Update to not mention gifconfig(8); remove verbiage about ECN and

multidestination modes (we propagate ECN by default, and don't support
multidestination mode).

1 files changed, 19 insertions, 146 deletions

diff --git a/share/man/man4/gif.4 b/share/man/man4/gif.4
index 415325b0e69..7b3d1f0c7e1 100644
--- a/share/man/man4/gif.4
+++ b/share/man/man4/gif.4
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: gif.4,v 1.1 1999/12/08 13:58:42 itojun Exp $
+.\"	$OpenBSD: gif.4,v 1.2 2000/01/16 00:03:02 angelos Exp $
 .\"
 .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 .\" All rights reserved.
@@ -41,182 +41,55 @@
 .Sh DESCRIPTION
 The
 .Nm
-interface is a generic tunnelling pseudo device for IPv4 and IPv6.
-It can tunnel IPv[46] traffic over IPv[46].
-Therefore, there can be four possible configurations.
+interface is a generic tunnelling pseudo-device for IPv4 and IPv6.
+It can tunnel IPv[46] traffic over IPv[46], for a total of four
+possible combinations.
 The behavior of
 .Nm
 is mainly based on RFC1933 IPv6-over-IPv4 configured tunnel.
 .Pp
 To use
 .Nm gif ,
-administrator needs to configure protocol and addresses used for the outer 
-header.
+the administrator needs to configure the addresses used for the outer header.
 This can be done by using
-.Xr gifconfig 8 ,
-or
+.Xr ifconfig 8 ,
+or through the
 .Dv SIOCSIFPHYADDR
 ioctl.
-Also, administrator needs to configure protocol and addresses used for the
+The administrator needs to also configure the addresses used for the
 inner header, by using
 .Xr ifconfig 8 .
 Note that IPv6 link-local address
 .Pq those start with Li fe80::
 will be automatically configured whenever possible.
-You may need to remove IPv6 link-local address manually using
+One may need to remove any IPv6 link-local address manually using
 .Xr ifconfig 8 ,
-when you would like to disable the use of IPv6 as inner header
-.Pq like when you need pure IPv4-over-IPv6 tunnel .
-Finally, use routing table to route the packets toward
+to disable the use of IPv6 as inner header
+.Pq e.g., when a pure IPv4-over-IPv6 tunnel is required .
+Finally, the routing table may be used to route the packets toward the
 .Nm
 interface.
 .Pp
 .Nm
-interface can be configued to perform bidirectional tunnel, or
-multi-destination tunnel.
-This is controlled by
-.Dv IFF_LINK0
-interface flag.
-Also,
-.Nm
-can be configured to be ECN friendly.
-This can be configured by
-.Dv IFF_LINK1 .
+is ECN-friendly.
 .\"
-.Ss Bidirectional and multi-destination mode
-Usually,
-.Nm
-implements bidirectional tunnel.
-.Xr gifconfig 8
-should configure a tunnel ingress point
-.Pq this node
-and an egress point
-.Pq tunnel endpoint ,
-and
-one
-.Nm
-interface will tunnel to only a single tunnel endpoint,
-and accept from only a single tunnel endpoint.
-Source and destination address for outer IP header is always the
-ingress and the egress point configued by
-.Xr gifconfig 8 .
-.Pp
-With
-.Dv IFF_LINK0
-interface flag,
-.Nm
-can be configured to implement multi-destination tunnel.
-With
-.Dv IFF_LINK0 ,
-it is able to configure egress point to IPv4 wildcard address
-.Pq Nm 0.0.0.0
-or IPv6 unspecified address
-.Pq Nm 0::0 .
-In this case, destination address for the outer IP header is
-determined based on the routing table setup.
-Therefore, one
-.Nm
-interface can tunnel to multiple destinations.
-Also,
-.Nm
-will accept tunneled traffic from any outer source address.
-.Pp
-When finding a
-.Nm gif
-interface from the inbound tunneled traffic,
-bidirectional mode interface is preferred than multi-destination mode interface.
-For example, if you have the following three
-.Nm
-interfaces on node A, tunneled traffic from C to A will match the second
-.Nm
-interface, not the third one.
-.Bl -bullet -compact -offset indent
-.It
-bidirectional, A to B
-.It
-bidirectional, A to C
-.It
-multi-destination, A to any
-.El
-.Pp
-Please note that multi-destination mode is far less secure
-than bidirectional mode.
-Multi-destination mode
-.Nm
-can accept tunneled packet from anybody,
-and can be attacked from a malicious node.
-.Pp
-.Ss ECN friendly behavior
-.Nm
-can be configured to be ECN friendly, as described in
-.Dv draft-ipsec-ecn-00.txt .
-This is turned off by default, and can be turned on by
-.Dv IFF_LINK1
-interface flag.
-.Pp
-Without
-.Dv IFF_LINK1 ,
-.Nm
-will show a normal behavior, like described in RFC1933.
-This can be summarized as follows:
-.Bl -tag -width "Ingress" -offset indent
-.It Ingress
-Set outer TOS bit to
-.Dv 0 .
-.It Egress
-Drop outer TOS bit.
-.El
-.Pp
-With
-.Dv IFF_LINK1 ,
-.Nm
-will copy ECN bits
-.Po
-.Dv 0x02
-and
-.Dv 0x01
-on IPv4 TOS byte or IPv6 traffic class byte
-.Pc
-on egress and ingress, as follows:
-.Bl -tag -width "Ingress" -offset indent
-.It Ingress
-Copy TOS bits except for ECN CE
-.Po
-masked with
-.Dv 0xfe
-.Pc
-from
-inner to outer.
-set ECN CE bit to
-.Dv 0 .
-.It Egress
-Use inner TOS bits with some change.
-If outer ECN CE bit is
-.Dv 1 ,
-enable ECN CE bit on the inner.
-.El
-.Pp
-Note that the ECN friendly behavior violates RFC1933.
-This should be used in mutual agreement with the tunnel endpoint.
-.Pp
 .Ss Backward compatibility
+The
 .Nm
-interface will capture packets toward IPv4-in-IPv4 tunnel,
-which has been used by
-.Xr vif 4 
+interface will capture packets toward a IPv4-in-IPv4 tunnel used by a
+.Xr tun 4 
 multicast tunnel device
 .Pq used in MBone community .
 For compatibility, IPv4-in-IPv4 traffic will be matched to
 .Nm
-interfaces first, and then sent to
-.Xr vif 4
+interfaces first, then sent to
+.Xr tun 4
 if no match is found.
 .\"
 .Sh SEE ALSO
 .Xr inet 4 ,
 .Xr inet6 4 ,
-.Xr vif 4 ,
-.Xr gifconfig 8 ,
+.Xr ifconfig 8 ,
 RFC1933
 .Rs
 .%A	Sally Floyd