Changeset b44aaf


Ignore:
Timestamp:
07/16/09 11:12:20 (9 years ago)
Author:
Erik Ekman <yarrick@…>
Branches:
iodine-0.6
Children:
3ab384
Parents:
f1f7fa
git-author:
Erik Ekman <yarrick@…> (07/16/09 11:12:20)
git-committer:
Erik Ekman <yarrick@…> (07/16/09 11:12:20)
Message:

Update readme and manpage

Files:
2 edited

Legend:

Unmodified
Added
Removed
  • README

    r1f52e9 rb44aaf  
    6565MISC. INFO: 
    6666 
    67 Try experimenting with the MTU size (-m option) to get maximum bandwidth. It is 
    68 set to 1024 by default, which seems to work with most DNS servers. If you have 
    69 problems, try setting it to 220 as this ensures all packets to be < 512 bytes. 
    70 Some DNS servers enforce a 512 byte packet limit, and this is probably the case 
    71 if you can ping through the tunnel but not login via SSH. 
     67Routing: 
     68The normal case is to route all traffic through the DNS tunnel. To do this, first 
     69add a route to the nameserver you use with the default gateway as gateway. Then 
     70replace the default gateway with the servers IP address within the DNS tunnel, 
     71and configure the server to do NAT. 
     72 
     73MTU issues: 
     74These issues should be solved now, with automatic fragmentation of downstream  
     75packets. There should be no need to set the MTU explicitly on the server. 
    7276 
    7377If you have problems, try inspecting the traffic with network monitoring tools 
    7478and make sure that the relaying DNS server has not cached the response. A 
    7579cached error message could mean that you started the client before the server. 
     80The -D option on the server can also show received and sent queries. 
     81 
     82The iodined server replies to NS requests sent for subdomains of the tunnel 
     83domain. If your domain is tunnel.com, send a NS request for foo.tunnel.com 
     84to see if the delegation works. dig is a good tool for this: 
     85dig -t NS foo123.tunnel.com 
    7686 
    7787The upstream data is sent gzipped encoded with Base32, or Base64 if the relay 
  • man/iodine.8

    r9e26841 rb44aaf  
    230230and configure the server to do NAT. 
    231231.TP 
     232.B Troubleshooting: 
     233Use the \-D option on the server to show received and sent queries, or a  
     234tool like Wireshark/tcpdump. The iodined server replies to NS requests sent for 
     235subdomains of the tunnel domain. If your domain is tunnel.com, send a NS 
     236request for foo.tunnel.com to see if the delegation works. dig is a good tool 
     237for this: dig \-t NS foo123.tunnel.com 
     238.TP 
    232239.B MTU issues: 
    233240These issues should be solved now, with automatic fragmentation of downstream  
Note: See TracChangeset for help on using the changeset viewer.