From cf6655a6e29d23132190b6c04c08ab372214b9a4 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 7 Feb 2014 19:07:48 +0000 Subject: * inital commit for RAIL mode - added information about it at manpage - updated output for --help * white space cleanups * updated copyright header --- doc/uanytun.8 | 45 ++++++++++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 13 deletions(-) (limited to 'doc/uanytun.8') diff --git a/doc/uanytun.8 b/doc/uanytun.8 index aae36cb..4e60f6b 100644 --- a/doc/uanytun.8 +++ b/doc/uanytun.8 @@ -1,13 +1,22 @@ '\" t .\" Title: uanytun .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.75.1 -.\" Date: 12/14/2010 -.\" Manual: uanytun user manual -.\" Source: uanytun trunk +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 02/07/2014 +.\" Manual: \ \& +.\" Source: \ \& .\" Language: English .\" -.TH "UANYTUN" "8" "12/14/2010" "uanytun trunk" "uanytun user manual" +.TH "UANYTUN" "8" "02/07/2014" "\ \&" "\ \&" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- @@ -33,9 +42,9 @@ uanytun \- micro anycast tunneling daemon [ \fB\-L|\-\-log\fR :[,[,[\&.\&.]]] ] [ \fB\-U|\-\-debug\fR ] [ \fB\-i|\-\-interface\fR ] - [ \fB\-p|\-\-port\fR ] + [ \fB\-p|\-\-port\fR [:] ] [ \fB\-r|\-\-remote\-host\fR ] - [ \fB\-o|\-\-remote\-port\fR ] + [ \fB\-o|\-\-remote\-port\fR [:] ] [ \fB\-4|\-\-ipv4\-only\fR ] [ \fB\-6|\-\-ipv6\-only\fR ] [ \fB\-d|\-\-dev\fR ] @@ -139,9 +148,13 @@ to run in debug mode\&. It implicits This IP address is used as the sender address for outgoing packets\&. The default is to not use a special inteface and just bind on all interfaces\&. .RE .PP -\fB\-p, \-\-port \fR\fB\fI\fR\fR +\fB\-p, \-\-port \fR\fB\fI[:]\fR\fR .RS 4 -The local UDP port that is used to send and receive the payload data\&. The two tunnel endpoints can use different ports\&. default: 4444 +The local UDP port that is used to send and receive the payload data\&. The two tunnel endpoints can use different ports\&. The default port is 4444\&. You can also specify a port range which enables +\fBRAIL\fR +mode\&. See section +\fBRAIL\fR +below to find out what this is\&. .RE .PP \fB\-r, \-\-remote\-host \fR\fB\fI\fR\fR @@ -149,9 +162,12 @@ The local UDP port that is used to send and receive the payload data\&. The two This option can be used to specify the remote tunnel endpoint\&. In case of anycast tunnel endpoints, the anycast IP address has to be used\&. If you do not specify an address, it is automatically determined after receiving the first data packet\&. .RE .PP -\fB\-o, \-\-remote\-port \fR\fB\fI\fR\fR +\fB\-o, \-\-remote\-port \fR\fB\fI[:]\fR\fR .RS 4 -The UDP port used for payload data by the remote host (specified with \-p on the remote host)\&. If you do not specify a port, it is automatically determined after receiving the first data packet\&. +The UDP port used for payload data by the remote host (specified with \-p on the remote host)\&. If you do not specify a port, it is automatically determined after receiving the first data packet\&. When RAIL mode is enabled the port range must be of the same length as the range defined with +\fB\-p, \-\-port\fR\&. See section +\fBRAIL\fR +below for more information about this mode\&. .RE .PP \fB\-4, \-\-ipv4\-only\fR @@ -216,7 +232,7 @@ does not support synchronisation it can\(cqt be used as an anycast endpoint ther .RS 4 seqence window size -Sometimes, packets arrive out of order on the receiver side\&. This option defines the size of a list of received packets\' sequence numbers\&. If, according to this list, a received packet has been previously received or has been transmitted in the past, and is therefore not in the list anymore, this is interpreted as a replay attack and the packet is dropped\&. A value of 0 deactivates this list and, as a consequence, the replay protection employed by filtering packets according to their secuence number\&. By default the sequence window is disabled and therefore a window size of 0 is used\&. +Sometimes, packets arrive out of order on the receiver side\&. This option defines the size of a list of received packets\*(Aq sequence numbers\&. If, according to this list, a received packet has been previously received or has been transmitted in the past, and is therefore not in the list anymore, this is interpreted as a replay attack and the packet is dropped\&. A value of 0 deactivates this list and, as a consequence, the replay protection employed by filtering packets according to their secuence number\&. By default the sequence window is disabled and therefore a window size of 0 is used\&. .RE .PP \fB\-k, \-\-kd\(emprf \fR\fB\fI\fR\fR @@ -359,6 +375,9 @@ The number of bytes to use for the auth tag\&. This value defaults to 10 bytes u \fInull\fR auth algo is used in which case it defaults to 0\&. .RE +.SH "RAIL" +.sp +\fBRAIL\fR stands for Redundant Array of Inexpensive Links\&. Like RAID spreads the blocks of a disk volume over multiple physical disks, \fBRAIL\fR will spread the UDP packets over multiple physical links\&. More precisly for each packet \fBuAnytun\fR reads, from the TUN/TAP device, it will send out multiple UDP packets\&. All of those to the same host but with different destination ports\&. Using policy\-based routing mechanisms these packets can now be seperated and sent out on several interfaces\&. The server\-side will then pick the first of the packets that arrives and discards all others\&. For this to work the size of the sequence window (\fB\-w\fR) must not be set to 0\&. As soon as the server\-side learns the remote endpoints of all or some of the links it will as well send multiple UDP packets for each payload packet\&. .SH "EXAMPLES" .SS "P2P Setup between two unicast enpoints:" .sp @@ -417,4 +436,4 @@ Christian Pointner Main web site: http://www\&.anytun\&.org/ .SH "COPYING" .sp -Copyright (C) 2008\-2010 Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. +Copyright (C) 2008\-2014 Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. -- cgit v1.2.3 From 0b0b66bdeab69e0cd95f657ddee5bab5c0c7187c Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 10 Feb 2014 19:54:17 +0000 Subject: added explicit option for RAIL mode --- doc/uanytun.8 | 18 ++++++++++++++---- doc/uanytun.8.txt | 7 ++++++- src/options.c | 5 ++++- src/options.h | 1 + src/uanytun.c | 2 +- src/udp.c | 6 +++++- src/udp.h | 3 ++- 7 files changed, 33 insertions(+), 9 deletions(-) (limited to 'doc/uanytun.8') diff --git a/doc/uanytun.8 b/doc/uanytun.8 index 4e60f6b..4fe8184 100644 --- a/doc/uanytun.8 +++ b/doc/uanytun.8 @@ -2,12 +2,12 @@ .\" Title: uanytun .\" Author: [see the "AUTHORS" section] .\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 02/07/2014 +.\" Date: 02/10/2014 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "UANYTUN" "8" "02/07/2014" "\ \&" "\ \&" +.TH "UANYTUN" "8" "02/10/2014" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -43,6 +43,7 @@ uanytun \- micro anycast tunneling daemon [ \fB\-U|\-\-debug\fR ] [ \fB\-i|\-\-interface\fR ] [ \fB\-p|\-\-port\fR [:] ] + [ \fB\-Y|\-\-rail\-mode\fR ] [ \fB\-r|\-\-remote\-host\fR ] [ \fB\-o|\-\-remote\-port\fR [:] ] [ \fB\-4|\-\-ipv4\-only\fR ] @@ -150,9 +151,18 @@ This IP address is used as the sender address for outgoing packets\&. The defaul .PP \fB\-p, \-\-port \fR\fB\fI[:]\fR\fR .RS 4 -The local UDP port that is used to send and receive the payload data\&. The two tunnel endpoints can use different ports\&. The default port is 4444\&. You can also specify a port range which enables +The local UDP port that is used to send and receive the payload data\&. The two tunnel endpoints can use different ports\&. The default port is 4444\&. In \fBRAIL\fR -mode\&. See section +mode you must specify a port range\&. See section +\fBRAIL\fR +below to find out what this is\&. +.RE +.PP +\fB\-Y, \-\-rail\-mode\fR +.RS 4 +This option instructs +\fBuAnytun\fR +to run in RAIL mode\&. See section \fBRAIL\fR below to find out what this is\&. .RE diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt index 5a75bcb..5bb236f 100644 --- a/doc/uanytun.8.txt +++ b/doc/uanytun.8.txt @@ -22,6 +22,7 @@ uanytun [ -U|--debug ] [ -i|--interface ] [ -p|--port [:] ] + [ -Y|--rail-mode ] [ -r|--remote-host ] [ -o|--remote-port [:] ] [ -4|--ipv4-only ] @@ -114,7 +115,11 @@ passed to the daemon: The local UDP port that is used to send and receive the payload data. The two tunnel endpoints can use different ports. The default port is 4444. - You can also specify a port range which enables *RAIL* mode. See section + In *RAIL* mode you must specify a port range. See section + *RAIL* below to find out what this is. + +*-Y, --rail-mode*:: + This option instructs *uAnytun* to run in RAIL mode. See section *RAIL* below to find out what this is. *-r, --remote-host ''*:: diff --git a/src/options.c b/src/options.c index 3271c06..240a286 100644 --- a/src/options.c +++ b/src/options.c @@ -209,7 +209,6 @@ int options_parse_ifconfig(const char* arg, ifconfig_param_t* ifcfg) return 1; } - int options_parse(options_t* opt, int argc, char* argv[]) { if(!opt) @@ -246,6 +245,7 @@ int options_parse(options_t* opt, int argc, char* argv[]) PARSE_INT_PARAM("-s","--sender-id", opt->sender_id_) PARSE_STRING_LIST("-L","--log", opt->log_targets_) PARSE_BOOL_PARAM("-U", "--debug", opt->debug_) + PARSE_BOOL_PARAM("-Y", "--rail-mode", opt->rail_mode_) PARSE_STRING_PARAM("-r","--remote-host", opt->remote_addr_) PARSE_STRING_PARAM("-o","--remote-port", opt->remote_port_) PARSE_BOOL_PARAM("-4","--ipv4-only", ipv4_only) @@ -347,6 +347,7 @@ void options_default(options_t* opt) opt->local_addr_ = NULL; opt->local_port_ = strdup("4444"); opt->sender_id_ = 0; + opt->rail_mode_ = 0; opt->remote_addr_ = NULL; opt->remote_port_ = strdup("4444"); opt->resolv_addr_type_ = ANY; @@ -439,6 +440,7 @@ void options_print_usage() printf(" add a log target, can be invoked several times\n"); printf(" [-U|--debug] don't daemonize and log to stdout with maximum log level\n"); + printf(" [-Y|--rail-mode] enable RAIL mode\n"); printf(" [-r|--remote-host] remote host\n"); printf(" [-o|--remote-port] [:] remote port (use port:port for range - RAIL)\n"); printf(" [-4|--ipv4-only] always resolv IPv4 addresses\n"); @@ -487,6 +489,7 @@ void options_print(options_t* opt) printf("local_addr: '%s'\n", opt->local_addr_); printf("local_port: '%s'\n", opt->local_port_); printf("sender_id: %d\n", opt->sender_id_); + printf("rail-mode: %s\n", !opt->rail_mode_ ? "false" : "true"); printf("remote_addr: '%s'\n", opt->remote_addr_); printf("remote_port: '%s'\n", opt->remote_port_); printf("resolv_addr_type: "); diff --git a/src/options.h b/src/options.h index 699f2c7..05f1c21 100644 --- a/src/options.h +++ b/src/options.h @@ -62,6 +62,7 @@ struct options_struct { char* local_addr_; char* local_port_; sender_id_t sender_id_; + int rail_mode_; char* remote_addr_; char* remote_port_; resolv_addr_type_t resolv_addr_type_; diff --git a/src/uanytun.c b/src/uanytun.c index edb0bfe..c23294c 100644 --- a/src/uanytun.c +++ b/src/uanytun.c @@ -367,7 +367,7 @@ int main(int argc, char* argv[]) udp_t sock; - ret = udp_init(&sock, opt.local_addr_, opt.local_port_, opt.resolv_addr_type_); + ret = udp_init(&sock, opt.local_addr_, opt.local_port_, opt.resolv_addr_type_, opt.rail_mode_); if(ret) { log_printf(ERROR, "error on udp_init, exitting"); tun_close(&dev); diff --git a/src/udp.c b/src/udp.c index e774ef4..f81dee7 100644 --- a/src/udp.c +++ b/src/udp.c @@ -52,13 +52,14 @@ #include #include -int udp_init(udp_t* sock, const char* local_addr, const char* port, resolv_addr_type_t resolv_type) +int udp_init(udp_t* sock, const char* local_addr, const char* port, resolv_addr_type_t resolv_type, int rail_mode) { if(!sock || !port) return -1; sock->socks_ = NULL; sock->active_sock_ = NULL; + sock->rail_mode_ = rail_mode; struct addrinfo hints, *res; @@ -146,6 +147,9 @@ int udp_init(udp_t* sock, const char* local_addr, const char* port, resolv_addr_ freeaddrinfo(res); + if(sock->rail_mode_) + log_printf(NOTICE, "RAIL mode enabled"); + return 0; } diff --git a/src/udp.h b/src/udp.h index ffc87d6..8f54ed4 100644 --- a/src/udp.h +++ b/src/udp.h @@ -58,10 +58,11 @@ typedef struct udp_socket_struct udp_socket_t; struct udp_struct { udp_socket_t* socks_; udp_socket_t* active_sock_; + int rail_mode_; }; typedef struct udp_struct udp_t; -int udp_init(udp_t* sock, const char* local_addr, const char* port, resolv_addr_type_t resolv_type); +int udp_init(udp_t* sock, const char* local_addr, const char* port, resolv_addr_type_t resolv_type, int rail_mode); int udp_init_fd_set(udp_t* sock, fd_set* set); int udp_has_remote(udp_t* sock); int udp_resolv_remote(udp_t* sock, const char* remote_addr, const char* port, resolv_addr_type_t resolv_type); -- cgit v1.2.3 From f329c57d9e76983759bb47da16dd3204e0accbc8 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 10 Feb 2014 21:40:21 +0000 Subject: fixed typos at manpage --- doc/uanytun.8 | 6 +++--- doc/uanytun.8.txt | 7 ++++--- 2 files changed, 7 insertions(+), 6 deletions(-) (limited to 'doc/uanytun.8') diff --git a/doc/uanytun.8 b/doc/uanytun.8 index 4fe8184..c02198a 100644 --- a/doc/uanytun.8 +++ b/doc/uanytun.8 @@ -387,7 +387,7 @@ auth algo is used in which case it defaults to 0\&. .RE .SH "RAIL" .sp -\fBRAIL\fR stands for Redundant Array of Inexpensive Links\&. Like RAID spreads the blocks of a disk volume over multiple physical disks, \fBRAIL\fR will spread the UDP packets over multiple physical links\&. More precisly for each packet \fBuAnytun\fR reads, from the TUN/TAP device, it will send out multiple UDP packets\&. All of those to the same host but with different destination ports\&. Using policy\-based routing mechanisms these packets can now be seperated and sent out on several interfaces\&. The server\-side will then pick the first of the packets that arrives and discards all others\&. For this to work the size of the sequence window (\fB\-w\fR) must not be set to 0\&. As soon as the server\-side learns the remote endpoints of all or some of the links it will as well send multiple UDP packets for each payload packet\&. +\fBRAIL\fR stands for Redundant Array of Inexpensive Links\&. Like RAID spreads the blocks of a disk volume over multiple physical disks, \fBRAIL\fR will spread the UDP packets over multiple physical links\&. More precisly for each packet \fBuAnytun\fR reads, from the TUN/TAP device, it will send out multiple UDP packets\&. All of those to the same host but with different destination ports\&. Using policy\-based routing mechanisms these packets can now be seperated and sent out on several interfaces\&. The server\-side will then pick the first of the packets that arrive and discards all others\&. For this to work the size of the sequence window (\fB\-w\fR) must not be set to 0\&. As soon as the server\-side learns the remote endpoints of all or some of the links it will as well send multiple UDP packets for each payload packet\&. .SH "EXAMPLES" .SS "P2P Setup between two unicast enpoints:" .sp @@ -399,7 +399,7 @@ auth algo is used in which case it defaults to 0\&. \fBHost A:\fR .RS 4 .sp -uanytun \-r hostb\&.example\&.com \-t tun \-n 192\&.168\&.123\&.1/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \e \-E have_a_very_safe_and_productive_day \-e left +uanytun \-r hostb\&.example\&.com \-t tun \-n 192\&.168\&.123\&.1/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \-E have_a_very_safe_and_productive_day \-e left .RE .sp .it 1 an-trap @@ -410,7 +410,7 @@ uanytun \-r hostb\&.example\&.com \-t tun \-n 192\&.168\&.123\&.1/30 \-c aes\-ct \fBHost B:\fR .RS 4 .sp -uanytun \-r hosta\&.example\&.com \-t tun \-n 192\&.168\&.123\&.2/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \e \-E have_a_very_safe_and_productive_day \-e right +uanytun \-r hosta\&.example\&.com \-t tun \-n 192\&.168\&.123\&.2/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \-E have_a_very_safe_and_productive_day \-e right .RE .SS "One unicast and one anycast tunnel endpoint:" .sp diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt index 5bb236f..2a47318 100644 --- a/doc/uanytun.8.txt +++ b/doc/uanytun.8.txt @@ -257,6 +257,7 @@ passed to the daemon: The number of bytes to use for the auth tag. This value defaults to 10 bytes unless the 'null' auth algo is used in which case it defaults to 0. + RAIL ---- @@ -266,7 +267,7 @@ UDP packets over multiple physical links. More precisly for each packet *uAnytun reads, from the TUN/TAP device, it will send out multiple UDP packets. All of those to the same host but with different destination ports. Using policy-based routing mechanisms these packets can now be seperated and sent out on several interfaces. -The server-side will then pick the first of the packets that arrives and discards all others. +The server-side will then pick the first of the packets that arrive and discards all others. For this to work the size of the sequence window (*-w*) must not be set to 0. As soon as the server-side learns the remote endpoints of all or some of the links it will as well send multiple UDP packets for each payload packet. @@ -281,12 +282,12 @@ P2P Setup between two unicast enpoints: Host A: ^^^^^^^ -uanytun -r hostb.example.com -t tun -n 192.168.123.1/30 -c aes-ctr-256 -k aes-ctr-256 \ +uanytun -r hostb.example.com -t tun -n 192.168.123.1/30 -c aes-ctr-256 -k aes-ctr-256 -E have_a_very_safe_and_productive_day -e left Host B: ^^^^^^^ -uanytun -r hosta.example.com -t tun -n 192.168.123.2/30 -c aes-ctr-256 -k aes-ctr-256 \ +uanytun -r hosta.example.com -t tun -n 192.168.123.2/30 -c aes-ctr-256 -k aes-ctr-256 -E have_a_very_safe_and_productive_day -e right One unicast and one anycast tunnel endpoint: -- cgit v1.2.3 From c1ce4524b4fb143edf770ed09aba0b057e16aa65 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 24 Feb 2014 17:07:11 +0000 Subject: added examples for rail mode --- doc/uanytun.8 | 27 +++++++++++++++++++++++++-- doc/uanytun.8.txt | 17 +++++++++++++++++ 2 files changed, 42 insertions(+), 2 deletions(-) (limited to 'doc/uanytun.8') diff --git a/doc/uanytun.8 b/doc/uanytun.8 index c02198a..fe7855f 100644 --- a/doc/uanytun.8 +++ b/doc/uanytun.8 @@ -2,12 +2,12 @@ .\" Title: uanytun .\" Author: [see the "AUTHORS" section] .\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 02/10/2014 +.\" Date: 02/24/2014 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "UANYTUN" "8" "02/10/2014" "\ \&" "\ \&" +.TH "UANYTUN" "8" "02/24/2014" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -435,6 +435,29 @@ uanytun \-r anycast\&.anytun\&.org \-d anytun0 \-t tun \-n 192\&.0\&.2\&.2/30 \- .sp As \fBuAnytun\fR can\(cqt work as an anycast endpoint it can\(cqt be used for this purpose\&. You have to use \fBAnytun\fR for that job\&. .RE +.SS "Rail Setup for 3 links:" +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBClient:\fR +.RS 4 +.sp +uanytun \-t tun \-n 192\&.168\&.42\&.2/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \-E rail_MODE_is_VERY_cool \-e client \-w 64 \-Y \-r rail\&.example\&.com \-o 4440:4442 +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBServer:\fR +.RS 4 +.sp +uanytun \-t tun \-n 192\&.168\&.42\&.1/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \-E rail_MODE_is_VERY_cool \-e server \-w 64 \-Y \-p 4440:4442 +.RE .SH "BUGS" .sp Most likely there are some bugs in \fBuAnytun\fR\&. If you find a bug, please let the developers know at uanytun@anytun\&.org\&. Of course, patches are preferred\&. diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt index 2a47318..a3af139 100644 --- a/doc/uanytun.8.txt +++ b/doc/uanytun.8.txt @@ -290,6 +290,7 @@ Host B: uanytun -r hosta.example.com -t tun -n 192.168.123.2/30 -c aes-ctr-256 -k aes-ctr-256 -E have_a_very_safe_and_productive_day -e right + One unicast and one anycast tunnel endpoint: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -304,8 +305,24 @@ As *uAnytun* can't work as an anycast endpoint it can't be used for this purpose have to use *Anytun* for that job. +Rail Setup for 3 links: +~~~~~~~~~~~~~~~~~~~~~~~ + +Client: +^^^^^^^ + +uanytun -t tun -n 192.168.42.2/30 -c aes-ctr-256 -k aes-ctr-256 -E rail_MODE_is_VERY_cool + -e client -w 64 -Y -r rail.example.com -o 4440:4442 + +Server: +^^^^^^^ +uanytun -t tun -n 192.168.42.1/30 -c aes-ctr-256 -k aes-ctr-256 -E rail_MODE_is_VERY_cool + -e server -w 64 -Y -p 4440:4442 + + BUGS ---- + Most likely there are some bugs in *uAnytun*. If you find a bug, please let the developers know at uanytun@anytun.org. Of course, patches are preferred. -- cgit v1.2.3 From 39431a7787dc7b709f7a7f88bad521db2562d2f5 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 24 Feb 2014 17:25:22 +0000 Subject: updated examples for rail mode --- doc/uanytun.8 | 2 +- doc/uanytun.8.txt | 2 +- etc/uanytun/rail-client/config | 91 ++++++++++++++++++++++++++++++++++++++++++ etc/uanytun/rail-server/config | 91 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 184 insertions(+), 2 deletions(-) create mode 100644 etc/uanytun/rail-client/config create mode 100644 etc/uanytun/rail-server/config (limited to 'doc/uanytun.8') diff --git a/doc/uanytun.8 b/doc/uanytun.8 index fe7855f..615be1e 100644 --- a/doc/uanytun.8 +++ b/doc/uanytun.8 @@ -445,7 +445,7 @@ As \fBuAnytun\fR can\(cqt work as an anycast endpoint it can\(cqt be used for th \fBClient:\fR .RS 4 .sp -uanytun \-t tun \-n 192\&.168\&.42\&.2/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \-E rail_MODE_is_VERY_cool \-e client \-w 64 \-Y \-r rail\&.example\&.com \-o 4440:4442 +uanytun \-t tun \-n 192\&.168\&.42\&.2/30 \-c aes\-ctr\-256 \-k aes\-ctr\-256 \-E rail_MODE_is_VERY_cool \-e client \-w 64 \-Y \-p 1233:1235 \-r rail\&.example\&.com \-o 4440:4442 .RE .sp .it 1 an-trap diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt index a3af139..5a507ca 100644 --- a/doc/uanytun.8.txt +++ b/doc/uanytun.8.txt @@ -312,7 +312,7 @@ Client: ^^^^^^^ uanytun -t tun -n 192.168.42.2/30 -c aes-ctr-256 -k aes-ctr-256 -E rail_MODE_is_VERY_cool - -e client -w 64 -Y -r rail.example.com -o 4440:4442 + -e client -w 64 -Y -p 1233:1235 -r rail.example.com -o 4440:4442 Server: ^^^^^^^ diff --git a/etc/uanytun/rail-client/config b/etc/uanytun/rail-client/config new file mode 100644 index 0000000..3671eee --- /dev/null +++ b/etc/uanytun/rail-client/config @@ -0,0 +1,91 @@ +############################# +## Main options # +############################# + +role client + +## device type tun = ip/ipv6, tap = ethernet +type tun + +## Automaticaly configure the interface +## the address hast to be supplied in CIDR notation +ifconfig 192.168.42.2/30 + +## payload encryption algorithm +#cipher null +#cipher aes-ctr-128 +#cipher aes-ctr-192 +#cipher aes-ctr-256 +cipher aes-ctr + +## message authentication algorithm +#auth-algo null +auth-algo sha1 + +##message auth tag length +#auth-tag-length 10 + +## Passphrase +## this is used to generate the crypto-key and salt +## this should be al least 30 characters +passphrase RAID_is_nice_but_RAIL_is_cooler + +## local ip address to bind to (for tunnel data) +## (if you run an anycast cluster this has to be the anycast ip address) +#interface + +## local port to bind to (for tunnel data) +## the number of ports here must be at least as high as the number of +## remote ports - so in this case up to 5 links may be used +port 8880:8884 + +## The remote host and port (for RAIL a port range is needed) +remote-host rail.example.com +remote-port 8880:8884 + +## enable RAIL mode +rail-mode + +############################# +## Debug options # +############################# + +## don't run in background +#nodaemonize + +## additional log to standard output with a level of 5 +#log stdout:5 + + +############################# +## Expert options # +############################# + +## log to syslog with a level of 3 +log syslog:3,uanytun-rail-client,daemon + +## change user and group after init +#username uanytun +#groupname uanytun + +## chroot to users home directory +#chroot /var/run/uanytun + +## key derivation pseudo random function +#kd-prf null +#kd-prf aes-ctr +#kd-prf aes-ctr-128 +#kd-prf aes-ctr-192 +#kd-prf aes-ctr-256 + +## Device name +dev rail0 + +## Manually set encryption key and salt +## (this replaces the passphrase) +#key 0123456789ABCDEF0123456789ABCDEF +#salt 0123456789ABCD0123456789ABCD + +## Setting a window size > 0 will enable replay protection +## This is needed for RAIL to work +window-size 100 diff --git a/etc/uanytun/rail-server/config b/etc/uanytun/rail-server/config new file mode 100644 index 0000000..0f34557 --- /dev/null +++ b/etc/uanytun/rail-server/config @@ -0,0 +1,91 @@ +############################# +## Main options # +############################# + +role server + +## device type tun = ip/ipv6, tap = ethernet +type tun + +## Automaticaly configure the interface +## the address hast to be supplied in CIDR notation +ifconfig 192.168.42.1/30 + +## payload encryption algorithm +#cipher null +#cipher aes-ctr-128 +#cipher aes-ctr-192 +#cipher aes-ctr-256 +cipher aes-ctr + +## message authentication algorithm +#auth-algo null +auth-algo sha1 + +##message auth tag length +#auth-tag-length 10 + +## Passphrase +## this is used to generate the crypto-key and salt +## this should be al least 30 characters +passphrase RAID_is_nice_but_RAIL_is_cooler + +## local ip address to bind to (for tunnel data) +## (if you run an anycast cluster this has to be the anycast ip address) +#interface + +## local port to bind to (for tunnel data) +## the number of ports here must be at least as high as the number of +## remote ports defined at the client configuration (in this case 5) +port 8880:8884 + +## The remote host and port will be learned from the first messages +#remote-host client.unknown +#remote-port 8880:8884 + +## enable RAIL mode +rail-mode + +############################# +## Debug options # +############################# + +## don't run in background +#nodaemonize + +## additional log to standard output with a level of 5 +#log stdout:5 + + +############################# +## Expert options # +############################# + +## log to syslog with a level of 3 +log syslog:3,uanytun-rail-server,daemon + +## change user and group after init +#username uanytun +#groupname uanytun + +## chroot to users home directory +#chroot /var/run/uanytun + +## key derivation pseudo random function +#kd-prf null +#kd-prf aes-ctr +#kd-prf aes-ctr-128 +#kd-prf aes-ctr-192 +#kd-prf aes-ctr-256 + +## Device name +dev rail0 + +## Manually set encryption key and salt +## (this replaces the passphrase) +#key 0123456789ABCDEF0123456789ABCDEF +#salt 0123456789ABCD0123456789ABCD + +## Setting a window size > 0 will enable replay protection +## This is needed for RAIL to work +window-size 100 -- cgit v1.2.3