diff options
Diffstat (limited to 'Documentation/networking/ip-sysctl.txt')
-rw-r--r-- | Documentation/networking/ip-sysctl.txt | 66 |
1 files changed, 47 insertions, 19 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index c7fc10724948..dbca66182089 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt | |||
@@ -30,16 +30,24 @@ neigh/default/gc_thresh3 - INTEGER | |||
30 | Maximum number of neighbor entries allowed. Increase this | 30 | Maximum number of neighbor entries allowed. Increase this |
31 | when using large numbers of interfaces and when communicating | 31 | when using large numbers of interfaces and when communicating |
32 | with large numbers of directly-connected peers. | 32 | with large numbers of directly-connected peers. |
33 | Default: 1024 | ||
33 | 34 | ||
34 | neigh/default/unres_qlen_bytes - INTEGER | 35 | neigh/default/unres_qlen_bytes - INTEGER |
35 | The maximum number of bytes which may be used by packets | 36 | The maximum number of bytes which may be used by packets |
36 | queued for each unresolved address by other network layers. | 37 | queued for each unresolved address by other network layers. |
37 | (added in linux 3.3) | 38 | (added in linux 3.3) |
39 | Setting negative value is meaningless and will return error. | ||
40 | Default: 65536 Bytes(64KB) | ||
38 | 41 | ||
39 | neigh/default/unres_qlen - INTEGER | 42 | neigh/default/unres_qlen - INTEGER |
40 | The maximum number of packets which may be queued for each | 43 | The maximum number of packets which may be queued for each |
41 | unresolved address by other network layers. | 44 | unresolved address by other network layers. |
42 | (deprecated in linux 3.3) : use unres_qlen_bytes instead. | 45 | (deprecated in linux 3.3) : use unres_qlen_bytes instead. |
46 | Prior to linux 3.3, the default value is 3 which may cause | ||
47 | unexpected packet loss. The current default value is calculated | ||
48 | according to default value of unres_qlen_bytes and true size of | ||
49 | packet. | ||
50 | Default: 31 | ||
43 | 51 | ||
44 | mtu_expires - INTEGER | 52 | mtu_expires - INTEGER |
45 | Time, in seconds, that cached PMTU information is kept. | 53 | Time, in seconds, that cached PMTU information is kept. |
@@ -199,15 +207,16 @@ tcp_early_retrans - INTEGER | |||
199 | Default: 2 | 207 | Default: 2 |
200 | 208 | ||
201 | tcp_ecn - INTEGER | 209 | tcp_ecn - INTEGER |
202 | Enable Explicit Congestion Notification (ECN) in TCP. ECN is only | 210 | Control use of Explicit Congestion Notification (ECN) by TCP. |
203 | used when both ends of the TCP flow support it. It is useful to | 211 | ECN is used only when both ends of the TCP connection indicate |
204 | avoid losses due to congestion (when the bottleneck router supports | 212 | support for it. This feature is useful in avoiding losses due |
205 | ECN). | 213 | to congestion by allowing supporting routers to signal |
214 | congestion before having to drop packets. | ||
206 | Possible values are: | 215 | Possible values are: |
207 | 0 disable ECN | 216 | 0 Disable ECN. Neither initiate nor accept ECN. |
208 | 1 ECN enabled | 217 | 1 Always request ECN on outgoing connection attempts. |
209 | 2 Only server-side ECN enabled. If the other end does | 218 | 2 Enable ECN when requested by incoming connections |
210 | not support ECN, behavior is like with ECN disabled. | 219 | but do not request ECN on outgoing connections. |
211 | Default: 2 | 220 | Default: 2 |
212 | 221 | ||
213 | tcp_fack - BOOLEAN | 222 | tcp_fack - BOOLEAN |
@@ -215,15 +224,14 @@ tcp_fack - BOOLEAN | |||
215 | The value is not used, if tcp_sack is not enabled. | 224 | The value is not used, if tcp_sack is not enabled. |
216 | 225 | ||
217 | tcp_fin_timeout - INTEGER | 226 | tcp_fin_timeout - INTEGER |
218 | Time to hold socket in state FIN-WAIT-2, if it was closed | 227 | The length of time an orphaned (no longer referenced by any |
219 | by our side. Peer can be broken and never close its side, | 228 | application) connection will remain in the FIN_WAIT_2 state |
220 | or even died unexpectedly. Default value is 60sec. | 229 | before it is aborted at the local end. While a perfectly |
221 | Usual value used in 2.2 was 180 seconds, you may restore | 230 | valid "receive only" state for an un-orphaned connection, an |
222 | it, but remember that if your machine is even underloaded WEB server, | 231 | orphaned connection in FIN_WAIT_2 state could otherwise wait |
223 | you risk to overflow memory with kilotons of dead sockets, | 232 | forever for the remote to close its end of the connection. |
224 | FIN-WAIT-2 sockets are less dangerous than FIN-WAIT-1, | 233 | Cf. tcp_max_orphans |
225 | because they eat maximum 1.5K of memory, but they tend | 234 | Default: 60 seconds |
226 | to live longer. Cf. tcp_max_orphans. | ||
227 | 235 | ||
228 | tcp_frto - INTEGER | 236 | tcp_frto - INTEGER |
229 | Enables Forward RTO-Recovery (F-RTO) defined in RFC4138. | 237 | Enables Forward RTO-Recovery (F-RTO) defined in RFC4138. |
@@ -495,7 +503,7 @@ tcp_fastopen - INTEGER | |||
495 | tcp_syn_retries - INTEGER | 503 | tcp_syn_retries - INTEGER |
496 | Number of times initial SYNs for an active TCP connection attempt | 504 | Number of times initial SYNs for an active TCP connection attempt |
497 | will be retransmitted. Should not be higher than 255. Default value | 505 | will be retransmitted. Should not be higher than 255. Default value |
498 | is 6, which corresponds to 63seconds till the last restransmission | 506 | is 6, which corresponds to 63seconds till the last retransmission |
499 | with the current initial RTO of 1second. With this the final timeout | 507 | with the current initial RTO of 1second. With this the final timeout |
500 | for an active TCP connection attempt will happen after 127seconds. | 508 | for an active TCP connection attempt will happen after 127seconds. |
501 | 509 | ||
@@ -1323,6 +1331,12 @@ force_tllao - BOOLEAN | |||
1323 | race condition where the sender deletes the cached link-layer address | 1331 | race condition where the sender deletes the cached link-layer address |
1324 | prior to receiving a response to a previous solicitation." | 1332 | prior to receiving a response to a previous solicitation." |
1325 | 1333 | ||
1334 | ndisc_notify - BOOLEAN | ||
1335 | Define mode for notification of address and device changes. | ||
1336 | 0 - (default): do nothing | ||
1337 | 1 - Generate unsolicited neighbour advertisements when device is brought | ||
1338 | up or hardware address changes. | ||
1339 | |||
1326 | icmp/*: | 1340 | icmp/*: |
1327 | ratelimit - INTEGER | 1341 | ratelimit - INTEGER |
1328 | Limit the maximal rates for sending ICMPv6 packets. | 1342 | Limit the maximal rates for sending ICMPv6 packets. |
@@ -1514,6 +1528,20 @@ cookie_preserve_enable - BOOLEAN | |||
1514 | 1528 | ||
1515 | Default: 1 | 1529 | Default: 1 |
1516 | 1530 | ||
1531 | cookie_hmac_alg - STRING | ||
1532 | Select the hmac algorithm used when generating the cookie value sent by | ||
1533 | a listening sctp socket to a connecting client in the INIT-ACK chunk. | ||
1534 | Valid values are: | ||
1535 | * md5 | ||
1536 | * sha1 | ||
1537 | * none | ||
1538 | Ability to assign md5 or sha1 as the selected alg is predicated on the | ||
1539 | configuration of those algorithms at build time (CONFIG_CRYPTO_MD5 and | ||
1540 | CONFIG_CRYPTO_SHA1). | ||
1541 | |||
1542 | Default: Dependent on configuration. MD5 if available, else SHA1 if | ||
1543 | available, else none. | ||
1544 | |||
1517 | rcvbuf_policy - INTEGER | 1545 | rcvbuf_policy - INTEGER |
1518 | Determines if the receive buffer is attributed to the socket or to | 1546 | Determines if the receive buffer is attributed to the socket or to |
1519 | association. SCTP supports the capability to create multiple | 1547 | association. SCTP supports the capability to create multiple |
@@ -1526,7 +1554,7 @@ rcvbuf_policy - INTEGER | |||
1526 | blocking. | 1554 | blocking. |
1527 | 1555 | ||
1528 | 1: rcvbuf space is per association | 1556 | 1: rcvbuf space is per association |
1529 | 0: recbuf space is per socket | 1557 | 0: rcvbuf space is per socket |
1530 | 1558 | ||
1531 | Default: 0 | 1559 | Default: 0 |
1532 | 1560 | ||