Bug 14956 - /etc/cipe/options is misleading
/etc/cipe/options is misleading
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: cipe (Show other bugs)
7.0
i386 Linux
high Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-08-01 05:48 EDT by Pekka Savola
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-08-01 05:48:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Pekka Savola 2000-08-01 05:48:28 EDT
The stock /etc/cipe/options reads as follows:

---
# The static key. Keep this file secret!
# The key is 128 bits in hexadecimal notation.
#key             3248fd20adf9c00ccf9ecc2393bbb3e4

# You shouldn't have to modify anything past this point.

# The peer's IP address.
#ptpaddr         6.5.4.3
# Our CIPE device's IP address.
#ipaddr          6.7.8.9

#maxerr		-1
[ ... ]
---

This is highly misleading.  If you don't define ptpaddr and ipaddr, ciped
process won't even
start properly.  'me' and 'peer', on the other hand, can be ignored (due to
way ciped is started).

Please move the comment line down like 5-10 lines, depending on how crucial
you feel maxerr definition is.  For server-server VPN links setting it to
-1 would be helpful (ciped won't quit even after a lot of invalid packets
etc.)

Perhaps it would be good to change the defaults of ptpaddr and ipaddr to
some reserved
IP address space, like 10.0.0.1 and 10.0.0.2?  Or, something rarer like
172.16.100.1 and 172.16.100.2.
Comment 1 Nalin Dahyabhai 2000-08-07 05:27:45 EDT
cipe-1.3.0-10 will include the ability to set IPADDR and PTPADDR values in the
sysconfig file, and the init script will pick them up (or not) depending on
whether or not they are defined.

Note You need to log in before you can comment on or make changes to this bug.