.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.29)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` 
.    ds C' 
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{
.    if \nF \{
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "GVPE.OSDEP 5"
.TH GVPE.OSDEP 5 "2018-10-25" "3.1" "GNU Virtual Private Ethernet"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
gvpe.osdep \- os dependent information
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This file tries to capture OS-dependent configuration or build issues,
quirks and platform limitations, as known.
.SH "TUN vs. TAP interface"
.IX Header "TUN vs. TAP interface"
Most operating systems nowadays support something called a
\&\fItunnel\fR\-device, which makes it possible to divert IPv4 (and often other
protocols, too) into a user space daemon like \f(CW\*(C`gvpe\*(C'\fR. This is being
referred to as a TUN-device.
.PP
This is fine for point-to-point tunnels, but for a virtual ethernet, an
additional ethernet header is needed. This functionality (called a \s-1TAP\s0
device here) is only provided by a subset of the configurations.
.PP
On platforms only supporting a TUN-device, gvpe will invoke it's magical
ethernet emulation package, which currently only handles \s-1ARP\s0 requests for
the IPv4 protocol (but more could be added, bu the tincd network drivers
might need to be modified for this to work). This means that on those
platforms, only IPv4 will be supported.
.PP
Also, since there is no way (currently) to tell gvpe which \s-1IP\s0 subnets are
found on a specific host, you will either need to hardwire the \s-1MAC\s0 address
for TUN-style hosts on all networks (and avoid \s-1ARP\s0 altogether, which is
possible), or you need to send a packet from these hosts into the vpn
network to tell gvpe the local interface address.
.SH "Interface Initialisation"
.IX Header "Interface Initialisation"
Unless otherwise notes, the network interface will be initialized with the
expected \s-1MAC\s0 address and correct \s-1MTU\s0 value. With most interface drivers,
this is done by running \f(CW\*(C`/sbin/ifconfig\*(C'\fR, so make sure that this command
exists.
.SH "Interface Types"
.IX Header "Interface Types"
.SS "native/linux"
.IX Subsection "native/linux"
TAP-device; already part of the kernel (only 2.4+ supported, but see
tincd/linux). This is the configuration tested best, as gvpe is being
developed on this platform.
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the name of the network device.
.PP
To hardwire \s-1ARP\s0 addresses, use iproute2 (\f(CW\*(C`arp\*(C'\fR can do it, too):
.PP
.Vb 2
\&  MAC=fe:fd:80:00:00:$(printf "%02x" $NODEID)
\&  ip neighbour add 10.11.12.13 lladdr $MAC nud permanent dev $IFNAME
.Ve
.SS "tincd/linux"
.IX Subsection "tincd/linux"
TAP-device; already part of the kernel (2.2 only). See
\&\f(CW\*(C`native/linux\*(C'\fR for more info.
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the path of a tap device,
e.g. \f(CW\*(C`/dev/tap0\*(C'\fR. The interface will be named accordingly.
.SS "native/cygwin"
.IX Subsection "native/cygwin"
TAP-device; The \s-1TAP\s0 device to be used must either be the \s-1CIPE\s0 driver
(\f(CW\*(C`http://cipe\-win32.sourceforge.net/\*(C'\fR), or (highly recommended) the newer
TAP\-Win32 driver bundled with openvpn (http://openvpn.sf.net/). Just
download and run the openvpn installer. The only option you need to select
is the \s-1TAP\s0 driver.
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the name of the device, found in the registry
at (no kidding :):
.PP
.Vb 1
\&      HKEY_LOCAL_MACHINE\eSYSTEM\eCurrentControlSet\eControl\eNetwork\e{4D36E972\-E325\-11CE\-BFC1\-08002BE10318}\e<adapterid>\eConnection\eName
.Ve
.PP
The \s-1MAC\s0 address is dynamically being patched into packets and
ARP-requests, so only IPv4 works with \s-1ARP\s0 on this platform.
.SS "tincd/bsd"
.IX Subsection "tincd/bsd"
TAP-device, maybe; might work for many bsd variants.
.PP
This driver is a newer version of the \f(CW\*(C`tincd/*bsd\*(C'\fR drivers. It \fImight\fR
provide a \s-1TAP\s0 device, or might not work at all. You might try this
interface type first, and, if it doesn't work, try one of the OS-specific
drivers.
.SS "tincd/freebsd"
.IX Subsection "tincd/freebsd"
TAP-device; part of the kernel (since 4.x, maybe earlier).
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the path of a tap device,
e.g. \f(CW\*(C`/dev/tap0\*(C'\fR. The interface will be named accordingly.
.PP
These commands might be helpful examples:
.PP
.Vb 2
\&  ifconfig $IFNAME 10.0.0.$NODEID
\&  route add \-net 10.0.0.0 \-netmask 255.255.255.0 \-interface $IFNAME 10.0.0.$NODEID
.Ve
.SS "tincd/netbsd"
.IX Subsection "tincd/netbsd"
TUN-device; The interface is a point-to-point device. To initialize it,
you currently need to configure it as a point-to-point device, giving it
an address on your vpn (the exact address doesn't matter), like this:
.PP
.Vb 4
\&  ifconfig $IFNAME mtu $MTU up
\&  ifconfig $IFNAME 10.11.12.13 10.55.66.77
\&  route add \-net 10.0.0.0 10.55.66.77 255.0.0.0
\&  ping \-c1 10.55.66.77 # ping once to tell gvpe your gw ip
.Ve
.PP
The ping is required to tell the \s-1ARP\s0 emulator inside \s-1GVPE\s0 the local \s-1IP\s0
address.
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the path of a tun device,
e.g. \f(CW\*(C`/dev/tun0\*(C'\fR. The interface will be named accordingly.
.SS "tincd/openbsd"
.IX Subsection "tincd/openbsd"
TUN-device; already part of the kernel. See \f(CW\*(C`tincd/netbsd\*(C'\fR for more information.
.SS "native/darwin"
.IX Subsection "native/darwin"
TAP-device;
.PP
The necessary kernel extension can be found here:
.PP
.Vb 1
\&  http://www\-user.rhrk.uni\-kl.de/~nissler/tuntap/
.Ve
.PP
There are two drivers, the one to use is the \*(L"tap\*(R" driver. It driver must
be loaded before use, read the docs on how to install it as a startup
item.
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the path of a tap device,
e.g. \f(CW\*(C`/dev/tap0\*(C'\fR. The interface will be named accordingly.
.PP
These commands might be helpful examples:
.PP
.Vb 2
\&  ifconfig $IFNAME 10.0.0.$NODEID
\&  route add \-net 10.0.0.0 \-interface $IFNAME 255.255.255.0
.Ve
.SS "tincd/darwin"
.IX Subsection "tincd/darwin"
TUN-device; See \f(CW\*(C`tincd/netbsd\*(C'\fR for more information. \f(CW\*(C`native/darwin\*(C'\fR is
preferable.
.PP
The necessary kernel extension can be found here:
.PP
.Vb 1
\&  http://chrisp.de/en/projects/tunnel.html
.Ve
.PP
\&\f(CW\*(C`ifname\*(C'\fR should be set to the path of a tun device,
e.g. \f(CW\*(C`/dev/tun0\*(C'\fR. The interface will be named accordingly.
.PP
The driver must be loaded before use:
.PP
.Vb 1
\&  kmodload tunnel
.Ve
.SS "tincd/solaris"
.IX Subsection "tincd/solaris"
TUN-device; already part of the kernel(?), or available here:
.PP
.Vb 1
\&  http://vtun.sourceforge.net/tun/
.Ve
.PP
Some precompiled tun drivers might be available here:
.PP
.Vb 1
\&  http://www.monkey.org/~dugsong/fragroute/
.Ve
.PP
The interface \s-1MAC\s0 and \s-1MTU\s0 are \fI\s-1NOT\s0\fR set up for you. Please try it out and
send me an \f(CW\*(C`ifconfig\*(C'\fR command invocation that does that.
.PP
See \f(CW\*(C`tincd/netbsd\*(C'\fR for more information.
.PP
Completely untested so far.
.SS "tincd/mingw"
.IX Subsection "tincd/mingw"
TAP-device; see \f(CW\*(C`native/cygwin\*(C'\fR for more information.
.PP
The setup is likely to be similar to \f(CW\*(C`native/cygwin\*(C'\fR.
.PP
Completely untested so far.
.SS "tincd/raw_socket"
.IX Subsection "tincd/raw_socket"
TAP-device; purpose unknown and untested, probably binds itself on an
existing ethernet device (given by \f(CW\*(C`ifname\*(C'\fR). It must be down prior to
running the command, and \s-1GVPE\s0 will try to set it's \s-1MAC\s0 address and \s-1MTU\s0 to
the \*(L"correct\*(R" values.
.PP
Completely untested so far.
.SS "tincd/uml_socket"
.IX Subsection "tincd/uml_socket"
TAP-device; purpose unknown and untested, probably creates a \s-1UNIX\s0 datagram
socket (path given by \f(CW\*(C`ifname\*(C'\fR) and reads and writes raw packets, so
might be useful in other than \s-1UML\s0 contexts.
.PP
No network interface is created, and the \s-1MAC\s0 and \s-1MTU\s0 must be set as
appropriate on the other side of the socket.  \s-1GVPE\s0 will exit if the \s-1MAC\s0
address doesn't match what it expects.
.PP
Completely untested so far.
.SS "tincd/cygwin"
.IX Subsection "tincd/cygwin"
Known to be broken, use \f(CW\*(C`native/cygwin\*(C'\fR instead.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIgvpe\fR\|(5).
.SH "AUTHOR"
.IX Header "AUTHOR"
Marc Lehmann <gvpe@schmorp.de>