Sections
- [<servername> <client>]
+ [<servername> - <client>]
[<client>]
[<servername>] often [SERVER]
[COMMON]
Keys are looked up in that order, unless otherwise specified.
<client> is the client's virtual address.
-<servername> must be a valid lowercase DNS hostname and not look like
-an address, or be COMMON, DEFAULT or SERVER.
-
-There are also:
-
- [<servername> LIMIT]
- [LIMIT]
-
-Things not in a section are an error.
-
-
-Both client and server read the files
- /etc/hippotat/main.cfg
- /etc/hippotat/config.d/*
- /etc/hippotat/secrets.d/*
-and in each case if it's a directory, all contained files whose
-names consists of only ascii alphanumerics plus '-' and '_'.
-
-The ini file format sections from these files are all unioned.
-Later files (in the list above, or alphabetically later) can
-override settings from earlier ones.
-
-Note that although it is conventional for information for a particular
-server or client to be in a file named after that endpoint, there is
-no semantic link: all the files are always read and the appropriate
-section from each is applied to every endpoint.
-
-(If main.cfg does not exist, master.cfg will be tried for backward
-compatibility reasons.)
-
+<servername> must be a valid DNS hostname and not look like an address.
Exceptional settings:
ipif
Command to run to create and communicate with local network
interface. Passed to sh -c. Must speak SLIP on stdin/stdout.
- The following interpolations aare substituted:
- %{local} %{peer} %{rnets} %{ifname}
+ The following additional interpolations aare substituted:
+ %(local)s %(peer)s %(rnet)s %(ifname)s
on server <vaddr> <vrelay> <vnetwork> <ifname_server>
on client <client> <vaddr> <vroutes> <ifname_client>
- Plus %{mtu} and %% to indicate a literal %.
- (For compatibility with older hippotat, %(var)s is supported too
- but this is deprecated since the extra `s` is confusing.)
- ["userv root ipif %{local},%{peer},%{mtu},slip '%{rnets}'"]
+ ["userv root ipif %(local)s,%(peer)s,%(mtu)s,slip %(rnets)s"]
On server: applies to all clients; not looked up in
client-specific sections.
those from the other sections (including COMMON).
max_batch_down
- Size limit for response payloads.
- On client, incoming response bodies are limited to this plus
- a fixed constant metadata overhead of 10000 bytes.
- Server uses minim of client and server value (old servers
- just uses server's value).
+ Size limit for response payloads (used by server only)
[65536 bytes; LIMIT: 262144 bytes]
max_queue_time
Discard packets after they have been queued this long waiting
for http.
- On server: setting applies to downward packets.
- On client: setting applies to upward packets.
+ On server: setting applies to downward packets, and is capped
+ by LIMIT values.
+ On client: setting applies to upward packets, and is
+ not affected by LIMIT values.
[10 s; LIMIT: 121 s]
http_timeout
for this long
On client: give up on any http request outstanding for
for this long plus http_timeout_grace
- Warning messages about link problems, printed by the client,
- are rate limited to no more than one per effective timeout.
Client's effective timeout must be at least server's (checked).
- [30 s; LIMIT: 121s]
+ [30 s; LIMIT: 121]
target_requests_outstanding
On server: whenever number of outstanding requests for
vaddr
Address of server's virtual interface.
- [first host entry in <vnetwork>, so 172.24.230.193]
vrelay
Virtual point-to-point address used for tunnel routing
On client: used only to construct default url.
mtu
- Of virtual interface. Must match exactly at each end.
- (UNCHECKED) [1500 bytes]
+ Must match exactly. (UNCHECKED) [1500 bytes]
ifname_server
Virtual interface name on the server. [shippo%d]
max_batch_up
Size limit for request payloads. [4000 bytes]
- success_report_interval
- If nonzero, report success periodically. Otherwise just
- report it when we first have success. [3600 s]
-
http_retry
If a request fails, wait this long before considering it
"finished" - to limit rate of futile requests. [5 s]