.Dd 2002-04-09
.Dt TINC.CONF 5
.\" Manual page created by:
-.\" Ivo Timmermans <ivo@o2w.nl>
-.\" Guus Sliepen <guus@sliepen.eu.org>
+.\" Ivo Timmermans
+.\" Guus Sliepen <guus@tinc-vpn.org>
.Sh NAME
.Nm tinc.conf
.Nd tinc daemon configuration
.It Va Name Li = Ar name Bq required
This is the name which identifies this tinc daemon.
It must be unique for the virtual private network this daemon will connect to.
-.It Va PingTimeout Li = Ar seconds Pq 60
+.It Va PingInterval Li = Ar seconds Pq 60
The number of seconds of inactivity that
.Nm tinc
will wait before sending a probe to the other end.
-If that other end doesn't answer within that same amount of time,
+.It Va PingTimeout Li = Ar seconds Pq 5
+The number of seconds to wait for a response to pings or to allow meta
+connections to block. If the other end doesn't respond within this time,
the connection is terminated,
and the others will be notified of this.
.It Va PriorityInheritance Li = yes | no Po no Pc Bq experimental
or
.Va PrivateKeyFile
specified in the configuration file.
+.It Va TunnelServer Li = yes | no Po no Pc Bq experimental
+When this option is enabled tinc will no longer forward information between other tinc daemons,
+and will only allow nodes and subnets on the VPN which are present in the
+.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/
+directory.
.El
.Sh HOST CONFIGURATION FILES
The host configuration files contain all information needed
.Bl -tag -width indent
.It Va Address Li = Ar address Bq recommended
The IP address or hostname of this tinc daemon on the real network.
-This wil only be used when trying to make an outgoing connection to this tinc daemon.
+This will only be used when trying to make an outgoing connection to this tinc daemon.
Multiple
.Va Address
variables can be specified, in which case each address will be tried until a working
Can be anything from
.Qq 0
up to the length of the digest produced by the digest algorithm.
+.It Va PMTU Li = Ar mtu Po 1514 Pc Bq experimental
+This option controls the initial path MTU to this node.
+.It Va PMTUDiscovery Li = yes | no Po no Pc Bq experimental
+When this option is enabled, tinc will try to discover the path MTU to this node.
+After the path MTU has been discovered, it will be enforced on the VPN.
.It Va Port Li = Ar port Pq 655
The port number on which this tinc daemon is listening for incoming connections.
.It Va PublicKey Li = Ar key Bq obsolete
This script is started when the tinc daemon with name
.Ar HOST
becomes unreachable.
+.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /host-up
+This script is started when any host becomes reachable.
+.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /host-down
+This script is started when any host becomes unreachable.
+.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /subnet-up
+This script is started when a Subnet becomes reachable.
+The Subnet and the node it belongs to are passed in environment variables.
+.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /subnet-down
+This script is started when a Subnet becomes unreachable.
.El
.Pp
The scripts are started without command line arguments, but can make use of certain environment variables.
.Pa ifconfig .
.It Ev NODE
When a host becomes (un)reachable, this is set to its name.
+If a subnet becomes (un)reachable, this is set to the owner of that subnet.
.It Ev REMOTEADDRESS
When a host becomes (un)reachable, this is set to its real address.
.It Ev REMOTEPORT
When a host becomes (un)reachable, this is set to the port number it uses for communication with other tinc daemons.
+.It Ev SUBNET
+When a subnet becomes (un)reachable, this is set to the subnet.
.El
.Sh FILES
The most important files are:
.El
.Sh SEE ALSO
.Xr tincd 8 ,
-.Pa http://tinc.nl.linux.org/ ,
+.Pa http://www.tinc-vpn.org/ ,
.Pa http://www.linuxdoc.org/LDP/nag2/ .
.Pp
The full documentation for