1
<?xml version="1.0" encoding="ISO-8859-1"?>
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
4
<!-- lifted from troff+man by doclifter -->
7
<refentrytitle>IPSEC_TNCFG</refentrytitle>
8
<manvolnum>5</manvolnum>
9
<refmiscinfo class='date'>27 Jun 2000</refmiscinfo>
11
<refnamediv id='name'>
12
<refname>ipsec_tncfg</refname>
13
<refpurpose>lists IPSEC virtual interfaces attached to real interfaces</refpurpose>
15
<!-- body begins here -->
16
<refsynopsisdiv id='synopsis'>
18
<command>ipsec</command>
19
<arg choice='plain'><replaceable>tncfg</replaceable></arg>
21
<arg choice='plain'><replaceable>cat/proc/net/ipsec_tncfg</replaceable></arg>
26
<refsect1 id='description'><title>DESCRIPTION</title>
27
<para><filename>/proc/net/ipsec_tncfg</filename>
28
is a read-only file which lists which IPSEC virtual interfaces are
29
attached to which real interfaces, through which packets will be
30
forwarded once processed by IPSEC.</para>
32
<para>Each line lists one ipsec I/F.
33
A table entry consists of:</para>
34
<variablelist remap='IP'>
38
<para>an ipsec virtual I/F name</para>
44
<para>a visual and machine parsable separator '->', separating the virtual I/F
45
and the physical I/F,</para>
51
<para>a physical I/F name, to which the ipsec virtual I/F is attached or NULL
52
if it is not attached,</para>
59
<emphasis remap='B'>mtu=</emphasis>,</para>
65
<para>the MTU of the ipsec virtual I/F,</para>
71
<para>the automatically adjusted effective MTU for PMTU discovery, in brackets,</para>
77
<para>a visual and machine parsable separator '->', separating the virtual I/F
78
MTU and the physical I/F MTU,</para>
84
<para>the MTU of the attached physical I/F.</para>
85
<!-- bogus BR elided -->
91
<refsect1 id='examples'><title>EXAMPLES</title>
92
<variablelist remap='TP'>
94
<term><userinput>ipsec2 -> eth3 mtu=16260(1443) -> 1500</userinput></term>
96
<para></para> <!-- FIXME: blank list item -->
101
<para>shows that virtual device
102
<emphasis remap='B'>ipsec2</emphasis>
104
<literal>16260</literal>
105
is connected to physical device
106
<emphasis remap='B'>eth3</emphasis>
108
<literal>1500</literal>
109
and that the effective MTU as a result of PMTU discovery has been
111
<literal>1443.</literal></para>
112
<variablelist remap='TP'>
114
<term><userinput>ipsec0 -> wvlan0 mtu=1400(16260) -> 1500</userinput></term>
116
<para></para> <!-- FIXME: blank list item -->
121
<para>shows that virtual device
122
<emphasis remap='B'>ipsec0</emphasis>
124
<literal>1400</literal>
125
is connected to physical device
126
<emphasis remap='B'>wvlan0</emphasis>
128
<literal>1500</literal>
129
and no PMTU packets have gotten far enough to bump down the effective MTU
130
from its default of 16260.</para>
131
<variablelist remap='TP'>
133
<term><userinput>ipsec3 -> NULL mtu=0(0) -> 0</userinput></term>
135
<para></para> <!-- FIXME: blank list item -->
140
<para>shows that virtual device
141
<emphasis remap='B'>ipsec3</emphasis>
142
is not connected to any physical device.</para>
146
<refsect1 id='files'><title>FILES</title>
147
<para>/proc/net/ipsec_tncfg, /usr/local/bin/ipsec</para>
150
<refsect1 id='see_also'><title>SEE ALSO</title>
151
<para>ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5),
152
ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5),
153
ipsec_pf_key(5)</para>
156
<refsect1 id='history'><title>HISTORY</title>
157
<para>Written for the Linux FreeS/WAN project
158
<<ulink url='http://www.freeswan.org/'>http://www.freeswan.org/</ulink>>
159
by Richard Guy Briggs.</para>
161
<!-- $Log: tncfg.5.xml,v $
162
<!-- Revision 1.1 2004/05/26 17:51:24 ken
163
<!-- Import XML version
165
<!-- Revision 1.5 2002/04/24 07:35:41 mcr -->
166
<!-- Moved from ./klips/utils/tncfg.5,v -->
168
<!-- Revision 1.4 2001/05/29 05:15:53 rgb -->
169
<!-- Added PMTU to output format. -->
171
<!-- Revision 1.3 2000/06/30 18:21:55 rgb -->
172
<!-- Update SEE ALSO sections to include <citerefentry><refentrytitle>ipsec_version</refentrytitle><manvolnum>5</manvolnum></citerefentry> and <citerefentry><refentrytitle>ipsec_pf_key</refentrytitle><manvolnum>5</manvolnum></citerefentry> -->
173
<!-- and correct FILES sections to no longer refer to /dev/ipsec which has -->
174
<!-- been removed since PF_KEY does not use it. -->
176
<!-- Revision 1.2 2000/06/28 12:44:12 henry -->
177
<!-- format touchup -->
179
<!-- Revision 1.1 2000/06/28 05:43:01 rgb -->
180
<!-- Added manpages for all 5 klips utils. -->