diff --git a/client/cjdroute2.c b/client/cjdroute2.c
index 7bbe2671d..84f3a402f 100644
--- a/client/cjdroute2.c
+++ b/client/cjdroute2.c
@@ -279,7 +279,24 @@ static int genconf(struct Random* rand, bool eth)
 #endif
     printf("        },\n"
            "\n"
-           "        // System for tunneling IPv4 and ICANN IPv6 through cjdns.\n"
+           "        // As an alternative to the TUN interface, you can create a socket interface\n"
+           "        // which will create a UNIX socket which emits packets that would otherwise\n"
+           "        // be sent through the TUN device.\n"
+           "        // To enable this interface, change the name of the above TUN interface to\n"
+           "        // \"_disabled_interface\" and change the name of this interface to\n"
+           "        // simply \"interface\"\n"
+           "        \"_disabled_interface\": {\n"
+           "            \"type\": \"SocketInterface\",\n"
+           "\n"
+           "            // The filesystem path to the socket to create or connect to.\n"
+           "            \"socketFullPath\": \"/var/run/cjdns.sock\",\n"
+           "\n"
+           "            // If non-zero, we will attempt to create the socket file if it doesn't\n"
+           "            // exist, otherwise we will simply try to connect to an existing socket\n"
+           "            \"socketAttemptToCreate\": 1\n"
+           "        },\n"
+           "\n");
+    printf("        // System for tunneling IPv4 and ICANN IPv6 through cjdns.\n"
            "        // This is using the cjdns switch layer as a VPN carrier.\n"
            "        \"ipTunnel\": {\n"
            "            // Nodes allowed to connect to us.\n"
diff --git a/doc/SocketInterface.md b/doc/SocketInterface.md
new file mode 100644
index 000000000..78d4b7bf8
--- /dev/null
+++ b/doc/SocketInterface.md
@@ -0,0 +1,30 @@
+# Configuring SocketInterface
+
+If you want to run cjdns on a system where you are not able to access a TUN device,
+you can use SocketInterface to make the packets available to yourself through a
+UNIX socket rather than through the TUN device.
+
+If you create the socket before cjdns starts up, it will connect to it, otherwise it
+will create the socket for you unless `socketAttemptToCreate` is set to 0 or is absent.
+
+In order to handle packets from the socket, you need to know about the header types:
+
+## SocketWrapper_TYPE_TUN_PACKET
+This type of packet starts with 1 byte `0` and is followed by 4 bytes big endian
+length of the packet and then the packet.
+
+## SocketWrapper_TYPE_CONF_ADD_IPV6_ADDRESS
+This type of packet starts with 1 byte `1` and is followed by a 16 byte IP address
+which the cjdns node wants to configure. After receiving this message, you know which
+source address you should use when crafting a packet to send to the network.
+NOTE: cjdns will drop packets with an unexpected source address.
+
+## SocketWrapper_TYPE_CONF_SET_MTU
+This type of packet starts with 1 byte `2` and is followed by a 4 byte MTU, cjdns
+does not want you to send any packets to this interface which are larger than that
+size.
+
+## Sending a packet
+When you are sending a packet to the SocketInterface, you must prefix the packet with
+1 byte `0` followed by a 4 byte length in big endian (as per the `SocketWrapper_TYPE_TUN_PACKET`
+definition).