Sections
[<servername> - <clientaddr>]
- [<clientaddr>]
- [<servername>] usually [SERVER]
+ [<client>]
+ [<servername>] usually [SERVER]
[DEFAULT]
-Keys are looked up in that order. <servername> must not
-be a valid IPv4 or IPv6 address.
+Keys are looked up in that order.
+<client> is the client's virtual address.
+<servername> must not look like an address.
Exceptional settings:
server
-
Specifies <servername>.
Is looked up in [SERVER] and [DEFAULT] only.
If not specified there, it is SERVER.
+ Used by server to select the appropriate parts of the
+ rest of the configuration. Ignored by the client.
+
password
+ Looked up in the usual way, but used by client and server to
+ determine which possible peerings to try to set up, and which to
+ ignore.
- Looked up in the usual way, but used by client to
- determine its own <clientaddr>s.
+ We define the sets of putative clients and servers, as follows:
+ all those, for which there is any section (even an empty one)
+ whose name is based on <client> or <servername> (as applicable).
- The client will create a local interface, and try to communicate
- with the server, for Each (<servername>,<clientaddr>) pair for
- which the config search yields a password.
+ The server queue packets for, and accept requests from, each
+ putative client for which the config search yields a password.
- On the server: clients with no password are ignored.
+ Each client will create a local interface, and try to communicate
+ with the server, for each possible pair (putative server,
+ putative client) for which the config search yields a password.
Capped settings:
defcfg = '''
[DEFAULT]
-#[<client>] overrides
-max_batch_down = 65536 # used by server, subject to [limits]
-max_queue_time = 10 # used by server, subject to [limits]
-target_requests_outstanding = 3 # must match; subject to [limits] on server
-http_timeout = 30 # used by both } must be
-http_timeout_grace = 5 # used by both } compatible
-max_requests_outstanding = 4 # used by client
-max_batch_up = 4000 # used by client
-http_retry = 5 # used by client
+max_batch_down = 65536
+max_queue_time = 10
+target_requests_outstanding = 3
+http_timeout = 30
+http_timeout_grace = 5
+max_requests_outstanding = 6
+max_batch_up = 4000
+http_retry = 5
#[server] or [<client>] overrides
ipif = userv root ipif %(local)s,%(peer)s,%(mtu)s,slip %(rnets)s
-# extra interpolations: %(local)s %(peer)s %(rnet)s
-# obtained on server [virtual]server [virtual]relay [virtual]network
-# from on client <client> [virtual]server [virtual]routes
-[virtual]
+# relating to virtual network
mtu = 1500
-routes = ''
-# network = <prefix>/<len> # mandatory for server
-# server = <ipaddr> # used by both, default is computed from `network'
-# relay = <ipaddr> # used by server, default from `network' and `server'
-# default server is first host in network
-# default relay is first host which is not server
[server]
-# addrs = 127.0.0.1 ::1 # mandatory for server
-port = 80 # used by server
-# url # used by client; default from first `addrs' and `port'
+# addrs = 127.0.0.1 ::1
+port = 80
+# url
+
+# relating to virtual network
+routes = ''
+vnetwork = 172.24.230.192
+# network = <prefix>/<len>
+# server = <ipaddr>
+# relay = <ipaddr>
+
# [<client-ip4-or-ipv6-address>]
# password = <password> # used by both, must match
[limits]
-max_batch_down = 262144 # used by server
-max_queue_time = 121 # used by server
-http_timeout = 121 # used by server
-target_requests_outstanding = 10 # used by server
+max_batch_down = 262144
+max_queue_time = 121
+http_timeout = 121
+target_requests_outstanding = 10
'''
# these need to be defined here so that they can be imported by import *
addrs
# port
# mtu
-# limits eg max_batch_down=65536
+# limits eg
+max_batch_down = 65536
[192.0.2.4]
-# adjusts eg http_timeout = 15
+# adjusts eg
+http_timeout = 15
+# ^ applies to all servers
+
+[davenant 192.0.2.4]
+# adjusts eg
+max_batch_down = 32768
+
# -- in chiark:master.cfg
-[server]
+[SERVER]
server = chiark
-# -- in chiark:passwords.d/192.0.2.4
-# -- in zealot:passwords.d/chiark
-[192.0.2.4]
-password sesame
+# -- in passwords.d/chiark-192.0.2.4 (on zealot and chiark)
+[chiark 192.0.2.4]
+password = sesame
+
+# zealot knows it's 192.0.2.4 because that's the only client
+# for which it has a password
[SERVER]
-addrs = 203.0.113.46 2001:db8::4:cafe
-vnetwork = 192.0.2.0/24
+addrs = 203.0.113.46
-[192.0.2.6]
+[172.24.230.195]
password = sesame