-
-README for ircu2.10.10.beta
-Please read this completely before running the server
-
-* If you run ircu2.10.10 on the production network and expect
- more than 1000 local clients to connect you will want to make
- sure you add -DNDEBUG to the extra CFLAGS setting when you do
- a make config.
-* Ircu now uses asserts in a lot of places to insure referential
- integrity and that impossible situations do not occur. Also
- memory integrity checking is defaulted to on as well. The asserts
- and memory checking both use cpu and in the case of memory checking
- extra memory. We have not had an assert trigger in quite some time
- but would prefer to leave the checks enabled for beta testing.
- The asserts insure that if the server is going to core it will do
- so in well defined places where the problem will be easy to trace,
- without them the server could core in not so well defined places.
- If you want to disable the checks, add -DNDEBUG in the extra CFLAGS
- when you do a make config.
-
-* Ircu no longer uses separate C/N lines, the functionality of both
- has been combined in C:lines, see the example.conf for more information.
-
-* Ircu has an different mechanism for defining ports than the previous
- versions. Please see the example.conf for information on configuring
- them. Ircu also ignores the port specified on the M:line, you MUST define
- a server port with a P:line if you want servers to connect to you.
-
-* For beta releases, please understand that there may be bugs we haven't
- found yet, (that's why you're beta testing it in the first place :)).
- Please report any bugs found in the server to bugs@undernet.org or
- coder-com@undernet.org with as much information as you can provide
- about how to reproduce the problem. Stack traces for coredumps are
- usually helpful, however we aren't expecting any of those ;-).
-
-* Ircu 2.10.08 is a P10 only server, and cannot be used to host P9
- links. On a mostly P10 network this is not a major issue, it does
- mean that you cannot connect services directly to a 2.10.08 server,
- but does not preclude it's use as a leaf or a hub. For now, services
- need to continue to be hosted by 2.10.07 servers.
-
-* EXTENDED_NUMERICS is not defined by default, we need to get everyone
- using 2.10.07 before we can allow it to be turned on anywhere. If you
- are using 2.10.08 on a network where everyone is up to at least 2.10.07
- it is safe to turn them on. We have tested them on testnet and they do
- work. :)
-
-* The masked notices using #*.mask has changed to use $@*.mask instead.
- Since most of the servers on the net will not understand the new masking
- mechanism, this probably won't work for a while. The server notice mask
- ($*.us.undernet.org) still functions properly. This was a trade off
- between backwards compatibility and the improved protocol, we chose to
- not maintain backwards compatibility for this command. The #*.mask
- functionality is easily circumvented, and the command is rarely used
- it is not considered to be a major issue.
-
-* The server no longer sends notices for errors on connections that are
- suddenly dropped during connection setup. If you really want to see
- them, we suggest you get a life. :)
-
-* Removed: unix domain sockets, uping, m4 preprocessor spawning,
- dozens of bugs.
-
-* New stuff:
- Added ISUPPORT code to match dalnets.
- Added connection progress notices.
- Cleaned up operating system checks.
- /invite with no arguments lists the channels you're invited to.
- Many speedups, ipdiffer, faster strncpy, faster inetntoa.
- Passive lag and numerics now displayed by map command.
- Server to server tokenization.
- Much larger TCP windows/kernel buffers for server connections,
- smaller for clients.
- Removed BOOT_OPER security hole.
- Complete listener port specifications including per port virtual
- hosting and hidden listeners.
- Default server port for connects (config option).
- Speed up some channel ops using new Membership struct.
- Hash table performance stats are available now (basic).
- Much of the socket code has been rewritten, we now only make one
- pass through the local client array.
- Added initial support for PROTOCOL command.
- Many functions have been made reentrant.
- Resolver now uses callbacks for all queries.
- Almost every command that is sent to a server uses full P10 numerics
- and tokenization, this reduces netburst sizes by at least 10% and
- many server to server message sizes by 10-50%.
- Major source code reorginization to support engine model.
- Parser now uses an indexed table for commands, which elminates
- the need to do IsServer IsUser IsOper checks and allows much more
- efficient implementation of user/server/oper command handlers.
-
-* For a much longer winded explanation of all this stuff, see the
- ChangeLog in this directory, or the cvs log at the coder-com
- web site at http://coder-com.undernet.org/
-
-
+README for the ircu2.10.11 series
+PLEASE READ THIS COMPLETELY BEFORE RUNNING THE SERVER!
+
+The u2.10.11 is the most advanced version of Undernet ircd to date.
+There are still plenty of rough edges, but many things have been
+cleaned up and redone. The major changes for this version are
+documented in RELEASE.NOTES, in this directory. A good description of
+compiling and installing the server is included in INSTALL. Further
+documentation on many aspects of ircu is contained in the doc
+subdirectory.
+
+IF YOU ARE PLANNING ON USING IRCU IN A CHROOT "JAIL," YOU MUST READ
+doc/readme.chroot! This document describes the intricacies of using
+the Undernet ircd daemon in such an environment.
+
+This version of ircd no longer has the "make compile" step; most
+compile-time options have become features which can be set in the
+configuration file, or on the fly online through the SET and RESET
+commands; the current values may be obtained with GET. The remaining
+compile-time options are set through arguments to ./configure. A list
+of the compile-time options may be obtained with "./configure --help";
+see RELEASE.NOTES for a more comprehensive description of each
+option. All features are documented in doc/readme.features, and log
+configuration is documented in doc/readme.log.
+
+This server version is not compatible with Undernet ircd releases
+prior to u2.10.10, nor is it compatible with any other version of
+ircd. Also note that this version incorporates the features requested
+by the Undernet administrators in CFV 165; if you don't want these
+hiding features enabled, you must add -DINCLUDED_ircd_policy_h to
+CFLAGS prior to running ./configure.
+
+For more information on the changes in this release, see RELEASE.NOTES
+and ChangeLog, both in this directory. You may also reference the CVS
+log on the Undernet Coder Committee web page at
+http://coder-com.undernet.org/.
-Release Notes for ircu2.10.10
+Release Notes for ircu2.10.11
+Last Updated: August 17, 2001
+Written by Kev <klmitch@mit.edu>
+Based on a document written by Braden <dbtem@yahoo.com>
This is a brief description of the changes we have made to the server
-since the release of ircu2.10.07.
+since the release of ircu2.10.10.
-This is the first Undernet server that is fully P10, it is no longer
-compatible with older P9 only servers. The server has been verified
-to be compatible with Undernet server versions 2.10.06 and above.
+This server is only compatible with other servers that are P10. It is
+compatible and is verified to work with Undernet server versions
+u2.10.10 and above. Note, however, that some advanced features are
+only compatible with u2.10.11 and above.
Enhancements:
-All server to server communications use tokenization and numeric id's,
-this reduces the bandwidth requirements approximately 10-20%.
-Much of the network code has been rewritten and many old bugs relating
-to the networking core of the server have been fixed.
+GLINE has been extended to allow IRC operators to issue global
+G-lines; see doc/readme.gline for more information about how to use
+this feature. These extended features should not be used on networks
+with u2.10.10 servers.
-The port handling code has been rewritten to allow much better control
-over listeners.
+A new JUPE command has been added to permit servers to be juped in a
+more reliable fashion. This command should not be used on networks
+with u2.10.10 servers.
-The server supports extended numerics which theoretically would allow
-the entire population of the planet to participate on a network without
-running out of unique values.
+Two new channel mode manipulation commands, OPMODE and CLEARMODE, have
+been added. OPMODE works exactly like MODE, except that 1) only IRC
+operators can use it; 2) it ignores whether or not the operator is a
+channel operator. CLEARMODE is a reliable means of eradicating
+certain channel modes; it is given an argument string consisting of
+the modes to clear. If that argument string is not given, it defaults
+to "ovpsmikbl." These commands should not be used on networks with
+u2.10.10 servers.
-Added ISUPPORT messages on client connects to allow client coders to
-detect network specific enhancements to the client protocol.
+When a channel MODE command from a remote user must be bounced, a
+"MODE -o" for the user will also be sent, in order to attempt to
+"heal" the desync. Also, the old anti-hack code has been removed,
+since servers never send MODEs except for bounces.
-Server aliasing and virtual hosting (port forwarding) are available for
-larger DoS attack prone networks. This will be improved in the next
-release.
+Most compile-time options have been converted to run-time options
+which may be set through the configuration file or through the use of
+the new commands SET, RESET, and GET; for more information about
+these, please refer to doc/example.conf (for configuration file
+information), doc/readme.features (for a list and description of the
+options), and doc/readme.log (for a description of the logging
+subsystem configuration).
-Status messages are sent to connecting clients so connections don't
-seem to hang during client registration.
+A new logging subsystem has been written, making it much easier to get
+ircd to write out log files, or to use syslog if that's desired.
+
+The old chroot() code has been removed; that should now be handled via
+an external wrapper. Such a wrapper has been included in the tools
+subdirectory. PLEASE READ doc/readme.chroot IF YOU WISH TO USE
+CHROOT-STYLE JAILS WITH IRCD.
+
+The build system has been completely revamped; since most compile-time
+options are now run-time, the few remaining ones can be placed in
+./configure and set with --with-* and --enable-*. Please read INSTALL
+for more information on how to compile and install the daemon.
+
+All of the old select()- and poll()-based event loop has been
+completely ripped out and replaced, enabling ircd to use kqueue() and
+/dev/poll, on systems that support those interfaces.
+
+All changes made to the u2.10.10 branch have been forward-ported to
+u2.10.11.
+
+The server now uses extended numerics exclusively.
+
+A large number of code clean-ups, changes, and fixes have been made.
+Some of these should hopefully increase performance; others will make
+it easier to maintain the code.
-The server now uses a bit less memory and cpu under full load, we
-estimate around a 10% improvement in resource usage over the previous
-version.
Configuration Changes:
-Please read example.conf in the doc directory for detailed information
-on various configuration options.
-Virtual host IP addresses are now in the password field of the server M:line,
-there is no longer a command line option for specifying them. This is the
-address the server will bind to for all outgoing server to server connections.
-The port field of the server M:line is no longer used and is ignored when
-the server reads the configuration file, server ports are now specified
-only on P:lines.
-The server ignores N:lines, C:lines are used for all connect server
-information now. This means that the passwords for both sides of the
-connection must match, this change does not degrade server connection
-security of the existing protocol.
-There are several new configuration options for P:lines (listener ports).
+
+Most compile-time options are now run-time configurable features, and
+can be set through the daemon configuration file. Please see
+doc/example.conf for an illustration of the format (search for
+F-lines). Documentation for the logging subsystem is in
+doc/readme.log, and the list and description of all the features is
+located in doc/readme.features.
+
Compile Time Options:
-If you are planning on hosting more than 1000 clients on your server
-we recommend that you do not turn on asserts and heap checking or
-debug messages. This is known to cause problems.
-There are several new compile time options that you will automatically
-be prompted for when you configure the server which should be self
-explanitory.
+
+Again, most compile-time options are now set in the configuration
+file. The remaining options are set through arguments to
+./configure. A list of these options is available with ./configure
+--help; a more detailed description follows:
+
+--enable-poll
+ The configure script attempts to only use poll on systems where that
+is a direct system call. Sometimes, however, it will not properly
+detect this. This option is meant to force ircd to use poll on
+systems where ./configure does not detect that it is a system call.
+
+--enable-debug
+ This option turns on DEBUGMODE, which enables code useful for
+debugging the server. THIS FEATURE SHOULD NOT BE USED ON A PRODUCTION
+NETWORK; it represents a severe privacy risk.
+
+--enable-asserts
+ Assertions are a means of checking that certain underlying
+assumptions are met. This option enables those assertions. Note:
+This option should not be activated on production servers due to
+debugging code in the server's MyMalloc() implementation which will
+cause the server to leak memory.
+
+--disable-symbols
+ By default, the -g compiler option is used to enable symbols on the
+binary. These symbols are useful when attempting to track down the
+cause of a crash. Please do not use this option.
+
+--enable-profile
+ This option simply adds the -pg compiler option to enable profiling
+support.
+
+--enable-pedantic
+--enable-warnings
+ The Coder Committee attempts to release code that generates no
+compile-time warnings or errors. These two options add gcc-specific
+warning flags to the compiler flags. These options should not be used
+if your compiler is not gcc.
+
+--disable-inlines
+ Some critical functions are forcefully inlined. This flag disables
+that behavior. It should not be used for performance reasons.
+
+--disable-devpoll
+ On systems that have /dev/poll, the /dev/poll-based engine is
+automatically enabled. This option inhibits that behavior.
+
+--disable-kqueue
+ On systems that have kqueue(), the kqueue()-based engine is
+automatically enabled. This option inhibits that behavior.
+
+--with-symlink=name
+ When "make install" is executed, the daemon is installed in such a
+way that old versions are kept, and a symlink is made to the latest
+installed version. This option selects the name given to that
+symlink. Specify a symlink name of "no" or use "--without-symlink" to
+disable this behavior.
+
+--with-mode=mode
+ The daemon binary is installed with permissions 711 by default; this
+option may be used to specify a different permission set for the
+binary.
+
+--with-owner=owner
+ By default, the owner of the installed binary will be the same as
+the person that compiled it; this option permits a different owner to
+be specified.
+
+--with-group=group
+ By default, the group owner of the installed binary will be the same
+as the primary group of the person that compiled it (at the time it
+was compiled); this option permits a different group owner to be
+specified.
+
+--with-domain=domain
+ The daemon attempts to keep some statistics on the server's user
+load, including how many local users connect to the server. A local
+user is determined by comparing the user's host name to a domain
+name. The domain name can be set through the feature subsystem, as
+documented in doc/readme.features; however, it will default either to
+the domain specified with this flag, or to a name extracted from
+/etc/resolv.conf, if it exists.
+
+--with-chroot=dir
+ Some admins may wish to run ircd within a chroot "jail," to enhance
+the security of their systems. Although the chroot() code was removed
+from ircd, the build system still supports operation of this form. If
+you wish to use chroot-based jails, read doc/readme.chroot and give
+this option to ./configure.
+
+--with-dpath=dir
+ This option simply specifies the path to the data directory for the
+daemon. If --with-chroot has been given, this path must be compatible
+with the chroot directory. See doc/readme.chroot for more information
+about this restriction.
+
+--with-cpath=file
+ This option simply specifies the path to the configuration file for
+the daemon, and may be either a relative or absolute path name. If it
+is an absolute path, and if --with-chroot has been given, this path
+must be compatible with the chroot directory. See doc/readme.chroot
+for more information about this restriction.
+
+--with-lpath=file
+ When the server is compiled in DEBUGMODE (--enable-debug), the
+debugging logs will be sent to the file specified here (defaulting to
+"ircd.log" in the data directory). If this is an absolute path,
+--with-chroot has been given, and if that path is not compatible with
+the chroot directory, then a warning will be issued and the default
+will be used. See doc/readme.chroot for more information about this
+restriction.
+
+--with-maxcon=maxcon
+ The maximum number of sockets that the server may open is normally
+derived from the hard limit on the number of file descriptors. If
+desired, a higher value may be used by specifying this option to
+./configure.
+
Undocumented Features:
+
Every Undernet server released has had at least one undocumented
-feature ;-) Here are a few of the ones available in ircu2.10.10.
-I'm sure there are a few more we are unaware of, these are the ones
-we know about.
-To enable these you need to add them to the extra CFLAGS when you
-run make config.
--DEXTENDED_NUMERICS This option configures the server to send
-extended numerics as well as parse them. This option should only
-be used on networks that run ircu2.10.07 and above only.
--DWALLOPS_OPER_ONLY Setting this option removes the ability for
-clients that are not opered to see wallops messages.
--DNOOPER Disallow the /oper command.
-
-There are a few to be used for debugging or other networks. These
-should *NOT* be defined on the undernet production network.
-
--DNICKLEN=15 This allows you do override the default nick length
-to 15 characters. If this has different values on different servers
-your network *WILL* fall apart. Only use this option if you know
-what your doing. If you don't, ask in #coder-com on undernet.
--DNO_THROTTLE This disables the throttling code. This is used for
-debugging *only*. It lets you connect up to 255 clients from one
-host with no time conciderations. If this is enabled on a
-production server I will personally drive your server into the
-ground. You have been warned.
+feature ;-) Here are a few of the ones available in ircu2.10.11. I'm
+sure there are a few more we are unaware of, these are the ones we
+know about.
+
+To enable these, you need to add them to CFLAGS prior to running
+./configure, usually as in: CFLAGS="-O2 -D<option>" ./configure
+
+-DNICKLEN=15
+ This allows you do override the default nick length to 15
+characters. If this has different values on different servers your
+network *WILL* fall apart. Only use this option if you know what your
+doing. If you don't, ask in #coder-com on undernet.
+
+-DNO_THROTTLE
+ This disables the throttling code. This is used for debugging
+*only*. It lets you connect up to 255 clients from one host with no
+time considerations. If this is enabled on a production server I will
+personally drive your server into the ground. You have been warned.
+
Operating System and Kernel Requirements:
-If you plan allowing more than 1000 clients on your server, you
-may need to adjust your kernel resource limits for networking
-and I/O. There are two things you will need to pay particular
-attention to, the number of file descriptors available and the
-number of buffers the kernel has available to read and write
-data to the file descriptors.
-
-To calculate kernel buffer requirements a good place to start
-is to multipy the expected number connections expected on the machine
-by the amount of data we buffer for each connection.
-Doubling the result of the above calculation and dividing it by the
-size of the buffers the kernel uses for I/O should give you a starting
-place.
-
-The server uses 2K kernel buffers for clients, and 64K kernel
-buffers for servers (actual use may be somewhat higher).
+
+If you plan allowing more than 1000 clients on your server, you may
+need to adjust your kernel resource limits for networking and
+I/O. There are two things you will need to pay particular attention
+to, the number of file descriptors available and the number of buffers
+the kernel has available to read and write data to the file
+descriptors.
+
+To calculate kernel buffer requirements a good place to start is to
+multiply the expected number connections expected on the machine by
+the amount of data we buffer for each connection. Doubling the result
+of the above calculation and dividing it by the size of the buffers
+the kernel uses for I/O should give you a starting place.
+
+The server uses 2K kernel buffers for clients, and 64K kernel buffers
+for servers (actual use may be somewhat higher).
c_count - number of clients expected
c_q - number of bytes buffered for each client
If the client count is 2000 and the server count is 1 (normal leaf)
and your server uses 2K as an I/O buffer size:
-You need (2 * (2000 * 2048 + 1 * 65536)) / 2048 or a minimum
-of 4064 buffers available, if the kernel uses 512 byte buffers you
-will need a minimum of 16256 kernel buffers.
+You need (2 * (2000 * 2048 + 1 * 65536)) / 2048 or a minimum of 4064
+buffers available, if the kernel uses 512 byte buffers you will need a
+minimum of 16256 kernel buffers.
-These settings may be a bit light for netbreaks under full client load
-you will need to experiment a bit to find the right settings for your
-server.
+These settings may be a bit light for net-breaks under full client
+load you will need to experiment a bit to find the right settings for
+your server.
FreeBSD --WildThang
-You may want to increase your kernel resources if you want to put
-a lot of clients on your machine here are a few values to start with:
+
+You may want to increase your kernel resources if you want to put a
+lot of clients on your machine here are a few values to start with:
+
CHILD_MAX=4096
OPEN_MAX=4096
FD_SETSIZE=4096
NMBCLUSTERS=8096
+
Solaris 2.6 --Tar
-Increase the default hard limit for file descriptors in /etc/system
+
+Increase the default hard limit for file descriptors in /etc/system:
+
set rlim_fd_max = 4096
+
The server will raise the soft limit to the hard limit.
Linux 2.2 -- [Tri]/Isomer
-The kernel has a kernel destination cache size of 4096. If the kernel sees
-more than 4096 IP's in 60s it warns 'dst cache overflow'. This limit can be
-changed by modifying /proc/sys/net/ipv4/route/max_size.
+
+The kernel has a kernel destination cache size of 4096. If the kernel
+sees more than 4096 IP's in 60s it warns 'dst cache overflow'. This
+limit can be changed by modifying /proc/sys/net/ipv4/route/max_size.
A patch to select is also recommended if you have regular poll/select
errors.