billchenchina/n2n
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Imported Upstream version 1.3.1~svn3789

Browse source
This commit is contained in:
root 2012-07-21 05:14:09 +00:00
parent ce56f3183d
commit d869f11566
24 changed files with 420 additions and 456 deletions
Download patch file Download diff file Expand all files Collapse all files

95
edge.8
View file

@ -1,4 +1,4 @@
.TH edge 1 "May 3, 2008" "revision 3472" "SUPERUSER COMMANDS"
.TH edge 1 "Jan 3, 2009" "revision 3679" "SUPERUSER COMMANDS"
.SH NAME
edge \- n2n edge node daemon
.SH SYNOPSIS
@ -13,65 +13,104 @@ begin to find other nodes in the community.
.PP
.SH OPTIONS
.TP
\-d
\-d <name>
sets the TAP device name as seen in ifconfig.
.TP
\-a
sets the n2n LAN IP address being claimed.
\-a <addr>
sets the n2n virtual LAN IP address being claimed. This is a private IP
address. All IP addresses in an n2n community should belong to the same /24
network (ie. only the last segment of the IP addresses varies).
.TP
\-c
sets the n2n community name.
\-b
cause edge to perform hostname resolution for the supernode address each time
the supernode is periodically contacted.
.TP
\-k
sets the twofish encryption key from ASCII text (see also N2N_KEY in ENVIRONMENT)
\-c <community>
sets the n2n community name. All edges within the same community look to be on
the same LAN (layer 2 network segment). All edges communicating must use the
same key and community name.
.TP
\-l
sets the n2n supernode IP address and port to register to
\-h
write usage to tty then exit.
.TP
\-p
binds to the given UDP port
\-k <keystring>
sets the twofish encryption key from ASCII text (see also N2N_KEY in
ENVIRONMENT). All edges communicating must use the same key and community name.
.TP
\-u
causes the edge process to drop to the given user ID when privileges are no longer required
\-l <addr>:<port>
sets the n2n supernode IP address and port to register to.
.TP
\-g
causes the edge process to drop to the given group ID when privileges are no longer required
\-p <num>
binds edge to the given UDP port. Useful for keeping the same external socket
across restarts of edge.
.TP
\-u <uid>
causes the edge process to drop to the given user ID when privileges are no
longer required.
.TP
\-g <gid>
causes the edge process to drop to the given group ID when privileges are no
longer required.
.TP
\-f
causes the edge process to fork and run as a daemon, closing stdin, stdout, stderr and becoming a process group leader
causes the edge process to fork and run as a daemon, closing stdin, stdout,
stderr and becoming a process group leader.
.TP
\-m
\-m <MAC>
start the TAP interface with the given MAC address. This is highly recommended
as it means the same address will be used if edge stops and restarts. If this is
not done, the ARP caches of all peers will be wrong and packets will not flow to
this edge until the next ARP refresh.
.TP
\-M <MTU>
set the MTU of the edge interface in bytes. MTU is the largest packet fragment
size allowed to be moved throught the interface. The default is 1400.
.TP
\-s <netmask>
set the netmask of edge interface in IPv4 dotted decimal notation. The default
is 255.255.255.0 (ie. /24).
.TP
\-t
use HTTP tunneling instead of the normal UDP mechanism (experimental)
use HTTP tunneling instead of the normal UDP mechanism (experimental).
.TP
\-r
all packet forwarding/routing through the n2n virtual LAN
enable packet forwarding/routing through the n2n virtual LAN. Without this
option, packets arriving over n2n which are not for the -a <addr> IP address are
dropped.
.TP
\-v
use verbose logging
use verbose logging.
.SH ENVIRONMENT
.TP
.B N2N_KEY
set the encryption key so it is not visible on the command line
.SH EXAMPLES
.TP
.B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-l 123.121.120.119:7654
.B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-p 50001 \-l 123.121.120.119:7654
Start edge with TAP device n2n0 on community "mynetwork" with community
supernode at 123.121.120.119 UDP port 7654. Use "encryptme" as the shared
encryption key. Assign MAC address DE:AD:BE:EF:01:23 to the n2n interface and
drop to user=99 and group=99 after the TAP device is successfull configured.
supernode at 123.121.120.119 UDP port 7654 and bind the locally used UDP port to
50001. Use "encryptme" as the shared encryption key. Assign MAC address
DE:AD:BE:EF:01:23 to the n2n interface and drop to user=99 and group=99 after
the TAP device is successfull configured.
.PP
Add the -f option to make it run as a daemon
Add the -f option to make edge run as a daemon.
.PP
Somewhere else setup another edge with similar parameters, eg.
.B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:21 \-a 192.168.254.5 \-p 50001 \-l 123.121.120.119:7654
.PP
Now you can ping from 192.168.254.5 to 192.168.254.7.
.PP
The MAC address (-m <MAC>) and virtual IP address (-a <addr>) must be different on all edges in the same community.
.SH CONFIGURATION
All configuration for edge is from the command line and environment
variables. If you wish to reconfigure edge you should kill the process and
restart with the desired options.
.SH EXIT STATUS
edge is a daemon and any exit is an error
edge is a daemon and any exit is an error.
.SH AUTHOR
Luca Deri ( deri (at) ntop.org ), Richard Andrews ( andrews (at) ntop.org ), Don Bindner
.SH SEE ALSO
ifconfig(1) supernode(1) tunctl(1)
ifconfig(8) supernode(1) tunctl(8)