X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.conf.5.in;h=87106a0c7c87091184e580ea92a64c274a9004a7;hp=7257bfe025c163f4fbbed5fb7e296c253608a1f5;hb=f2aa7466e6db9777090583ef26d923fc0a4fcea8;hpb=9b579eb9ffdc1fd4a3d0cacb0728ec0796526bc5

diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in
index 7257bfe0..87106a0c 100644
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@@ -219,6 +219,11 @@ Note that there must be exactly one of
 or
 .Va PrivateKeyFile
 specified in the configuration file.
+.It Va TunnelServer Li = yes | no Po no Pc Bq experimental
+When this option is enabled tinc will no longer forward information between other tinc daemons,
+and will only allow nodes and subnets on the VPN which are present in the
+.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/
+directory.
 .El
 .Sh HOST CONFIGURATION FILES
 The host configuration files contain all information needed
@@ -246,6 +251,7 @@ Any cipher supported by OpenSSL is recognised.
 Furthermore, specifying
 .Qq none
 will turn off packet encryption.
+It is best to use only those ciphers which support CBC mode.
 .It Va Compression Li = Ar level Pq 0
 This option sets the level of compression used for UDP packets.
 Possible values are 0 (off), 1 (fast zlib) and any integer up to 9 (best zlib),
@@ -268,6 +274,11 @@ The length of the message authentication code used to authenticate UDP packets.
 Can be anything from
 .Qq 0
 up to the length of the digest produced by the digest algorithm.
+.It Va PMTU Li = Ar mtu Po 1514 Pc Bq experimental
+This option controls the initial path MTU to this node.
+.It Va PMTUDiscovery Li = yes | no Po no Pc Bq experimental
+When this option is enabled, tinc will try to discover the path MTU to this node.
+After the path MTU has been discovered, it will be enforced on the VPN.
 .It Va Port Li = Ar port Pq 655
 The port number on which this tinc daemon is listening for incoming connections.
 .It Va PublicKey Li = Ar key Bq obsolete
@@ -314,7 +325,7 @@ Setting this options also implicitly sets IndirectData.
 .Sh SCRIPTS
 Apart from reading the server and host configuration files,
 tinc can also run scripts at certain moments.
-On Windows (not Cygwin), the scripts should have the extension
+Under Windows (not Cygwin), the scripts should have the extension
 .Pa .bat .
 .Bl -tag -width indent
 .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-up