From 086e4ca46e5bff8f495ce4bd507f23e7091cff5f Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Sun, 6 Oct 2013 15:32:55 +0200 Subject: [PATCH] Add description of IffOneQueue and MaxTimeout to the info manual. --- doc/tinc.texi | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/doc/tinc.texi b/doc/tinc.texi index 64c5706..b012cd9 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -950,6 +950,10 @@ it does a lookup if your DNS server is not responding. This does not affect resolving hostnames to IP addresses from the configuration file, but whether hostnames should be resolved while logging. +@cindex IffOneQueue +@item IffOneQueue = (no) [experimental] +(Linux only) Set IFF_ONE_QUEUE flag on TUN/TAP devices. + @cindex Interface @item Interface = <@var{interface}> Defines the name of the interface corresponding to the virtual network device. @@ -957,6 +961,13 @@ Depending on the operating system and the type of device this may or may not act Under Windows, this variable is used to select which network interface will be used. If you specified a Device, this variable is almost always already correctly set. +@cindex KeyExpire +@item KeyExpire = <@var{seconds}> (3600) +This option controls the time the encryption keys used to encrypt the data +are valid. It is common practice to change keys at regular intervals to +make it even harder for crackers, even though it is thought to be nearly +impossible to crack a single key. + @cindex LocalDiscovery @item LocalDiscovery = (no) [experimental] When enabled, tinc will try to detect peers that are on the same local network. @@ -967,6 +978,15 @@ which normally would prevent the peers from learning each other's LAN address. Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery. This feature may not work in all possible situations. +@cindex MACExpire +@item MACExpire = <@var{seconds}> (600) +This option controls the amount of time MAC addresses are kept before they are removed. +This only has effect when Mode is set to "switch". + +@cindex MaxTimeout +@item MaxTimeout = <@var{seconds}> (900) +This is the maximum delay before trying to reconnect to other tinc daemons. + @cindex Mode @item Mode = (router) This option selects the way packets are routed to other daemons. @@ -996,18 +1016,6 @@ every packet will be broadcast to the other daemons while no routing table is managed. @end table -@cindex KeyExpire -@item KeyExpire = <@var{seconds}> (3600) -This option controls the time the encryption keys used to encrypt the data -are valid. It is common practice to change keys at regular intervals to -make it even harder for crackers, even though it is thought to be nearly -impossible to crack a single key. - -@cindex MACExpire -@item MACExpire = <@var{seconds}> (600) -This option controls the amount of time MAC addresses are kept before they are removed. -This only has effect when Mode is set to "switch". - @cindex Name @item Name = <@var{name}> [required] This is a symbolic name for this connection. @@ -1089,7 +1097,6 @@ reordering. Setting this to zero will disable replay tracking completely and pass all traffic, but leaves tinc vulnerable to replay-based attacks on your traffic. - @cindex StrictSubnets @item StrictSubnets = (no) [experimental] When this option is enabled tinc will only use Subnet statements which are -- 2.25.1