Configuration file format ========================= Main configuration ------------------ Example config: :: # Log warnings and errors to stderr log level warn; # Log everything to syslog log to syslog level debug; # Set the interface name interface "mesh-vpn"; # Support salsa2012+umac and null methods, prefer salsa2012+umac method "salsa2012+umac"; method "null"; # Bind to a fixed port, IPv4 only bind 0.0.0.0:10000; # Secret key generated by `fastd --generate-key` secret "78dfb05fe0aa586fb017de566b0d21398ac64032fcf1c765855f4d538cc5a357"; # Set the interface MTU for TAP mode with xsalsa20/aes128 over IPv4 with a base MTU of 1492 (PPPoE) # (see MTU selection documentation) mtu 1426; # Include peers from the directory 'peers' include peers from "peers"; | ``bind : [ interface "" ] [ default [ ipv4 ] ];`` | ``bind : [ interface "" ] [ default [ ipv6 ] ];`` | ``bind any: [ interface "" ] [ default [ ipv4|ipv6 ] ];`` | ``bind port [ interface "" ] [ default [ ipv4 ] ];`` | ``bind port [ interface "" ] [ default [ ipv6 ] ];`` | ``bind any port [ interface "" ] [ default [ ipv4|ipv6 ] ];`` Sets the bind address, port and possibly interface. May be specified multiple times. The keyword any makes fastd bind to the unspecified address for both IPv4 and IPv6. When no bind address is configured at all, for each outgoing connection a new socket with a random port is created. IPv6 address must be put in square brackets. It is possible to specify an IPv6 link-local address with an interface in the usual notation (e.g. [fe80::1%eth0]). The default option makes it the default address for outgoing connections for IPv4, IPv6 or both. | ``cipher "" use "";`` Chooses a specific impelemenation for a cipher. Normally, the default setting is already the best choice. Note that specific implementations may be unavailable on some platforms or disabled during compilation. The available ciphers and implementations are: * ``aes128-ctr``: AES128 in counter mode - ``openssl``: Use implementation from OpenSSL's libcrypto - ``nacl``: Use implementation from NaCl or libsodium * ``null``: No encryption (for authenticated-only methods using composed_gmac) - ``memcpy``: Simple memcpy-based implementation * ``salsa20``: The Salsa20 stream cipher - ``xmm``: Optimized implementation for x86/amd64 CPUs with SSE2 support - ``nacl``: Use implementation from NaCl or libsodium * ``salsa2012``: The Salsa20/12 stream cipher - ``xmm``: Optimized implementation for x86/amd64 CPUs with SSE2 support - ``nacl``: Use implementation from NaCl or libsodium | ``drop capabilities yes|no|early;`` By default, fastd switches to the configured user and/or drops its POSIX capabilities after the on up command has been run. When drop capabilities is set to early, the on up command is run after the privileges have been dropped, when set to no, the POSIX capabilities aren't dropped at all (but the user is switched after the on up command has been run nevertheless). | ``forward yes|no;`` Enables or disabled forwarding packets between peers. Care must be taken not to create forwarding loops. | ``group "";`` Sets the group to run fastd as. | ``hide ip addresses yes|no;`` Hides IP addresses in log output. | ``hide mac addresses yes|no;`` Hides MAC addresses in log output. | ``include "";`` Includes another configuration file. Relative paths are interpreted relatively to the including file. | ``include peer "" [ as "" ];`` Includes a peer configuration (and optionally gives the peer a name). | ``include peers from "";`` Includes each file in a directory as a peer configuration. These peers are reloaded when fastd receives a SIGHUP signal. | ``interface "";`` Sets the name of the TUN/TAP interface to use; it will be set by the OS when no name is configured explicitly. | ``log level fatal|error|warn|info|verbose|debug|debug2;`` Sets the default log level, meaning syslog if there is currently a level set for syslog, and stderr otherwise. | ``log to stderr level fatal|error|warn|info|verbose|debug|debug2;`` Sets the stderr log level. By default no log messages are printed on stderr, unless no other log destination is configured, which causes fastd to log to stderr with level info. | ``log to syslog [ as "" ] [ level fatal|error|warn|info|verbose|debug|debug2 ];`` Sets the syslog log level. By default syslog isn't used. | ``mac "" use "";`` Chooses a specific impelemenation for a message authentication code. Normally, the default setting is already the best choice. Note that specific implementations may be unavailable on some platforms or disabled during compilation. The available MACs and implementations are: * ``ghash``: The MAC used by the GCM and GMAC methods - ``pclmulqdq``: An optimized implementation for modern x86/amd64 CPUs supporting the PCLMULQDQ instruction - ``builtin``: A generic implementation * ``uhash``: The MAC used by the UMAC methods - ``builtin``: A generic implementation | ``method "";`` Sets the encryption/authentication method. See the page :doc:`methods` for more information about the supported methods. When multiple method statements are given, the first one has the highest preference. | ``mode tap|tun;`` Sets the mode of the interface; the default is TAP mode. | ``mtu ;`` Sets the MTU; must be at least 576. You should read the page :doc:`mtu` as the default 1500 is suboptimal in most setups. | ``on pre-up [ sync | async ] "";`` | ``on up [ sync | async ] "";`` | ``on down [ sync | async ] "";`` | ``on post-down [ sync | async ] "";`` | ``on connect [ sync | async ] "";`` | ``on establish [ sync | async ] "";`` | ``on disestablish [ sync | async ] "";`` Configures a shell command that is run after the interface is created, before the interface is destroyed, when a handshake is sent to make a new connection, when a new peer connection has been established, or after a peer connection has been lost. fastd will block until the command has finished, to long-running processes should be started in the background. pre-up, up, down and post-down commands are executed synchronously by default, meaning fastd will block until the commands have finished, while the other commands are executed asynchronously by default. This can be changed using the keywords sync and async. The following environment variables are set by fastd for all commands: * ``FASTD_PID``: fastd's PID * ``INTERFACE``: the interface name * ``INTERFACE_MTU``: the configured MTU * ``LOCAL_KEY``: the local public key For on connect, on establish and on disestablish the following variables are set in addition: * ``LOCAL_ADDRESS``: the local IP address * ``LOCAL_PORT``: the local UDP port * ``PEER_ADDRESS``: the peer's IP address * ``PEER_PORT``: the peer's UDP port * ``PEER_NAME``: the peer's name in the local configuration * ``PEER_KEY``: the peer's public key | ``on verify [ sync | async ] "";`` Configures a shell command that is run on connection attempts by unknown peers. The same environment variables as in the on establish command are supplied. When the commands returns 0, the connection is accepted, otherwise the handshake is ignored. By default, fastd ignores connections from unknown peers. Verify commands are executed asynchronously by default. This can be changed using the keywords sync and async. | ``packet mark ;`` Defines a packet mark to set on fastd's packets, which can be used in an ip rule. Marks can be specified in decimal, hexadecimal (with a leading 0x), and octal (with a leading 0). | ``peer "" {`` *peer configuration* ``}`` An inline peer configuration. | ``peer group "" {`` *configuration* ``}`` Configures a peer group. | ``peer limit ;`` Sets the maximum number of connections for the current peer group. .. _option-pmtu: | ``pmtu yes|no|auto;`` Enables or disables Path MTU detection for IPv4. If enabled, all packets are sent with DF set, and all fragmentation happens on the sending host itself. If disabled, routers may fragment the packets themselves, possibly leading to multiple fragmentation. In general, disabling this should not be necessary, but in some networks ICMP MTU Too Big packets are lost, so PMTU detection doesn't work correctly. If possible, fastd's mtu setting should be adjusted so the packets aren't fragmented at all instead of relying on this option. The default is auto, which uses the system default as specified in /proc/sys/net/ipv4/ip_no_pmtu_disc. The pmtu option is available on Linux platforms only. | ``protocol "";`` Sets the handshake protocol; at the moment only ec25519-fhmqvc is supported. | ``secret "";`` Sets the secret key. | ``secure handshakes yes|no;`` fastd v11+ implements a revised handshake scheme which prevents downgrade attacks (i.e. an attacker forcing two peers to use the least secure encryption method supported by both sides, or even half-establishing a session with an encryption method supported by one side only). To maintain backwards compatiblity, the old handshake is still supported when secure handshakes is set to no. Setting this option to yes (the default) on one side is enough to ensure that a session established by two peers has not been downgraded. | ``user "";`` Sets the user to run fastd as. Peer configuration ------------------ Example config: :: key "f05c6f62337d291e34f50897d89b02ae43a6a2476e2969d1c8e8104fd11c1873"; remote 192.0.2.1:10000; remote [2001:db8::1]:10000; remote ipv4 "fastd.example.com" port 10000; | ``include "";`` Includes another configuration file. | ``key "";`` Sets the peer's public key. | ``remote :;`` | ``remote :;`` | ``remote [ ipv4|ipv6 ] "":;`` | ``remote port ;`` | ``remote port ;`` | ``remote [ ipv4|ipv6 ] "" port ;`` Sets the IP address or host name to connect to. If a peer doesn't have a remote address configured, incoming connections are accepted, but no own connection attempts will be made. The ipv4 or ipv6 options can be used to force fastd to resolve the host name for the specified protocol version only. Starting with fastd v9, multiple remotes may be given for a single peer. If this is the case, they will be tried one after another. Starting with fastd v11, all addresses a given hostname resolves to are taken into account, not only the first one. This can be use to specify alternative hostname, addresses and/or ports for the same host; all remotes must still refer to the same peer as the public key must be unique. | ``float yes|no;`` The float option can be used to accept connections from the peer with the specified key from other addresses that the configured ones.