[<servername> - <client>]
[<client>]
- [<servername>] usually [SERVER]
- [DEFAULT]
+ [<servername>] often [SERVER]
+ [COMMON]
Keys are looked up in that order, unless otherwise specified.
<client> is the client's virtual address.
server
Specifies <servername>.
- Is looked up in [SERVER] and [DEFAULT] only.
+ Is looked up in [SERVER] and [COMMON] only.
If not specified there, it is SERVER.
Used by server to select the appropriate parts of the
rest of the configuration. Ignored by the client.
- password
+ secret
Looked up in the usual way, but used by client and server to
determine which possible peerings to try to set up, and which to
ignore.
(LIMIT sections do not count.)
The server queue packets for, and accept requests from, each
- putative client for which the config search yields a password.
+ putative client for which the config search yields a secret.
Each client will create a local interface, and try to communicate
with the server, for each possible pair (putative server,
- putative client) for which the config search yields a password.
+ putative client) for which the config search yields a secret.
ipif
Command to run to create and communicate with local network
interface. Passed to sh -c. Must speak SLIP on stdin/stdout.
The following additional interpolations aare substituted:
- %(local)s %(peer)s %(rnet)s
- on server <vaddr> <vrelay> <vnetwork>
- on client <client> <vaddr> <vroutes>
+ %(local)s %(peer)s %(rnet)s %(ifname)s
+ on server <vaddr> <vrelay> <vnetwork> <ifname_server>
+ on client <client> <vaddr> <vroutes> <ifname_client>
["userv root ipif %(local)s,%(peer)s,%(mtu)s,slip %(rnets)s"]
On server: applies to all clients; not looked up in
Capped settings:
Values in [<server> LIMIT] and [LIMIT] are a cap (maximum) on
- those from the other sections (including DEFAULT).
+ those from the other sections (including COMMON).
max_batch_down
Size limit for response payloads (used by server only)
On client: used only to construct default url.
mtu
- Must match exactly. (checked) [1500 bytes]
+ Must match exactly. (UNCHECKED) [1500 bytes]
+
+ ifname_server
+ Virtual interface name on the server. [shippo%d]
+ ifname_client
+ Virtual interface name on the client. [hippo%d]
+ Any %d is interpolated (by the kernel).
+
+Ordinary settings, used by server only:
+
+ max_clock_skew
+ Permissible clock skew between client and server.
+ hippotat will not work if clock skew is more than this.
+ Conversely: when moving client from one public network to
+ another, the first network can deny service to the client for
+ this period after the client leaves the first network.
+ [300s]
Ordinary settings, used by client only: