\s0 tunnels well |
|
|
268 | through many firewalls. |
|
|
269 | .IP "enable-rawip = yes|true|on | no|false|off" 4 |
|
|
270 | .IX Item "enable-rawip = yes|true|on | no|false|off" |
|
|
271 | Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol |
|
|
272 | (default: \f(CW\*(C`no\*(C'\fR). This is the best choice, since the overhead per packet |
|
|
273 | is only 38 bytes, as opposed to \s-1UDP\s0's 58 (or \s-1TCP\s0's 60+). |
|
|
274 | .IP "if-up = relative-or-absolute-path" 4 |
264 | .IP "if-up = relative-or-absolute-path" 4 |
275 | .IX Item "if-up = relative-or-absolute-path" |
265 | .IX Item "if-up = relative-or-absolute-path" |
276 | Sets the path of a script that should be called immediately after the |
266 | Sets the path of a script that should be called immediately after the |
277 | network interface is initialized (but not neccessarily up). The following |
267 | network interface is initialized (but not neccessarily up). The following |
278 | environment variables are passed to it (the values are just examples): |
268 | environment variables are passed to it (the values are just examples): |
… | |
… | |
288 | The \s-1MTU\s0 to set the interface to. You can use lower values (if done |
278 | The \s-1MTU\s0 to set the interface to. You can use lower values (if done |
289 | consistently on all hosts), but this is usually ineffective. |
279 | consistently on all hosts), but this is usually ineffective. |
290 | .IP "MAC=fe:fd:80:00:00:01" 4 |
280 | .IP "MAC=fe:fd:80:00:00:01" 4 |
291 | .IX Item "MAC=fe:fd:80:00:00:01" |
281 | .IX Item "MAC=fe:fd:80:00:00:01" |
292 | The \s-1MAC\s0 address to set the interface to. The script *must* set the |
282 | The \s-1MAC\s0 address to set the interface to. The script *must* set the |
293 | interface \s-1MAC\s0 to this value. On GNU/Linux you will most likely use this: |
283 | interface \s-1MAC\s0 to this value. You will most likely use one of these: |
294 | .Sp |
284 | .Sp |
295 | .Vb 1 |
285 | .Vb 2 |
296 | \& ip link set $IFNAME address $MAC mtu $MTU up |
286 | \& ip link set $IFNAME address $MAC mtu $MTU up # GNU/Linux |
|
|
287 | \& ifconfig $IFNAME ether $MAC mtu $MTU up # FreeBSD |
297 | .Ve |
288 | .Ve |
|
|
289 | .IP "IFTYPE=native" 4 |
|
|
290 | .IX Item "IFTYPE=native" |
|
|
291 | .PD 0 |
|
|
292 | .IP "IFSUBTYPE=linux # or freebsd, darwin etc.." 4 |
|
|
293 | .IX Item "IFSUBTYPE=linux # or freebsd, darwin etc.." |
|
|
294 | .PD |
|
|
295 | The interface type (\f(CW\*(C`native\*(C'\fR or \f(CW\*(C`tincd\*(C'\fR) and the subtype (usually the os |
|
|
296 | name in lowercase) that this vpe was configured for. Can be used to select |
|
|
297 | the correct syntax to use for network-related commands. |
298 | .IP "NODENAME=branch1" 4 |
298 | .IP "NODENAME=branch1" 4 |
299 | .IX Item "NODENAME=branch1" |
299 | .IX Item "NODENAME=branch1" |
300 | The nickname of the current node, as passed to the vped daemon. |
300 | The nickname of the current node, as passed to the vped daemon. |
301 | .IP "NODEID=1" 4 |
301 | .IP "NODEID=1" 4 |
302 | .IX Item "NODEID=1" |
302 | .IX Item "NODEID=1" |
… | |
… | |
358 | .Ve |
358 | .Ve |
359 | .RE |
359 | .RE |
360 | .IP "node-down = relative-or-absolute-path" 4 |
360 | .IP "node-down = relative-or-absolute-path" 4 |
361 | .IX Item "node-down = relative-or-absolute-path" |
361 | .IX Item "node-down = relative-or-absolute-path" |
362 | Same as \f(CW\*(C`node\-up\*(C'\fR, but gets called whenever a connection is lost. |
362 | Same as \f(CW\*(C`node\-up\*(C'\fR, but gets called whenever a connection is lost. |
|
|
363 | .IP "http-proxy-host = hostname/ip" 4 |
|
|
364 | .IX Item "http-proxy-host = hostname/ip" |
|
|
365 | The \f(CW\*(C`http\-proxy\-*\*(C'\fR family of options are only available if vpe was |
|
|
366 | compiled with the \f(CW\*(C`\-\-enable\-http\-proxy\*(C'\fR option and enable tunneling of |
|
|
367 | tcp connections through a http proxy server. |
|
|
368 | .Sp |
|
|
369 | \&\f(CW\*(C`http\-proxy\-host\*(C'\fR and \f(CW\*(C`http\-proxy\-port\*(C'\fR should specify the hostname and |
|
|
370 | port number of the proxy server. See \f(CW\*(C`http\-proxy\-loginpw\*(C'\fR if your proxy |
|
|
371 | requires authentication. |
|
|
372 | .Sp |
|
|
373 | Please note that vpe will still try to resolve all hostnames in the |
|
|
374 | configuration file, so if you are behind a proxy without access to a dns |
|
|
375 | server better use numerical \s-1IP\s0 addresses. |
|
|
376 | .Sp |
|
|
377 | To make best use of this option disable all protocols except tcp in your |
|
|
378 | config file and make sure your routers (or all other hosts) are listening |
|
|
379 | on a port that the proxy allows (443, https, is a common choice). |
|
|
380 | .Sp |
|
|
381 | If you have a router, connecting to it will suffice. Otherwise tcp must be |
|
|
382 | enabled on all hosts. |
|
|
383 | .Sp |
|
|
384 | Example: |
|
|
385 | .Sp |
|
|
386 | .Vb 3 |
|
|
387 | \& http-proxy-host = proxy.example.com |
|
|
388 | \& http-proxy-port = 3128 # 8080 is another common choice |
|
|
389 | \& http-proxy-auth = schmorp:grumbeere |
|
|
390 | .Ve |
|
|
391 | .IP "http-proxy-port = proxy-tcp-port" 4 |
|
|
392 | .IX Item "http-proxy-port = proxy-tcp-port" |
|
|
393 | The port where your proxy server listens. |
|
|
394 | .IP "http-proxy-auth = login:password" 4 |
|
|
395 | .IX Item "http-proxy-auth = login:password" |
|
|
396 | The optional login and password used to authenticate to the proxy server, |
|
|
397 | seperated by a literal colon (\f(CW\*(C`:\*(C'\fR). Only basic authentication is |
|
|
398 | currently supported. |
363 | .Sh "\s-1NODE\s0 \s-1SPECIFIC\s0 \s-1SETTINGS\s0" |
399 | .Sh "\s-1NODE\s0 \s-1SPECIFIC\s0 \s-1SETTINGS\s0" |
364 | .IX Subsection "NODE SPECIFIC SETTINGS" |
400 | .IX Subsection "NODE SPECIFIC SETTINGS" |
365 | The following settings are node\-specific, that is, every node can have |
401 | The following settings are node\-specific, that is, every node can have |
366 | different settings, even within the same vped instance. Settings that are |
402 | different settings, even within the same vped instance. Settings that are |
367 | executed before the first node section set the defaults, settings that are |
403 | executed before the first node section set the defaults, settings that are |
368 | executed within a node section only apply to the given node. |
404 | executed within a node section only apply to the given node. |
369 | .IP "udp-port = port-number" 4 |
405 | .IP "udp-port = port-number" 4 |
370 | .IX Item "udp-port = port-number" |
406 | .IX Item "udp-port = port-number" |
371 | Sets the port number used by the \s-1UDP\s0 protocol (default: \f(CW407\fR, not |
407 | Sets the port number used by the \s-1UDP\s0 protocol (default: \f(CW407\fR, not |
372 | officially assigned by \s-1IANA\s0!). |
408 | officially assigned by \s-1IANA\s0!). |
|
|
409 | .IP "tcp-port = port-number" 4 |
|
|
410 | .IX Item "tcp-port = port-number" |
|
|
411 | Similar to \f(CW\*(C`udp\-port\*(C'\fR (default: \f(CW407\fR), but sets the \s-1TCP\s0 port number. |
|
|
412 | .IP "enable-rawip = yes|true|on | no|false|off" 4 |
|
|
413 | .IX Item "enable-rawip = yes|true|on | no|false|off" |
|
|
414 | Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol |
|
|
415 | (default: \f(CW\*(C`no\*(C'\fR). This is the best choice, since the overhead per packet |
|
|
416 | is only 38 bytes, as opposed to \s-1UDP\s0's 58 (or \s-1TCP\s0's 60+). |
|
|
417 | .IP "enable-udp = yes|true|on | no|false|off" 4 |
|
|
418 | .IX Item "enable-udp = yes|true|on | no|false|off" |
|
|
419 | Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port |
|
|
420 | (default: \f(CW\*(C`yes\*(C'\fR). This is a good general choice since \s-1UDP\s0 tunnels well |
|
|
421 | through many firewalls. |
|
|
422 | .IP "enable-tcp = yes|true|on | no|false|off" 4 |
|
|
423 | .IX Item "enable-tcp = yes|true|on | no|false|off" |
|
|
424 | Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port |
|
|
425 | (default: \f(CW\*(C`no\*(C'\fR). Support for this horribly unsuitable protocol is only |
|
|
426 | available when vpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option. Never |
|
|
427 | use this transport unless you really must, it is horribly ineffiecent and |
|
|
428 | resource-intensive compared to the other transports. |
373 | .IP "router-priority = positive-number" 4 |
429 | .IP "router-priority = positive-number" 4 |
374 | .IX Item "router-priority = positive-number" |
430 | .IX Item "router-priority = positive-number" |
375 | Sets the router priority of the given host (default: \f(CW0\fR, disabled). If |
431 | Sets the router priority of the given host (default: \f(CW0\fR, disabled). If |
376 | some host tries to connect to another host without a hostname, it asks |
432 | some host tries to connect to another host without a hostname, it asks |
377 | the router host for it's \s-1IP\s0 address. The router host is the one with the |
433 | the router host for it's \s-1IP\s0 address. The router host is the one with the |