X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.conf.5;h=40b688a821a061a4d0e6038a6b3274517f146dac;hp=7e7284b1cc9e68b17b6cf1250ff8a092b81c1d61;hb=63568bb6bca20b4d2b2068a6367084a273eabac8;hpb=627f7c22b447bd464b536cd016278545674df93d diff --git a/doc/tinc.conf.5 b/doc/tinc.conf.5 index 7e7284b1..40b688a8 100644 --- a/doc/tinc.conf.5 +++ b/doc/tinc.conf.5 @@ -100,12 +100,19 @@ If you leave it out, remember to replace it with at least one space character. Here are all valid variables, listed in alphabetical order. The default value is given between parentheses. .Bl -tag -width indent -.It Va AddressFamily Li = ipv4 | ipv6 | any Po ipv4 Pc Bq experimental +.It Va AddressFamily Li = ipv4 | ipv6 | any Pq any This option affects the address family of listening and outgoing sockets. If .Qq any is selected, then depending on the operating system both IPv4 and IPv6 or just IPv6 listening sockets will be created. +.It Va BindToAddress Li = Ar address Bq experimental +If your computer has more than one IPv4 or IPv6 address, +.Nm tinc +will by default listen on all of them for incoming connections. +It is possible to bind only to a single address with this variable. +.Pp +This option may not work on all platforms. .It Va BindToInterface Li = Ar interface Bq experimental If your computer has more than one network interface, .Nm tinc @@ -129,7 +136,7 @@ If you don't specify a host with .Nm tinc won't try to connect to other daemons at all, and will instead just listen for incoming connections. -.It Va Device Li = Ar device Po /dev/tap0 or /dev/misc/net/tun Pc +.It Va Device Li = Ar device Po /dev/tap0 or /dev/net/tun Pc The virtual network device to use. .Nm tinc will automatically detect what kind of device it is. @@ -146,8 +153,8 @@ This does not affect resolving hostnames to IP addresses from the host configuration files. .It Va Interface Li = Ar interface Defines the name of the interface corresponding to the virtual network device. -Depending on the operating system and the type of device this may or may not actually set the name. -Currently this option only affects the Linux tun/tap device. +Depending on the operating system and the type of device this may or may not actually set the name of the interface +or choose the device corresponding to this interface. .It Va KeyExpire Li = Ar period Pq 3600 This option controls the period the encryption keys used to encrypt the data are valid. It is common practice to change keys at regular intervals to make it even harder for crackers, @@ -168,11 +175,15 @@ In this mode .Va Subnet variables in the host configuration files will be used to form a routing table. Only unicast packets of routable protocols (IPv4 and IPv6) are supported in this mode. +.Pp +This is the default mode, and unless you really know you need another mode, don't change it. .It switch In this mode the MAC addresses of the packets on the VPN will be used to dynamically create a routing table just like an Ethernet switch does. Unicast, multicast and broadcast packets of every protocol that runs over Ethernet are supported in this mode at the cost of frequent broadcast ARP requests and routing table updates. +.Pp +This mode is primarily useful if you want to bridge Ethernet segments. .It hub This mode is almost the same as the switch mode, but instead every packet will be broadcast to the other daemons @@ -230,7 +241,8 @@ Furthermore, specifying will turn off packet encryption. .It Va Compression Li = Ar level Pq 0 This option sets the level of compression used for UDP packets. -Possible values are 0 (off), 1 (fast) and any integer up to 9 (best). +Possible values are 0 (off), 1 (fast zlib) and any integer up to 9 (best zlib), +10 (fast lzo) and 11 (best lzo). .It Va Digest Li = Ar digest Pq sha1 The digest algorithm used to authenticate UDP packets. Any digest supported by OpenSSL is recognised.