One-Way Ping (OWAMP)

About     |     Downloads      |     Manual Pages     |     Cookbook (PDF)     |     License

owampd.conf(5)                                                  owampd.conf(5)

       owampd.conf - One-way latency daemon configuration file.

       The  owampd.conf  file is the configuration file for the owampd(8) dae-
       mon. It is used to configure the basic operation  of  the  server.  For
       example,  what addresses and ports it should listen on, where it should
       send error messages, and where it should save files.

       The policy rules for owampd  are  configured  using  the  owampd.limits
       file;  the  details for configuring those policies are described in the
       owampd.limits(5) manual page.

       The format of this file is:

              ·      Comment lines are any line where the first non-whitespace
                     character  is  ’#’.  These lines are counted for the pur-
                     poses of returning line numbers in error messages but are
                     otherwise ignored by owampd.

              ·      Lines  may be continued using the semi-standard ’\’ char-
                     acter followed immediately by a newline  character.  This
                     is  the  only valid place for the ’\’ character. If it is
                     found elsewhere, a syntax error is reported.

              ·      Blank lines are treated as comment lines.

              ·      All other lines are used to  set  configuration  options.
                     The  format of these lines is an initial keyword followed
                     by a variable list of arguments, separated by whitespace.

       authmode authmode
              Specify  the  authentication  modes the server is willing to use
              for communication. authmode should be set as a character string,
              with any or all of the characters "AEO". The modes are:

              A      [A]uthenticated.  This  mode encrypts the control connec-
                     tion and encrypts part of each test packet.

              E      [E]ncrypted. This mode encrypts  the  control  connection
                     and  encrypts  each test packet in full. This mode forces
                     an encryption step between the fetching  of  a  timestamp
                     and when the packet is sent. This adds more computational
                     delay to the time reported by OWAMP for each packet.

              O      [O]pen. No encryption of any kind is done.

              The server can specify all the modes with which it is willing to
              communicate.   The most strict mode that both the server and the
              client are willing to use will be selected.


       controltimeout controltimeout
              Number of seconds to wait for protocol  messages  before  timing


       datadir datadir
              Directory  path  where data files will be placed. The data files
              are the "receive" session files that are buffered on the server.
              Policy  restrictions  can  be  used to set how much disk space a
              given connection can use, as well as to determine when each file
              is deleted. (See the owampd.limits(f) manual page.)

                     Current directory

       dieby dieby
              Number of seconds to wait for child processes to gracefully ter-
              minate before killing them with SIGKILL. This is in response  to
              the master process receiving SIGTERM or SIGHUP.

              This  option  should no longer be needed. If child processes are
              not exiting gracefully, please  send  a  bug  report  to  owamp-


       diskfudge diskfudge
              Fudge  factor  to  use  when  determining if a buffered owp file
              should be kept.  It creates a hard limit  for  disk  usage.  The
              soft  limit  is  determined  by the limitclass that a connection
              matches [see the owampd.limits(5) manual page]  and  is  applied
              when a test is requested. If the estimated file-size of the test
              would put the limitclass over the soft limit, then the  test  is
              denied.  However, it is possible, due to duplicate packets, that
              a test session file may end up larger  than  this  estimate.  If
              that  happens,  and  if  the file is successfully saved to disk,
              then, upon completion of the test, the actual file-size is  used
              to update the disk usage in the resource broker process. At this
              point, the hard limit is applied. The hard limit  is  determined
              by  multiplying  the  soft  limit by the diskfudge. If the final
              file-size causes the disk space used by  the  limitclass  to  be
              larger than the quota defined by the hard limit then the file is
              immediately deleted.

              A liberal factor is recommended because this factor  won’t  come
              in  to  play  unless  there are numerous duplicates, and that is
              precisely the kind of data most users will want to see. However,
              it  is important to have this factor to ensure disk usage is not
              too vulnerable to replay DOS attacks of the test protocol.)

              The valid values for diskfudge are 1.0-10.0.

                     1.0 (hard limit is the same as the soft limit)

       enddelay enddelay
              Amount of time for a sender to  wait  after  session  completion
              (last  packet  send-time  plus  timeout) before sending the stop
              sessions message.

              This is important if the sender clock is running  ahead  of  the
              receiver clock.

              A  session  is complete timeout after the send time of the final
              packet.  If the sender clock is ahead of  the  receivers  clock,
              the   sender  will  declare  the  session  complete  before  the
              receiver. The receiver is only allowed to retain records for the
              packets  that  were sent at least timeout before it receives the
              stop sessions message from the sender. Therefore, if the  sender
              clock  is running ahead of the receiver clock, the receiver will
              be forced to delete some number of the final  packets  from  the

              This parameter directs the sender to wait enddelay after session
              completion allowing the receiver clock to be essentially  endde-
              lay  later than the sender clock and still retain full sessions.

                     1.0 (seconds)

       facility facility
              Specify the syslog facility to log messages.


       group group
              Specifies the gid the owampd process should run as. group can be
              specified  using  a  valid  group name on the system or by using
              -gid.  This option is only used if owampd is started as root.

              This option can be useful to limit log-file permissions to  only
              users in this group.

              Directs  the  owampd process to report source code file and line
              number information with error messages. This is  a  particularly
              useful  option  to set when sending in messages as part of a bug

       pbkdf2_count count
              This indicates the count parameter  for  the  pseudo-random  key
              derivation  function that is used to derive the session key from
              the long term key stored in the owampd.pfs file.


              If present, this disables the requirement that owampd  run  with
              non-root permissions. There are legitimate reasons to run owampd
              as root, but it is more risky. (For example, some operating sys-
              tems require root permissions to set the TOS bits used by the -D
              and -H options of owping.) This additional option was  added  to
              ensure  root permissions are only used when explicitly intended.

       srcnode nodename:port
              Specify the  address  and  port  that  owampd  will  listen  for
              requests.   nodename  can be specified using a DNS name or using
              the textual representation of the address. It is possible to set
              the  source  address  without setting the port by simply leaving
              off the ’:’ and port specification. Likewise, a non-default port
              can be specified for all system addresses (wildcard) by starting
              the specification string with a ’:’.   If  an  IPv6  address  is
              specified,  note  that  the accepted format contains nodename in
              square brackets as: [fe80::fe9f:62d8].  This  ensures  the  port
              number  is  distinct from the address specification. The address
              can be wildcarded by only specifying the port portion.

              Because the default port for owampd is in  the  protected  range
              for  most  operating systems, it is usually required that owampd
              is stared as root. This option can be used  to  specify  a  non-
              standard port value that is not protected.

                     nodename is wildcarded as any currently available address
                     port is 861.

       testports 0 | lowport-highport
              Specify the specific port range to use on  the  local  host  for
              OWAMP-Test packets. This can be specified in two ways. First, as
              0 which would indicate owampd should allow the  system  to  pick
              the  port  (ephemeral).  Second,  as a range.  lowport must be a
              smaller value than highport and both numbers must be valid  port
              values. (16 bit unsigned integer values)


       user user
              Specifies  the uid the owampd process should run as. user can be
              specified using a valid user name on  the  system  or  by  using
              -uid.  This option is only used if owampd is started as root.

              In  the default case, owampd should be started as root so it can
              bind the default port 861. (See  srcnode  option.)  owampd  will
              release root permissions shortly after binding to this protected
              port and requests will be serviced  by  processes  running  with
              permissions defined by the user.

       vardir vardir
              Directory  path  where the and files will
              be placed.

                     Current directory

              If this option is present, it directs the owampd process to gen-
              erate more verbose messages to syslog.

       owping(1),  owampd(8), owampd.limits(5), owampd.pfs(5), pfstore(1), and
       the web site.

       This material is based in part on work supported by the  National  Sci-
       ence  Foundation (NSF) under Grant No. ANI-0314723. Any opinions, find-
       ings and conclusions or recommendations expressed in this material  are
       those  of the author(s) and do not necessarily reflect the views of the

                                    $Date$                      owampd.conf(5)