Commit | Line | Data |
---|---|---|
abb06ac1 IJ |
1 | -*- Fundamental -*- |
2 | ||
3 | Sections | |
4 | ||
c7fb640e | 5 | [<servername> - <client>] |
9e445690 IJ |
6 | [<client>] |
7 | [<servername>] usually [SERVER] | |
abb06ac1 IJ |
8 | [DEFAULT] |
9 | ||
c7fb640e | 10 | Keys are looked up in that order, unless otherwise specified. |
9e445690 | 11 | <client> is the client's virtual address. |
c7fb640e | 12 | <servername> must be a valid DNS hostname and not look like an address. |
abb06ac1 IJ |
13 | |
14 | Exceptional settings: | |
15 | ||
16 | server | |
abb06ac1 IJ |
17 | Specifies <servername>. |
18 | Is looked up in [SERVER] and [DEFAULT] only. | |
19 | If not specified there, it is SERVER. | |
20 | ||
9e445690 IJ |
21 | Used by server to select the appropriate parts of the |
22 | rest of the configuration. Ignored by the client. | |
23 | ||
abb06ac1 | 24 | password |
9e445690 IJ |
25 | Looked up in the usual way, but used by client and server to |
26 | determine which possible peerings to try to set up, and which to | |
27 | ignore. | |
abb06ac1 | 28 | |
9e445690 IJ |
29 | We define the sets of putative clients and servers, as follows: |
30 | all those, for which there is any section (even an empty one) | |
31 | whose name is based on <client> or <servername> (as applicable). | |
c7fb640e | 32 | (LIMIT sections do not count.) |
abb06ac1 | 33 | |
9e445690 IJ |
34 | The server queue packets for, and accept requests from, each |
35 | putative client for which the config search yields a password. | |
abb06ac1 | 36 | |
9e445690 IJ |
37 | Each client will create a local interface, and try to communicate |
38 | with the server, for each possible pair (putative server, | |
39 | putative client) for which the config search yields a password. | |
abb06ac1 | 40 | |
c7fb640e IJ |
41 | ipif |
42 | Command to run to create and communicate with local network | |
43 | interface. Passed to sh -c. Must speak SLIP on stdin/stdout. | |
44 | The following additional interpolations aare substituted: | |
45 | %(local)s %(peer)s %(rnet)s | |
46 | on server <vaddr> <vrelay> <vnetwork> | |
47 | on client <client> <vaddr> <vroutes> | |
48 | ["userv root ipif %(local)s,%(peer)s,%(mtu)s,slip %(rnets)s"] | |
49 | ||
50 | On server: applies to all clients; not looked up in | |
51 | client-specific sections. | |
52 | On client: may be different for different servers. | |
53 | ||
abb06ac1 IJ |
54 | Capped settings: |
55 | ||
c7fb640e IJ |
56 | Values in [<server> LIMIT] and [LIMIT] are a cap (maximum) on |
57 | those from the other sections (including DEFAULT). | |
abb06ac1 IJ |
58 | |
59 | max_batch_down | |
c7fb640e IJ |
60 | Size limit for response payloads (used by server only) |
61 | [65536 bytes; LIMIT: 262144 bytes] | |
abb06ac1 IJ |
62 | |
63 | max_queue_time | |
f754eec4 IJ |
64 | Discard packets after they have been queued this long waiting |
65 | for http. | |
66 | On server: setting applies to downward packets, and is capped | |
67 | by LIMIT values. | |
68 | On client: setting applies to upward packets, and is | |
69 | not affected by LIMIT values. | |
c7fb640e | 70 | [10 s; LIMIT: 121 s] |
abb06ac1 IJ |
71 | |
72 | http_timeout | |
c7fb640e | 73 | On server: return with empty payload any http request oustanding |
abb06ac1 | 74 | for this long |
c7fb640e | 75 | On client: give up on any http request outstanding for |
abb06ac1 IJ |
76 | for this long plus http_timeout_grace |
77 | Client's effective timeout must be at least server's (checked). | |
c7fb640e | 78 | [30 s; LIMIT: 121] |
abb06ac1 IJ |
79 | |
80 | target_requests_outstanding | |
c7fb640e | 81 | On server: whenever number of outstanding requests for |
abb06ac1 | 82 | a client exceeds this, return oldest with empty payload |
c7fb640e IJ |
83 | On client: try to keep this many requests outstanding. |
84 | Must match between client and server (checked). | |
85 | [3; LIMIT: 10] | |
abb06ac1 | 86 | |
c7fb640e | 87 | Ordinary settings, used by both, not client-specific: |
abb06ac1 | 88 | |
c7fb640e | 89 | These are not looked up in the client-specific config sections. |
abb06ac1 IJ |
90 | |
91 | addrs | |
92 | Public IP (v4 or v6) address(es) of the server; | |
93 | space-separated. | |
c7fb640e IJ |
94 | On server: mandatory; used for bind. No default. |
95 | On client: used only to construct default url. | |
abb06ac1 IJ |
96 | |
97 | vnetwork | |
98 | Private network range (<prefix>/<length>). Must contain all | |
99 | <client>s. Must contain <vaddr> and <vrelay>, and used | |
100 | to compute their defaults. [172.24.230.192/28] | |
101 | ||
102 | vaddr | |
103 | Address of server's virtual interface. | |
104 | ||
105 | vrelay | |
106 | Virtual point-to-point address used for tunnel routing | |
107 | (does not appear in packets). | |
108 | [first host entry in <vnetwork> other than <vaddr>, | |
109 | so 172.24.230.194] | |
110 | ||
111 | port | |
112 | Public port number of the server. [80] | |
c7fb640e IJ |
113 | On server: used for bind. |
114 | On client: used only to construct default url. | |
abb06ac1 IJ |
115 | |
116 | mtu | |
74934d63 | 117 | Must match exactly. (UNCHECKED) [1500 bytes] |
abb06ac1 IJ |
118 | |
119 | Ordinary settings, used by client only: | |
120 | ||
121 | http_timeout_grace | |
122 | See http_timeout. [5 s] | |
123 | ||
124 | max_requests_outstanding | |
125 | Client will hold off sending more requests than this to | |
126 | server even if it has data to send. [6] | |
127 | ||
128 | max_batch_up | |
129 | Size limit for request payloads. [4000 bytes] | |
130 | ||
131 | http_retry | |
132 | If a request fails, wait this long before considering it | |
133 | "finished" - to limit rate of futile requests. [5 s] | |
134 | ||
135 | url | |
136 | Public url of server. | |
137 | [http://<first-entry-in-addrs>:<port>/] | |
138 | ||
139 | vroutes | |
140 | Virtual addresses (in CIDR syntax) to be found at the server | |
141 | end, space-separated. Routes to those will be created on | |
142 | the client. [""] |