X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.texi;h=abbfeb31daf9dcb959fcb82334ccbf79de808574;hp=ca399d5b2640be227d008d2dadadfeff045a5cae;hb=ab90fa9bd1a653a330be7ef11293000721a0e7b4;hpb=f0aa9641e82fb6e09c1e485366d14dddaa7f7c36 diff --git a/doc/tinc.texi b/doc/tinc.texi index ca399d5b..abbfeb31 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -1,5 +1,5 @@ \input texinfo @c -*-texinfo-*- -@c $Id: tinc.texi,v 1.8.4.19 2002/02/10 21:57:51 guus Exp $ +@c $Id: tinc.texi,v 1.8.4.23 2002/03/01 14:25:10 guus Exp $ @c %**start of header @setfilename tinc.info @settitle tinc Manual @@ -18,7 +18,7 @@ Copyright @copyright{} 1998-2002 Ivo Timmermans , Guus Sliepen and Wessel Dankers . -$Id: tinc.texi,v 1.8.4.19 2002/02/10 21:57:51 guus Exp $ +$Id: tinc.texi,v 1.8.4.23 2002/03/01 14:25:10 guus Exp $ Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are @@ -43,7 +43,7 @@ Copyright @copyright{} 1998-2002 Ivo Timmermans , Guus Sliepen and Wessel Dankers . -$Id: tinc.texi,v 1.8.4.19 2002/02/10 21:57:51 guus Exp $ +$Id: tinc.texi,v 1.8.4.23 2002/03/01 14:25:10 guus Exp $ Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are @@ -736,8 +736,18 @@ required directives are given in @strong{bold}. @subsection Main configuration variables @table @asis +@cindex AddressFamily +@item AddressFamily = (ipv4) [experimental] +This option affects the address family of listening and outgoing sockets. +If "any" is selected, then depending on the operating system +both IPv4 and IPv6 or just IPv6 listening sockets will be created. + +Mixing IPv4 and IPv6 may not work as desired. +It's best to choose one address family +and use that for all tinc daemons on the VPN. + @cindex BindToInterface -@item BindToInterface = +@item BindToInterface = [experimental] If you have more than one network interface in your computer, tinc will by default listen on all of them for incoming connections. It is possible to bind tinc to a single interface like eth0 or ppp0 with this @@ -746,7 +756,7 @@ variable. This option may not work on all platforms. @cindex BindToIP -@item BindToIP =
+@item BindToIP =
[experimental] If your computer has more than one IP address on a single interface (for example if you are running virtual hosts), tinc will by default listen on all of them for incoming connections. It is possible to bind tinc to @@ -803,13 +813,15 @@ Only unicast packets of routable protocols (IPv4 and IPv6) are supported in this @cindex switch @item switch In this mode the MAC addresses of the packets on the VPN will be used to -dynamically create a routing table just like a network switch does. -Unicast, multicast and broadcast packets of every ethernet protocol are supported in this mode +dynamically create a routing table just like an Ethernet switch does. +Unicast, multicast and broadcast packets of every protocol that runs over Ethernet are supported in this mode at the cost of frequent broadcast ARP requests and routing table updates. @cindex hub @item hub -In this mode every packet will be broadcast to the other daemons. +This mode is almost the same as the switch mode, but instead +every packet will be broadcast to the other daemons +while no routing table is managed. @end table @cindex KeyExpire @@ -819,6 +831,11 @@ are valid. It is common practice to change keys at regular intervals to make it even harder for crackers, even though it is thought to be nearly impossible to crack a single key. +@cindex MACExpire +@item MACExpire = (600) +This option controls the amount of time MAC addresses are kept before they are removed. +This only has effect when Mode is set to "switch". + @cindex Name @item @strong{Name = } This is a symbolic name for this connection. It can be anything @@ -830,6 +847,11 @@ probe to the other end. If that other end doesn't answer within that same amount of seconds, the connection is terminated, and the others will be notified of this. +@cindex PriorityInheritance +@item PriorityInheritance = (no) [experimental] +When this option is enabled the value of the TOS field of tunneled IPv4 packets +will be inherited by the UDP packets that are sent out. + @cindex PrivateKey @item PrivateKey = [obsolete] This is the RSA private key for tinc. However, for safety reasons it is @@ -865,6 +887,11 @@ not the one that is internal to the VPN. The symmetric cipher algorithm used to encrypt UDP packets. Any cipher supported by OpenSSL is recognized. +@cindex Compression +@item Compression = (0) +This option sets the level of compression used for UDP packets. +Possible values are 0 (off), 1 (fast) and any integer up to 9 (best). + @cindex Digest @item Digest = (sha1) The digest algorithm used to authenticate UDP packets.