.\" Copyright (c) 2000-2006 Hajimu UMEMOTO .\" All rights reserved. .\" .\" Copyright (C) 1999 WIDE Project. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the project nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $Id: dtcps.8,v 1.2 2000/05/27 13:55:40 itojun Exp $ .\" $Mahoroba: src/dtcp/dtcps.8.in,v 1.8 2006/01/06 03:01:48 ume Exp $ .\" .Dd Jan 6, 2006 .Dt DTCPS 8 .\" .Sh NAME .Nm dtcps .Nd Dynamic Tunnel Configuration Protocol daemon .\" .Sh SYNOPSIS .Nm dtcps .Op Fl cdDoU .Op Fl b Ar udp-port .Op Fl g Ar address .Op Fl i Ar interfaces .Op Fl I Ar udp-interface .Op Fl p Ar port .Op Ar prefix .\" .Sh DESCRIPTION .Nm implements Dynamic Tunnel Configuration Protocol .Pq DTCP for short proposed by Trumpet. This listens to IPv4 TCP port 20200 .Po or port specified by .Ar port .Pc , for DTCP client connections. .Pp .Nm will use APOP password database file .Pq Pa pop.auth as password database. .Pp Clients requesting tunnel typed .Dq Li tunnelonly will get simple IPv6-over-IPv4 tunnel. No global address will be assigned to the configured tunnel link. It is up to administrators to assign global IPv6 address to the client host, or to the client network. Static assignment by hand or use of router advertisement packet should do the trick. Use of router renumbering protocol may be a candidate. .Pp Clients requesting tunnel typed .Dq Li network aka .Dq Li tunnelroute will get IPv6-over-IPv4 tunnel with appropriate static route for the connected user installed. This can be used for prefix delegation. The routes for each user is specified in \fI@PREFIX@/etc/routetable\fP. No global address will be assigned to the configured tunnel link. .Pp If .Ar prefix argument is specified, .Nm will accept tunnel request for .Dq Li host tunnel type. The tunnel type needs a pair of temporary global IPv6 address for the configured tunnel link, like .Li 3ffe:ffff:ffff:ffff::5 and .Li 3ffe:ffff:ffff:ffff::6 . The address pair will be assigned from specified .Ar prefix . Prefixlen for the temporary global address will be 128, and it will be computed by using interface number of tunnel interface. .Pp .Nm assumes all gif interfaces are available to use. If .Fl i .Ar interfaces argument is specified, .Nm will use only specified interfaces. .Ar interfaces accepts regular expression. .Pp If .Ar interfaces is not regular expression but an exact interface name, .Nm acts as interface cloning mode which .Nm creates and deletes interfaces appropriately. In this mode, .Ar interfaces means a lower interface to be created. .Pp With interface cloning mode, if .Fl o is specified, .Nm creates the interfaces appropriately, but prevents destroying and reuses created interfaces. .Pp If .Fl U is specified, .Nm accepts request for an IPv6 over an UDP/IPv4 tunnel as well. The lower value of an UDP port is specified by .Fl b , and its default is .Dq 4028 . .Nm assumes all netgraph interfaces are available to use. If .Fl I .Ar interface argument is specified, .Nm creates and deletes interfaces appropriately. .Ar interface means a lower interface to be created. An IPv6 over an UDP/IPv4 tunnel requires .Li Netgraph . (Experimental) .Pp You may want to use specific interface for certain user. You can specify the interface to 3rd field of \fI@PREFIX@/etc/routetable\fP. It can be used not only for tunnel typed .Dq Li network but also .Dq Li tunnelonly and .Dq Li host . If you don't want to assign prefix for your user, you can specify .Sq - for 2nd field. .Pp .Fl D prevents .Nm from daemonizing on invocation. .Pp .Fl c disables interface cloning mode. .Pp .Fl d puts .Nm into debug mode. .Pp In normal situation, you cannot serv DTCP from behind your NAT box. However, you may serv DTCP in such situation with the help of NAT box. In such case, you need to respond actual global address to a client. .Fl g .Ar address is specified, .Nm responds the .Ar address as the actuall IPv4 global address of your NAT box. .\" .Sh RETURN VALUES .Nm will exit with positive value on errors. .\" .Sh FILES .Bl -tag -width " " -compact .It Pa @PREFIX@/etc/routetable This file is used for .Dq Li network tunnel type, and maps between the user and the assigned IPv6 prefix for the user. The format is a space separated list of the user name, the assigned IPv6 prefix and the interface. The IPv6 prefix is a pair of IPv6 address and prefixlen like addr/prefixlen. Multiple IPv6 prefixes can be specified by using comma as separator. The interface is optional, and if interface is specified, the interface is used for the user. .It Pa @POPAUTHDB@ The APOP password database. .It Pa /var/run/dtcps.pid Contains the process ID of the .Nm listening for connections. The content of this file is not sensitive; it can be world-readable. .El .Sh SEE ALSO .Xr daemon 3 , .Xr gif 4 , .Xr dtcpauth 8 , .Xr dtcpc 8 , .Xr gifconfig 8 , .Xr ifconfig 8 , .Xr qpopauth 8 .\" .Sh HISTORY The .Nm command first appeared in WIDE/KAME IPv6 protocol stack kit. .Pp .Dq Li network tunnel type and other useful facilities were added by .An Hajimu UMEMOTO Aq ume@mahoroba.org . .\" .Sh BUGS DTCP needs to keep TCP connection between server and client. Therefore, maximum number of client served by single .Nm will be bounded by the maximum number of filehandle allowed to a process .Pq 100 or so . .Pp .Nm invokes several external commands, like .Xr ifconfig 8 and .Xr gifconfig 8 . Command search path must be configured properly before invoking .Nm dtcps . .Pp .Nm requires .Nm qpopauth shipped with .Nm qpopper to maintain APOP password database. There is .Nm dtcpauth for this purpose. Though the ability of .Nm dtcpauth is still limitted, you can use it for the replacement for .Nm qpopauth . .Pp .Nm was written in Ruby. :-)