2005-01-18 10:09:38 +00:00

92 lines
2.1 KiB
Groff

.\"
.\" ----------------------------------------------------------------------------
.\" "THE BEER-WARE LICENSE" (Revision 42):
.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you
.\" can do whatever you want with this stuff. If we meet some day, and you think
.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
.\" ----------------------------------------------------------------------------
.\"
.\" $FreeBSD$
.\"
.Dd April 11, 1998
.Dt NOS-TUN 8
.Os
.Sh NAME
.Nm nos-tun
.Nd implement ``nos'' or ``ka9q'' style IP over IP tunnel
.Sh SYNOPSIS
.Nm
.Fl t
.Ar tunnel
.Fl s
.Ar source
.Fl d
.Ar destination
.Fl p
.Ar protocol_number
.Ar target
.Sh DESCRIPTION
The
.Nm
utility is used to establish an
.Em nos
style tunnel, (also known as
.Em ka9q
or
.Em IP-IP
tunnel) using a
.Xr tun 4
kernel interface.
.Pp
.Ar Tunnel
is the name of the tunnel device
.Pa /dev/tun0
for example.
.Pp
.Ar Source
and
.Ar destination
are the addresses used on the tunnel device.
If you configure the tunnel against a cisco router, use a netmask of
.Dq 255.255.255.252
on the cisco.
This is because the tunnel is a point-to-point interface
in the
.Fx
end, a concept cisco doesn't really implement.
.Pp
.Ar Protocol number
sets tunnel mode.
Original KA9Q NOS uses 94 but many people use 4
on the worldwide backbone of ampr.org.
.Pp
.Ar Target
is the address of the remote tunnel device, this must match the source
address set on the remote end.
.Sh EXAMPLES
This end, a
.Fx
box on address 192.168.59.34:
.Bd -literal -offset indent
nos-tun -t /dev/tun0 -s 192.168.61.1 -d 192.168.61.2 192.168.56.45
.Ed
.Pp
Remote cisco on address 192.168.56.45:
.Bd -literal -offset indent
interface tunnel 0
ip address 192.168.61.2 255.255.255.252
tunnel mode nos
tunnel destination 192.168.59.34
tunnel source 192.168.56.45
.Ed
.Sh AUTHORS
.An -nosplit
.An Nickolay N. Dudorov Aq nnd@itfs.nsk.su
wrote the program,
.An Poul-Henning Kamp Aq phk@FreeBSD.org
wrote the man-page.
.An Isao SEKI Aq iseki@gongon.com
added a new flag, IP protocol number.
.Sh BUGS
We don't allow for setting our source address for multihomed machines.