]>
Commit | Line | Data |
---|---|---|
189935b1 | 1 | Release notes for ircu2.10.12 |
2 | Last updated: 1 Sep 2005 | |
3 | Written by Michael Poole <mdpoole@troilus.org> | |
4 | Based on earlier documents by Kev <klmitch@mit.edu> and | |
5 | Braden <dbtem@yahoo.com>. | |
6 | ||
7 | This document briefly describes changes in ircu2.10.12 relative to | |
8 | ircu2.10.11. ircu2.10.12 is only compatible with servers that | |
9 | implement the P10 protocol. It has been tested to link against | |
10 | ircu2.10.11, but some features (notably IPv6 support and oplevels) are | |
11 | not supported by ircu2.10.11. | |
12 | ||
13 | Semantic Changes (TAKE NOTE): | |
14 | ||
15 | Channel keys and passwords (see the "oplevels" enhancement below) | |
16 | listed in a JOIN are now only checked against the corresponding | |
17 | channel. In ircu2.10.11, "JOIN #a,#b key" would attempt to use "key" | |
18 | as the key for both #a and #b. ircu2.10.12 will only attempt to use | |
19 | it as the key for #a. ircu2.10.12's behavior matches that documented | |
20 | in RFC 1459. | |
21 | ||
22 | Enhancements: | |
23 | ||
24 | The configuration file format has changed to one that is easier to | |
25 | read. It is based on the configuration parser found in ircd-hybrid. | |
26 | As usual, an example configuration file can be found in the doc | |
27 | subdirectory. | |
28 | ||
29 | ircu now supports IPv6 clients. If your operating system provides | |
30 | IPv6 socket support, ircu can accept connections on IPv6 addresses. | |
31 | Even if your operating system does not support IPv6 sockets, you can | |
32 | link (using IPv4) to a server that has IPv6 clients, and ircu will | |
33 | treat the IPv6 clients correctly. | |
34 | ||
35 | The DNS resolver has been replaced with a streamlined version (also | |
36 | from ircd-hybrid) that avoids some of the complications from using | |
37 | the full libresolv or adns libraries. | |
38 | ||
39 | The server can query an IAUTH external authorization server. The | |
40 | protocol is described in doc/readme.iauth. This allows an external | |
41 | program to accept or reject any client that connects to the server | |
42 | and allows that external program to assign an account stamp to the | |
43 | incoming user. | |
44 | ||
45 | A new feature called "oplevels" has been added. It uses new channel | |
46 | keys (+A for the administrator, +U for users) to grant chanop status | |
47 | when you join using those keys. Part of this channel protection is | |
48 | that you cannot be deopped in channel by someone who you opped. | |
49 | ||
50 | A new channel mode, +D, has been added for auditorium-style channels. | |
51 | These are channels where most users listen but do not speak or receive | |
52 | ops or voice. The effect of +D is that the server waits to send the | |
53 | JOIN message for new users until the user gets ops or voice or sends a | |
54 | message to the channel. A list of join-delayed users in a channel may | |
55 | be retrieved by using /NAMES -d #channel. The response to /NAMES -d | |
56 | uses the same format as numeric 353, but uses numeric 355 instead. If | |
57 | an op removes +D while there are still join-delayed users, the server | |
58 | automatically sets mode +d, and removes +d when the last user's join | |
59 | is shown. It is not possible to set channel mode +d manually; its | |
60 | purpose is to warn channel users that there are "hidden" users in the | |
61 | channel. | |
62 | ||
63 | More than one hashing mechanism is now supported for oper passwords, | |
64 | and a new tool (ircd/umkpasswd) is provided to generate them. | |
65 | ||
66 | Commands that send messages to specified services may be defined in | |
67 | the configuration file by using Pseudo blocks. This lets users use | |
68 | commands like /X or /CHANSERV from their client, without tying the | |
69 | admin to a particular arrangement or naming of services. | |
70 | ||
71 | The /stats command accepts string identifiers in addition to | |
72 | single-character identifiers. For example, "/stats access" shows the | |
73 | same data as "/stats i". Supported names are shown by /stats. New | |
74 | /stats options are: /stats a (nameservers), to list DNS nameservers in | |
75 | use; /stats L (modules), to list loaded modules; and /stats R | |
76 | (mappings), to list privmsg helper commands defined by Pseudo blocks. | |
77 | By default, all of these are hidden from normal users. | |
78 | ||
79 | Client blocks (previously I: lines), Operator blocks (previously O: | |
80 | and o: lines), channel bans and silences may use CIDR notation instead | |
81 | of simple wildcards. You may also have silence exceptions by putting | |
82 | '~' before the mask; for example, if you wish to silence everyone | |
83 | except X, you could use SILENCE *!*@*,~X!cservice@undernet.org. | |
84 | ||
85 | The server will no longer kick "net riders" in keyed (+k) channels if | |
86 | both sides of the net join have the same key. | |
87 | ||
88 | IP masks (as used in bans, G-lines, etc) are now parsed in a more | |
89 | forgiving manner. 127.0.0.0/8, 127.* and 127/8 are all accepted and | |
90 | mean the same thing. Ambiguous expressions like 127/8 are interpreted | |
91 | as IPv4 masks; to interpret it as an IPv6 mask, use 127:/8. | |
92 | ||
93 | Configuration Changes: | |
94 | ||
95 | As mentioned above, the configuration file format has changed | |
96 | radically. Please consult doc/example.conf for details on the | |
97 | new format. Some prominent changes follow. | |
98 | ||
99 | The old contents of H: lines have been merged into the Connect block | |
100 | that describes the peer server(s) that should be allowed to hub. | |
101 | ||
102 | Two default virtual host addresses may be specified, one for IPv4 | |
103 | sockets and one for IPv6 sockets. | |
104 | ||
105 | Nickname jupes have their own blocks, and do not share structure with | |
106 | UWorld server declarations. | |
107 | ||
108 | Operator connection classes and individual operator blocks may be | |
109 | assigned privileges, rather than having them controlled globally. | |
110 | Because of this, the feature settings that controlled the privileges | |
111 | globally have been removed. | |
112 | ||
113 | The maximum number of clients allowed per IP may be set in a Client | |
114 | block (the equivalent of C: lines). | |
115 | ||
116 | New feature settings (see doc/readme.features for explanations): | |
117 | ANNOUNCE_INVITES, HIS_STATS_L, HIS_STATS_a, HIS_STATS_R, | |
118 | LOCAL_CHANNELS, TOPIC_BURST. | |
119 | ||
120 | Deleted features, since they had no effect even in 2.10.11: AUTOHIDE, | |
121 | HIS_DESYNCS, TIMESEC. | |
122 | ||
123 | Deleted features since they are now controlled by other configuration | |
124 | entries: VIRTUAL_HOST, oper and locop privilege features. | |
125 | ||
37d25209 | 126 | Deleted feature since it no longer applies: HIS_STATS_h. |
127 | ||
189935b1 | 128 | Compile Time Options: |
129 | ||
130 | A listing of supported compile-time options may be seen by running | |
131 | "./configure --help". The defaults should be sane. In particular, | |
132 | you should NOT compile with --enable-debug or with --disable-symbols | |
133 | on a production network. | |
134 | ||
135 | Otherwise Undocumented Features: | |
136 | ||
137 | Despite our preferences to keep these undocumented, they are | |
138 | occasionally useful, and are described here for users who may | |
139 | need them. | |
140 | ||
141 | To enable these, you need to add them to CFLAGS prior to running | |
142 | ./configure, usually as in: CFLAGS="-O2 -D<option>" ./configure | |
143 | ||
144 | -DNICKLEN=20 | |
145 | ||
146 | This allows you change the maximum nick length from 15 to 20 (or | |
147 | whatever number you use at the end). It MUST be the same on all | |
148 | servers on your network, or bad things will happen. You should also | |
149 | use the NICKLEN feature in ircd.conf. | |
150 | ||
151 | -DNOTHROTTLE | |
152 | This disables the throttling code. This is used for debugging | |
153 | *only*. It lets you connect up to 255 clients from one host with no | |
154 | time considerations. If this is enabled on a production server Kev will | |
155 | personally drive your server into the ground. You have been warned. | |
156 | ||
157 | ||
158 | Operating System and Kernel Requirements: | |
159 | ||
160 | If you plan allowing more than 1000 clients on your server, you may | |
161 | need to adjust your kernel resource limits for networking and | |
162 | I/O. There are two things you will need to pay particular attention | |
163 | to, the number of file descriptors available and the number of buffers | |
164 | the kernel has available to read and write data to the file | |
165 | descriptors. | |
166 | ||
167 | To calculate kernel buffer requirements a good place to start is to | |
168 | multiply the expected number connections expected on the machine by | |
169 | the amount of data we buffer for each connection. Doubling the result | |
170 | of the above calculation and dividing it by the size of the buffers | |
171 | the kernel uses for I/O should give you a starting place. | |
172 | ||
173 | The server uses 2K kernel buffers for clients, and 64K kernel buffers | |
174 | for servers (actual use may be somewhat higher). | |
175 | ||
176 | c_count - number of clients expected | |
177 | c_q - number of bytes buffered for each client | |
178 | s_count - number of servers expected | |
179 | s_q - number of bytes buffered for each server | |
180 | ||
181 | buffer count = (2 * (c_count * c_q + s_count * s_q)) / kernel buffer size | |
182 | ||
183 | If the client count is 2000 and the server count is 1 (normal leaf) | |
184 | and your server uses 2K as an I/O buffer size: | |
185 | ||
186 | You need (2 * (2000 * 2048 + 1 * 65536)) / 2048 or a minimum of 4064 | |
187 | buffers available, if the kernel uses 512 byte buffers you will need a | |
188 | minimum of 16256 kernel buffers. | |
189 | ||
190 | These settings may be a bit light for net-breaks under full client | |
191 | load you will need to experiment a bit to find the right settings for | |
192 | your server. | |
193 | ||
194 | FreeBSD --WildThang | |
195 | ||
196 | You may want to increase your kernel resources if you want to put a | |
197 | lot of clients on your machine here are a few values to start with: | |
198 | ||
199 | CHILD_MAX=4096 | |
200 | OPEN_MAX=4096 | |
201 | FD_SETSIZE=4096 | |
202 | NMBCLUSTERS=8096 | |
203 | ||
204 | If you have trouble connecting *out* from your machine try: | |
205 | sysctl -w net.inet.ip.portrange.last=10000 | |
206 | ||
207 | Solaris 2.6 --Tar | |
208 | ||
209 | Increase the default hard limit for file descriptors in /etc/system: | |
210 | ||
211 | set rlim_fd_max = 4096 | |
212 | ||
213 | The server will raise the soft limit to the hard limit. | |
214 | ||
215 | Linux 2.2 -- [Tri]/Isomer | |
216 | ||
217 | The kernel has a kernel destination cache size of 4096. If the kernel | |
218 | sees more than 4096 IP's in 60s it warns 'dst cache overflow'. This | |
219 | limit can be changed by modifying /proc/sys/net/ipv4/route/max_size. | |
220 | ||
221 | A patch to select is also recommended if you have regular poll/select | |
222 | errors. |