If the IndirectData option is also set, broadcast packets will only be sent to nodes which we have a meta connection to.
@end table
+@cindex BroadcastSubnet
+@item BroadcastSubnet = @var{address}[/@var{prefixlength}]
+Declares a broadcast subnet.
+Any packet with a destination address falling into such a subnet will be routed as a broadcast
+(provided all nodes have it declared).
+This is most useful to declare subnet broadcast addresses (e.g. 10.42.255.255),
+otherwise tinc won't know what to do with them.
+
+Note that global broadcast addresses (MAC ff:ff:ff:ff:ff:ff, IPv4 255.255.255.255),
+as well as multicast space (IPv4 224.0.0.0/4, IPv6 ff00::/8)
+are always considered broadcast addresses and don't need to be declared.
+
@cindex ConnectTo
@item ConnectTo = <@var{name}>
Specifies which other tinc daemon to connect to on startup.
Note that you can only use one device per daemon.
See also @ref{Device files}.
+@cindex DeviceStandby
+@item DeviceStandby = <yes | no> (no)
+When disabled, tinc calls @file{tinc-up} on startup, and @file{tinc-down} on shutdown.
+When enabled, tinc will only call @file{tinc-up} when at least one node is reachable,
+and will call @file{tinc-down} as soon as no nodes are reachable.
+On Windows, this also determines when the virtual network interface "cable" is "plugged".
+
@cindex DeviceType
@item DeviceType = <@var{type}> (platform dependent)
The type of the virtual network device.
and they only ConnectTo a third node outside the NAT,
which normally would prevent the peers from learning each other's LAN address.
-Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
-This feature may not work in all possible situations.
+Currently, local discovery is implemented by sending some packets to the local address of the node during UDP discovery.
+This will not work with old nodes that don't transmit their local address.
@cindex LocalDiscoveryAddress
@item LocalDiscoveryAddress <@var{address}>
@file{@value{sysconfdir}/tinc/@var{netname}/hosts/} directory.
Setting this options also implicitly sets StrictSubnets.
+@cindex UDPDiscovey
+@item UDPDiscovery = <yes|no> (yes)
+When this option is enabled tinc will try to establish UDP connectivity to nodes,
+using TCP while it determines if a node is reachable over UDP. If it is disabled,
+tinc always assumes a node is reachable over UDP.
+Note that tinc will never use UDP with nodes that have TCPOnly enabled.
+
+@cindex UDPDiscoveryKeepaliveInterval
+@item UDPDiscoveryKeepaliveInterval = <seconds> (9)
+The minimum amount of time between sending UDP ping datagrams to check UDP connectivity once it has been established.
+Note that these pings are large, since they are used to verify link MTU as well.
+
+@cindex UDPDiscoveryInterval
+@item UDPDiscoveryInterval = <seconds> (2)
+The minimum amount of time between sending UDP ping datagrams to try to establish UDP connectivity.
+
+@cindex UDPDiscoveryTimeout
+@item UDPDiscoveryTimeout = <seconds> (30)
+If tinc doesn't receive any UDP ping replies over the specified interval,
+it will assume UDP communication is broken and will fall back to TCP.
+
@cindex UDPRcvBuf
@item UDPRcvBuf = <bytes> (OS default)
Sets the socket receive buffer size for the UDP socket, in bytes.
If unspecified, the default is
@file{@value{localstatedir}/run/tinc.@var{netname}.pid}.
+@item --force
+Force some commands to work despite warnings.
+
@item --help
Display a short reminder of runtime options and commands, then terminate.
@cindex add
@item add @var{variable} @var{value}
As above, but without removing any previously existing configuration variables.
+If the variable already exists with the given value, nothing happens.
@cindex del
@item del @var{variable} [@var{value}]
Export all host configuration files to standard output.
@cindex import
-@item import [--force]
+@item import
Import host configuration file(s) generated by the tinc export command from standard input.
Already existing host configuration files are not overwritten unless the option --force is used.
@cindex exchange
-@item exchange [--force]
+@item exchange
The same as export followed by import.
@cindex exchange-all
-@item exchange-all [--force]
+@item exchange-all
The same as export-all followed by import.
@cindex invite
from where it can be redirected to a file or piped through a program that can parse it directly,
such as tcpdump.
-@cindex network [@var{netname}]
-@item network
+@cindex network
+@item network [@var{netname}]
If @var{netname} is given, switch to that network.
Otherwise, display a list of all networks for which configuration files exist.
+@cindex fsck
+@item fsck
+This will check the configuration files for possible problems,
+such as unsafe file permissions, missing executable bit on script,
+unknown and obsolete configuration variables, wrong public and/or private keys, and so on.
+
+When problems are found, this will be printed on a line with WARNING or ERROR in front of it.
+Most problems must be corrected by the user itself, however in some cases (like file permissions and missing public keys),
+tinc will ask if it should fix the problem.
+
@end table
@c ==================================================================
projects / tinc / blobdiff