Mercurial > hg > freeDiameter

comparison doc/freediameter.conf.sample @ 1400:1409e693fa0f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Document IncomingQueueLimit, OutgoingQueueLimit, and LocalQueueLimit
author Thomas Klausner <tk@giga.or.at>
date Tue, 03 Dec 2019 18:18:59 +0100
parents 239ba25870d8
children
comparison
equal deleted inserted replaced
1399:eff5bb332b5a 1400:1409e693fa0f
3 # Most of the options can be omitted, as they default to reasonable values. 3 # Most of the options can be omitted, as they default to reasonable values.
4 # Only TLS-related options must be configured properly in usual setups. 4 # Only TLS-related options must be configured properly in usual setups.
5 5
6 # It is possible to use "include" keyword to import additional files 6 # It is possible to use "include" keyword to import additional files
7 # e.g.: include "/etc/freeDiameter.d/*.conf" 7 # e.g.: include "/etc/freeDiameter.d/*.conf"
8 # This is exactly equivalent as copy & paste the content of the included file(s) 8 # This is exactly equivalent as copy & paste the content of the included file(s)
9 # where the "include" keyword is found. 9 # where the "include" keyword is found.
10 10
11 11
12 ############################################################## 12 ##############################################################
13 ## Peer identity and realm 13 ## Peer identity and realm
14 14
15 # The Diameter Identity of this daemon. 15 # The Diameter Identity of this daemon.
16 # This must be a valid FQDN that resolves to the local host. 16 # This must be a valid FQDN that resolves to the local host.
17 # Default: hostname's FQDN 17 # Default: hostname's FQDN
18 #Identity = "aaa.koganei.freediameter.net"; 18 #Identity = "aaa.koganei.freediameter.net";
32 # See TLS_old_method for more information about TLS flavours. 32 # See TLS_old_method for more information about TLS flavours.
33 # Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter. 33 # Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
34 # Default: 5868. Use 0 to disable. 34 # Default: 5868. Use 0 to disable.
35 #SecPort = 5868; 35 #SecPort = 5868;
36 36
37 # Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed 37 # Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
38 # on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the 38 # on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
39 # CER/CEA exchange on a dedicated secure port. 39 # CER/CEA exchange on a dedicated secure port.
40 # This parameter only affects outgoing connections. 40 # This parameter only affects outgoing connections.
41 # The setting can be also defined per-peer (see Peers configuration section). 41 # The setting can be also defined per-peer (see Peers configuration section).
42 # Default: use RFC6733 method with separate port for TLS. 42 # Default: use RFC6733 method with separate port for TLS.
43 #TLS_old_method; 43 #TLS_old_method;
44 44
45 # Disable use of TCP protocol (only listen and connect over SCTP) 45 # Disable use of TCP protocol (only listen and connect over SCTP)
124 # Default : GNUTLS default behavior 124 # Default : GNUTLS default behavior
125 #TLS_CA = "<file.PEM>"; 125 #TLS_CA = "<file.PEM>";
126 126
127 # Certificate Revocation List file 127 # Certificate Revocation List file
128 # The information about revoked certificates. 128 # The information about revoked certificates.
129 # The file contains a list of trusted CRLs in PEM format. They should have been verified before. 129 # The file contains a list of trusted CRLs in PEM format. They should have been verified before.
130 # (This parameter is passed to gnutls_certificate_set_x509_crl_file function) 130 # (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
131 # Note: openssl CRL format might have interoperability issue with GNUTLS format. 131 # Note: openssl CRL format might have interoperability issue with GNUTLS format.
132 # Default : GNUTLS default behavior 132 # Default : GNUTLS default behavior
133 #TLS_CRL = "<file.PEM>"; 133 #TLS_CRL = "<file.PEM>";
134 134
135 # GNU TLS Priority string 135 # GNU TLS Priority string
136 # This string allows to configure the behavior of GNUTLS key exchanges 136 # This string allows to configure the behavior of GNUTLS key exchanges
137 # algorithms. See gnutls_priority_init function documentation for information. 137 # algorithms. See gnutls_priority_init function documentation for information.
138 # You should also refer to the Diameter required TLS support here: 138 # You should also refer to the Diameter required TLS support here:
139 # http://tools.ietf.org/html/rfc6733#section-13.1 139 # http://tools.ietf.org/html/rfc6733#section-13.1
140 # Default : "NORMAL" 140 # Default : "NORMAL"
141 # Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"; 141 # Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
142 #TLS_Prio = "NORMAL"; 142 #TLS_Prio = "NORMAL";
143 143
144 # Diffie-Hellman parameters size 144 # Diffie-Hellman parameters size
145 # Set the number of bits for generated DH parameters 145 # Set the number of bits for generated DH parameters
146 # Valid value should be 768, 1024, 2048, 3072 or 4096. 146 # Valid value should be 768, 1024, 2048, 3072 or 4096.
147 # (This parameter is passed to gnutls_dh_params_generate2 function, 147 # (This parameter is passed to gnutls_dh_params_generate2 function,
148 # it usually should match RSA key size) 148 # it usually should match RSA key size)
149 # Default : 1024 149 # Default : 1024
150 #TLS_DH_Bits = 1024; 150 #TLS_DH_Bits = 1024;
151 151
152 # Alternatively, you can specify a file to load the PKCS#3 encoded 152 # Alternatively, you can specify a file to load the PKCS#3 encoded
153 # DH parameters directly from. This accelerates the daemon start 153 # DH parameters directly from. This accelerates the daemon start
154 # but is slightly less secure. If this file is provided, the 154 # but is slightly less secure. If this file is provided, the
155 # TLS_DH_Bits parameters has no effect. 155 # TLS_DH_Bits parameters has no effect.
156 # Default : no default. 156 # Default : no default.
157 #TLS_DH_File = "<file.PEM>"; 157 #TLS_DH_File = "<file.PEM>";
158 158
176 ############################################################## 176 ##############################################################
177 ## Applications configuration 177 ## Applications configuration
178 178
179 # Disable the relaying of Diameter messages? 179 # Disable the relaying of Diameter messages?
180 # For messages not handled locally, the default behavior is to forward the 180 # For messages not handled locally, the default behavior is to forward the
181 # message to another peer if any is available, according to the routing 181 # message to another peer if any is available, according to the routing
182 # algorithms. In addition the "0xffffff" application is advertised in CER/CEA 182 # algorithms. In addition the "0xffffff" application is advertised in CER/CEA
183 # exchanges. 183 # exchanges.
184 # Default: Relaying is enabled. 184 # Default: Relaying is enabled.
185 #NoRelay; 185 #NoRelay;
186 186
187 # Number of server threads that can handle incoming messages at the same time. 187 # Number of server threads that can handle incoming messages at the same time.
193 #RoutingInThreads = 1; 193 #RoutingInThreads = 1;
194 194
195 # Number of server threads that can handle outgoing message routing at the same time. 195 # Number of server threads that can handle outgoing message routing at the same time.
196 # Default: 1 196 # Default: 1
197 #RoutingOutThreads= 1; 197 #RoutingOutThreads= 1;
198
199 # Maximum size of the incoming queue (messages queued after accepting
200 # them from the network) before blocking
201 # Default: 20
202 #IncomingQueueLimit = 20;
203
204 # Maximum size of the outgoing queue (messages queued for sending to
205 # the network) before blocking
206 # Default: 30
207 #OutgoingQueueLimit = 30;
208
209 # Maximum size of the local queue (messages queued for local handling)
210 # before blocking
211 # Default: 25
212 #LocalQueueLimit = 25;
198 213
199 # Other applications are configured by loaded extensions. 214 # Other applications are configured by loaded extensions.
200 215
201 ############################################################## 216 ##############################################################
202 ## Extensions configuration 217 ## Extensions configuration
203 218
204 # The freeDiameter framework merely provides support for 219 # The freeDiameter framework merely provides support for
205 # Diameter Base Protocol. The specific application behaviors, 220 # Diameter Base Protocol. The specific application behaviors,
206 # as well as advanced functions, are provided 221 # as well as advanced functions, are provided
207 # by loadable extensions (plug-ins). 222 # by loadable extensions (plug-ins).
208 # These extensions may in addition receive the name of a 223 # These extensions may in addition receive the name of a
209 # configuration file, the format of which is extension-specific. 224 # configuration file, the format of which is extension-specific.
210 # 225 #
211 # Format: 226 # Format:
212 #LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ; 227 #LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
213 # 228 #
242 ############################################################## 257 ##############################################################
243 ## Peers configuration 258 ## Peers configuration
244 259
245 # The local server listens for incoming connections. By default, 260 # The local server listens for incoming connections. By default,
246 # all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl). 261 # all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
247 # 262 #
248 # In addition to incoming connections, the local peer can 263 # In addition to incoming connections, the local peer can
249 # be configured to establish and maintain connections to some 264 # be configured to establish and maintain connections to some
250 # Diameter nodes and allow connections from these nodes. 265 # Diameter nodes and allow connections from these nodes.
251 # This is achieved with the ConnectPeer directive described below. 266 # This is achieved with the ConnectPeer directive described below.
252 # 267 #
253 # Note that the configured Diameter Identity MUST match 268 # Note that the configured Diameter Identity MUST match
254 # the information received inside CEA, or the connection will be aborted. 269 # the information received inside CEA, or the connection will be aborted.
275 290
276 # If Route-Record AVPs should be added in Answers. 291 # If Route-Record AVPs should be added in Answers.
277 # Possible values: Always, Never 292 # Possible values: Always, Never
278 # Default: Always 293 # Default: Always
279 #RouteRecordInAnswers = Never; 294 #RouteRecordInAnswers = Never;
295
"Welcome to our mercurial repository"