There are two caveats to be aware of which are documented in this
commit:
- Because the system will likely assign different ports when binding
several times to different address families, it is recommended to
only use a single address family, otherwise other nodes will only
get one port among the several that were assigned, possibly breaking
communication.
- AutoConnect won't work in this scenario, because it relies on the UDP
port being the same as the TCP port, which is not the case when using
system-assigned ports.
without requiring
.Va ConnectTo
variables.
without requiring
.Va ConnectTo
variables.
+.Pp
+Note: it is not possible to connect to nodes using zero (system-assigned) ports in this way.
.It Va BindToAddress Li = Ar address Op Ar port
This is the same as
.Va ListenAddress ,
.It Va BindToAddress Li = Ar address Op Ar port
This is the same as
.Va ListenAddress ,
.Li *
for the
.Ar address .
.Li *
for the
.Ar address .
+.Pp
+If
+.Ar port
+is set to zero, it will be randomly assigned by the system. This is useful to randomize source ports of UDP packets, which can improve UDP hole punching reliability. In this case it is recommended to set
+.Va AddressFamily
+as well, otherwise
+.Nm tinc
+will assign different ports to different address families but other nodes can only know of one.
.It Va LocalDiscovery Li = yes | no Pq yes
When enabled,
.Nm tinc
.It Va LocalDiscovery Li = yes | no Pq yes
When enabled,
.Nm tinc
which is used if no port number is specified in an
.Va Address
statement.
which is used if no port number is specified in an
.Va Address
statement.
+.Pp
+If this is set to zero, the port will be randomly assigned by the system. This is useful to randomize source ports of UDP packets, which can improve UDP hole punching reliability. When setting
+.Va Port
+to zero it is recommended to set
+.Va AddressFamily
+as well, otherwise
+.Nm tinc
+will assign different ports to different address families but other nodes can only know of one.
.It Va PublicKey Li = Ar key Bq obsolete
The public RSA key of this tinc daemon.
It will be used to cryptographically verify it's identity and to set up a secure connection.
.It Va PublicKey Li = Ar key Bq obsolete
The public RSA key of this tinc daemon.
It will be used to cryptographically verify it's identity and to set up a secure connection.