Allow port to be specified in Address statements.

[oweals/tinc.git] / doc / tinc.texi

diff --git a/doc/tinc.texi b/doc/tinc.texi
index 5cd4a4004466473ee7b6a648cbe52a16d4d4575a..35658188494a6b048dda3459a3c4e204389cbee8 100644 (file)
--- a/doc/tinc.texi
+++ b/doc/tinc.texi
@@ -1,5 +1,4 @@
 \input texinfo   @c -*-texinfo-*-
-@c $Id$
 @c %**start of header
 @setfilename tinc.info
 @settitle tinc Manual
@@ -20,8 +19,6 @@ Copyright @copyright{} 1998-2009 Ivo Timmermans,
 Guus Sliepen <guus@@tinc-vpn.org> and
 Wessel Dankers <wsl@@tinc-vpn.org>.
 
-$Id$
-
 Permission is granted to make and distribute verbatim copies of this
 manual provided the copyright notice and this permission notice are
 preserved on all copies.
@@ -40,15 +37,12 @@ permission notice identical to this one.
 
 @page
 @vskip 0pt plus 1filll
-@cindex copyright
 This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
 
 Copyright @copyright{} 1998-2009 Ivo Timmermans,
 Guus Sliepen <guus@@tinc-vpn.org> and
 Wessel Dankers <wsl@@tinc-vpn.org>.
 
-$Id$
-
 Permission is granted to make and distribute verbatim copies of this
 manual provided the copyright notice and this permission notice are
 preserved on all copies.
@@ -60,7 +54,7 @@ permission notice identical to this one.
 
 @end titlepage
 
-@ifinfo
+@ifnottex
 @c ==================================================================
 @node Top
 @top Top
@@ -76,7 +70,7 @@ permission notice identical to this one.
 * About us::
 * Concept Index::               All used terms explained
 @end menu
-@end ifinfo
+@end ifnottex
 
 @c ==================================================================
 @node    Introduction
@@ -949,10 +943,11 @@ and will only allow nodes and subnets on the VPN which are present in the
 
 @table @asis
 @cindex Address
-@item Address = <@var{IP address}|@var{hostname}> [recommended]
+@item Address = <@var{IP address}|@var{hostname}> [<port>] [recommended]
 This variable is only required if you want to connect to this host.  It
 must resolve to the external IP address where the host can be reached,
 not the one that is internal to the VPN.
+If no port is specified, the default Port is used.
 
 @cindex Cipher
 @item Cipher = <@var{cipher}> (blowfish)
@@ -1044,6 +1039,7 @@ example: netmask 255.255.255.0 would become /24, 255.255.252.0 becomes
 /22. This conforms to standard CIDR notation as described in
 @uref{ftp://ftp.isi.edu/in-notes/rfc1519.txt, RFC1519}
 
+@cindex Subnet weight
 A Subnet can be given a weight to indicate its priority over identical Subnets
 owned by different nodes. The default weight is 10. Lower values indicate
 higher priority. Packets will be sent to the node with the highest priority,
@@ -1051,12 +1047,15 @@ unless that node is not reachable, in which case the node with the next highest
 priority will be tried, and so on.
 
 @cindex TCPonly
-@item TCPonly = <yes|no> (no)
+@item TCPonly = <yes|no> (no) [deprecated]
 If this variable is set to yes, then the packets are tunnelled over a
 TCP connection instead of a UDP connection.  This is especially useful
 for those who want to run a tinc daemon from behind a masquerading
 firewall, or if UDP packet routing is disabled somehow.
 Setting this options also implicitly sets IndirectData.
+
+Since version 1.0.10, tinc will automatically detect whether communication via
+UDP is possible or not.
 @end table
 
 
@@ -1145,6 +1144,10 @@ this is set to the port number it uses for communication with other tinc daemons
 @item SUBNET
 When a subnet becomes (un)reachable, this is set to the subnet.
 
+@cindex WEIGHT
+@item WEIGHT
+When a subnet becomes (un)reachable, this is set to the subnet weight.
+
 @end table
 
 
@@ -1497,7 +1500,7 @@ Use configuration for net @var{netname}. @xref{Multiple networks}.
 
 @item -K, --generate-keys[=@var{bits}]
 Generate public/private keypair of @var{bits} length. If @var{bits} is not specified,
-1024 is the default. tinc will ask where you want to store the files,
+2048 is the default. tinc will ask where you want to store the files,
 but will default to the configuration directory (you can use the -c or -n option
 in combination with -K). After that, tinc will quit.
 
@@ -1639,7 +1642,7 @@ Do you have a firewall or a NAT device (a masquerading firewall or perhaps an AD
 If so, check that it allows TCP and UDP traffic on port 655.
 If it masquerades and the host running tinc is behind it, make sure that it forwards TCP and UDP traffic to port 655 to the host running tinc.
 You can add @samp{TCPOnly = yes} to your host config file to force tinc to only use a single TCP connection,
-this works through most firewalls and NATs.
+this works through most firewalls and NATs. Since version 1.0.10, tinc will automatically fall back to TCP if direct communication via UDP is not possible.
 
 @end itemize
 
@@ -1738,8 +1741,6 @@ or if that is not the case, try changing the prefix length into /32.
 
 @itemize
 @item If you see this only sporadically, it is harmless and caused by a node sending packets using an old key.
-@item If you see this often and another node is not reachable anymore, then a NAT (masquerading firewall) is changing the source address of UDP packets.
-You can add @samp{TCPOnly = yes} to host configuration files to force all VPN traffic to go over a TCP connection.
 @end itemize
 
 @item Got bad/bogus/unauthorized REQUEST from foo (1.2.3.4 port 12345)
@@ -2363,7 +2364,7 @@ and join channel #tinc.
 @section Authors
 
 @table @asis
-@item Ivo Timmermans (zarq) (@email{ivo@@tinc-vpn.org})
+@item Ivo Timmermans (zarq)
 @item Guus Sliepen (guus) (@email{guus@@tinc-vpn.org})
 @end table