diff options
Diffstat (limited to 'Documentation/networking/ip-sysctl.txt')
-rw-r--r-- | Documentation/networking/ip-sysctl.txt | 256 |
1 files changed, 214 insertions, 42 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 17f1f91af35c..946b66e1b652 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt | |||
@@ -148,9 +148,9 @@ tcp_available_congestion_control - STRING | |||
148 | but not loaded. | 148 | but not loaded. |
149 | 149 | ||
150 | tcp_base_mss - INTEGER | 150 | tcp_base_mss - INTEGER |
151 | The initial value of search_low to be used by Packetization Layer | 151 | The initial value of search_low to be used by the packetization layer |
152 | Path MTU Discovery (MTU probing). If MTU probing is enabled, | 152 | Path MTU discovery (MTU probing). If MTU probing is enabled, |
153 | this is the inital MSS used by the connection. | 153 | this is the initial MSS used by the connection. |
154 | 154 | ||
155 | tcp_congestion_control - STRING | 155 | tcp_congestion_control - STRING |
156 | Set the congestion control algorithm to be used for new | 156 | Set the congestion control algorithm to be used for new |
@@ -185,10 +185,9 @@ tcp_frto - INTEGER | |||
185 | timeouts. It is particularly beneficial in wireless environments | 185 | timeouts. It is particularly beneficial in wireless environments |
186 | where packet loss is typically due to random radio interference | 186 | where packet loss is typically due to random radio interference |
187 | rather than intermediate router congestion. F-RTO is sender-side | 187 | rather than intermediate router congestion. F-RTO is sender-side |
188 | only modification. Therefore it does not require any support from | 188 | only modification. Therefore it does not require any support from |
189 | the peer, but in a typical case, however, where wireless link is | 189 | the peer. |
190 | the local access link and most of the data flows downlink, the | 190 | |
191 | faraway servers should have F-RTO enabled to take advantage of it. | ||
192 | If set to 1, basic version is enabled. 2 enables SACK enhanced | 191 | If set to 1, basic version is enabled. 2 enables SACK enhanced |
193 | F-RTO if flow uses SACK. The basic version can be used also when | 192 | F-RTO if flow uses SACK. The basic version can be used also when |
194 | SACK is in use though scenario(s) with it exists where F-RTO | 193 | SACK is in use though scenario(s) with it exists where F-RTO |
@@ -276,7 +275,7 @@ tcp_mem - vector of 3 INTEGERs: min, pressure, max | |||
276 | memory. | 275 | memory. |
277 | 276 | ||
278 | tcp_moderate_rcvbuf - BOOLEAN | 277 | tcp_moderate_rcvbuf - BOOLEAN |
279 | If set, TCP performs receive buffer autotuning, attempting to | 278 | If set, TCP performs receive buffer auto-tuning, attempting to |
280 | automatically size the buffer (no greater than tcp_rmem[2]) to | 279 | automatically size the buffer (no greater than tcp_rmem[2]) to |
281 | match the size required by the path for full throughput. Enabled by | 280 | match the size required by the path for full throughput. Enabled by |
282 | default. | 281 | default. |
@@ -336,7 +335,7 @@ tcp_rmem - vector of 3 INTEGERs: min, default, max | |||
336 | pressure. | 335 | pressure. |
337 | Default: 8K | 336 | Default: 8K |
338 | 337 | ||
339 | default: default size of receive buffer used by TCP sockets. | 338 | default: initial size of receive buffer used by TCP sockets. |
340 | This value overrides net.core.rmem_default used by other protocols. | 339 | This value overrides net.core.rmem_default used by other protocols. |
341 | Default: 87380 bytes. This value results in window of 65535 with | 340 | Default: 87380 bytes. This value results in window of 65535 with |
342 | default setting of tcp_adv_win_scale and tcp_app_win:0 and a bit | 341 | default setting of tcp_adv_win_scale and tcp_app_win:0 and a bit |
@@ -344,8 +343,10 @@ tcp_rmem - vector of 3 INTEGERs: min, default, max | |||
344 | 343 | ||
345 | max: maximal size of receive buffer allowed for automatically | 344 | max: maximal size of receive buffer allowed for automatically |
346 | selected receiver buffers for TCP socket. This value does not override | 345 | selected receiver buffers for TCP socket. This value does not override |
347 | net.core.rmem_max, "static" selection via SO_RCVBUF does not use this. | 346 | net.core.rmem_max. Calling setsockopt() with SO_RCVBUF disables |
348 | Default: 87380*2 bytes. | 347 | automatic tuning of that socket's receive buffer size, in which |
348 | case this value is ignored. | ||
349 | Default: between 87380B and 4MB, depending on RAM size. | ||
349 | 350 | ||
350 | tcp_sack - BOOLEAN | 351 | tcp_sack - BOOLEAN |
351 | Enable select acknowledgments (SACKS). | 352 | Enable select acknowledgments (SACKS). |
@@ -358,7 +359,7 @@ tcp_slow_start_after_idle - BOOLEAN | |||
358 | Default: 1 | 359 | Default: 1 |
359 | 360 | ||
360 | tcp_stdurg - BOOLEAN | 361 | tcp_stdurg - BOOLEAN |
361 | Use the Host requirements interpretation of the TCP urg pointer field. | 362 | Use the Host requirements interpretation of the TCP urgent pointer field. |
362 | Most hosts use the older BSD interpretation, so if you turn this on | 363 | Most hosts use the older BSD interpretation, so if you turn this on |
363 | Linux might not communicate correctly with them. | 364 | Linux might not communicate correctly with them. |
364 | Default: FALSE | 365 | Default: FALSE |
@@ -371,12 +372,12 @@ tcp_synack_retries - INTEGER | |||
371 | tcp_syncookies - BOOLEAN | 372 | tcp_syncookies - BOOLEAN |
372 | Only valid when the kernel was compiled with CONFIG_SYNCOOKIES | 373 | Only valid when the kernel was compiled with CONFIG_SYNCOOKIES |
373 | Send out syncookies when the syn backlog queue of a socket | 374 | Send out syncookies when the syn backlog queue of a socket |
374 | overflows. This is to prevent against the common 'syn flood attack' | 375 | overflows. This is to prevent against the common 'SYN flood attack' |
375 | Default: FALSE | 376 | Default: FALSE |
376 | 377 | ||
377 | Note, that syncookies is fallback facility. | 378 | Note, that syncookies is fallback facility. |
378 | It MUST NOT be used to help highly loaded servers to stand | 379 | It MUST NOT be used to help highly loaded servers to stand |
379 | against legal connection rate. If you see synflood warnings | 380 | against legal connection rate. If you see SYN flood warnings |
380 | in your logs, but investigation shows that they occur | 381 | in your logs, but investigation shows that they occur |
381 | because of overload with legal connections, you should tune | 382 | because of overload with legal connections, you should tune |
382 | another parameters until this warning disappear. | 383 | another parameters until this warning disappear. |
@@ -386,7 +387,7 @@ tcp_syncookies - BOOLEAN | |||
386 | to use TCP extensions, can result in serious degradation | 387 | to use TCP extensions, can result in serious degradation |
387 | of some services (f.e. SMTP relaying), visible not by you, | 388 | of some services (f.e. SMTP relaying), visible not by you, |
388 | but your clients and relays, contacting you. While you see | 389 | but your clients and relays, contacting you. While you see |
389 | synflood warnings in logs not being really flooded, your server | 390 | SYN flood warnings in logs not being really flooded, your server |
390 | is seriously misconfigured. | 391 | is seriously misconfigured. |
391 | 392 | ||
392 | tcp_syn_retries - INTEGER | 393 | tcp_syn_retries - INTEGER |
@@ -419,19 +420,21 @@ tcp_window_scaling - BOOLEAN | |||
419 | Enable window scaling as defined in RFC1323. | 420 | Enable window scaling as defined in RFC1323. |
420 | 421 | ||
421 | tcp_wmem - vector of 3 INTEGERs: min, default, max | 422 | tcp_wmem - vector of 3 INTEGERs: min, default, max |
422 | min: Amount of memory reserved for send buffers for TCP socket. | 423 | min: Amount of memory reserved for send buffers for TCP sockets. |
423 | Each TCP socket has rights to use it due to fact of its birth. | 424 | Each TCP socket has rights to use it due to fact of its birth. |
424 | Default: 4K | 425 | Default: 4K |
425 | 426 | ||
426 | default: Amount of memory allowed for send buffers for TCP socket | 427 | default: initial size of send buffer used by TCP sockets. This |
427 | by default. This value overrides net.core.wmem_default used | 428 | value overrides net.core.wmem_default used by other protocols. |
428 | by other protocols, it is usually lower than net.core.wmem_default. | 429 | It is usually lower than net.core.wmem_default. |
429 | Default: 16K | 430 | Default: 16K |
430 | 431 | ||
431 | max: Maximal amount of memory allowed for automatically selected | 432 | max: Maximal amount of memory allowed for automatically tuned |
432 | send buffers for TCP socket. This value does not override | 433 | send buffers for TCP sockets. This value does not override |
433 | net.core.wmem_max, "static" selection via SO_SNDBUF does not use this. | 434 | net.core.wmem_max. Calling setsockopt() with SO_SNDBUF disables |
434 | Default: 128K | 435 | automatic tuning of that socket's send buffer size, in which case |
436 | this value is ignored. | ||
437 | Default: between 64K and 4MB, depending on RAM size. | ||
435 | 438 | ||
436 | tcp_workaround_signed_windows - BOOLEAN | 439 | tcp_workaround_signed_windows - BOOLEAN |
437 | If set, assume no receipt of a window scaling option means the | 440 | If set, assume no receipt of a window scaling option means the |
@@ -1060,24 +1063,193 @@ bridge-nf-filter-pppoe-tagged - BOOLEAN | |||
1060 | Default: 1 | 1063 | Default: 1 |
1061 | 1064 | ||
1062 | 1065 | ||
1063 | UNDOCUMENTED: | 1066 | proc/sys/net/sctp/* Variables: |
1067 | |||
1068 | addip_enable - BOOLEAN | ||
1069 | Enable or disable extension of Dynamic Address Reconfiguration | ||
1070 | (ADD-IP) functionality specified in RFC5061. This extension provides | ||
1071 | the ability to dynamically add and remove new addresses for the SCTP | ||
1072 | associations. | ||
1073 | |||
1074 | 1: Enable extension. | ||
1075 | |||
1076 | 0: Disable extension. | ||
1077 | |||
1078 | Default: 0 | ||
1079 | |||
1080 | addip_noauth_enable - BOOLEAN | ||
1081 | Dynamic Address Reconfiguration (ADD-IP) requires the use of | ||
1082 | authentication to protect the operations of adding or removing new | ||
1083 | addresses. This requirement is mandated so that unauthorized hosts | ||
1084 | would not be able to hijack associations. However, older | ||
1085 | implementations may not have implemented this requirement while | ||
1086 | allowing the ADD-IP extension. For reasons of interoperability, | ||
1087 | we provide this variable to control the enforcement of the | ||
1088 | authentication requirement. | ||
1089 | |||
1090 | 1: Allow ADD-IP extension to be used without authentication. This | ||
1091 | should only be set in a closed environment for interoperability | ||
1092 | with older implementations. | ||
1093 | |||
1094 | 0: Enforce the authentication requirement | ||
1095 | |||
1096 | Default: 0 | ||
1097 | |||
1098 | auth_enable - BOOLEAN | ||
1099 | Enable or disable Authenticated Chunks extension. This extension | ||
1100 | provides the ability to send and receive authenticated chunks and is | ||
1101 | required for secure operation of Dynamic Address Reconfiguration | ||
1102 | (ADD-IP) extension. | ||
1103 | |||
1104 | 1: Enable this extension. | ||
1105 | 0: Disable this extension. | ||
1106 | |||
1107 | Default: 0 | ||
1108 | |||
1109 | prsctp_enable - BOOLEAN | ||
1110 | Enable or disable the Partial Reliability extension (RFC3758) which | ||
1111 | is used to notify peers that a given DATA should no longer be expected. | ||
1112 | |||
1113 | 1: Enable extension | ||
1114 | 0: Disable | ||
1115 | |||
1116 | Default: 1 | ||
1117 | |||
1118 | max_burst - INTEGER | ||
1119 | The limit of the number of new packets that can be initially sent. It | ||
1120 | controls how bursty the generated traffic can be. | ||
1121 | |||
1122 | Default: 4 | ||
1123 | |||
1124 | association_max_retrans - INTEGER | ||
1125 | Set the maximum number for retransmissions that an association can | ||
1126 | attempt deciding that the remote end is unreachable. If this value | ||
1127 | is exceeded, the association is terminated. | ||
1128 | |||
1129 | Default: 10 | ||
1130 | |||
1131 | max_init_retransmits - INTEGER | ||
1132 | The maximum number of retransmissions of INIT and COOKIE-ECHO chunks | ||
1133 | that an association will attempt before declaring the destination | ||
1134 | unreachable and terminating. | ||
1135 | |||
1136 | Default: 8 | ||
1137 | |||
1138 | path_max_retrans - INTEGER | ||
1139 | The maximum number of retransmissions that will be attempted on a given | ||
1140 | path. Once this threshold is exceeded, the path is considered | ||
1141 | unreachable, and new traffic will use a different path when the | ||
1142 | association is multihomed. | ||
1143 | |||
1144 | Default: 5 | ||
1145 | |||
1146 | rto_initial - INTEGER | ||
1147 | The initial round trip timeout value in milliseconds that will be used | ||
1148 | in calculating round trip times. This is the initial time interval | ||
1149 | for retransmissions. | ||
1150 | |||
1151 | Default: 3000 | ||
1064 | 1152 | ||
1065 | dev_weight FIXME | 1153 | rto_max - INTEGER |
1066 | discovery_slots FIXME | 1154 | The maximum value (in milliseconds) of the round trip timeout. This |
1067 | discovery_timeout FIXME | 1155 | is the largest time interval that can elapse between retransmissions. |
1068 | fast_poll_increase FIXME | 1156 | |
1069 | ip6_queue_maxlen FIXME | 1157 | Default: 60000 |
1070 | lap_keepalive_time FIXME | 1158 | |
1071 | lo_cong FIXME | 1159 | rto_min - INTEGER |
1072 | max_baud_rate FIXME | 1160 | The minimum value (in milliseconds) of the round trip timeout. This |
1073 | max_dgram_qlen FIXME | 1161 | is the smallest time interval the can elapse between retransmissions. |
1074 | max_noreply_time FIXME | 1162 | |
1075 | max_tx_data_size FIXME | 1163 | Default: 1000 |
1076 | max_tx_window FIXME | 1164 | |
1077 | min_tx_turn_time FIXME | 1165 | hb_interval - INTEGER |
1078 | mod_cong FIXME | 1166 | The interval (in milliseconds) between HEARTBEAT chunks. These chunks |
1079 | no_cong FIXME | 1167 | are sent at the specified interval on idle paths to probe the state of |
1080 | no_cong_thresh FIXME | 1168 | a given path between 2 associations. |
1081 | slot_timeout FIXME | 1169 | |
1082 | warn_noreply_time FIXME | 1170 | Default: 30000 |
1171 | |||
1172 | sack_timeout - INTEGER | ||
1173 | The amount of time (in milliseconds) that the implementation will wait | ||
1174 | to send a SACK. | ||
1175 | |||
1176 | Default: 200 | ||
1177 | |||
1178 | valid_cookie_life - INTEGER | ||
1179 | The default lifetime of the SCTP cookie (in milliseconds). The cookie | ||
1180 | is used during association establishment. | ||
1181 | |||
1182 | Default: 60000 | ||
1183 | |||
1184 | cookie_preserve_enable - BOOLEAN | ||
1185 | Enable or disable the ability to extend the lifetime of the SCTP cookie | ||
1186 | that is used during the establishment phase of SCTP association | ||
1187 | |||
1188 | 1: Enable cookie lifetime extension. | ||
1189 | 0: Disable | ||
1190 | |||
1191 | Default: 1 | ||
1192 | |||
1193 | rcvbuf_policy - INTEGER | ||
1194 | Determines if the receive buffer is attributed to the socket or to | ||
1195 | association. SCTP supports the capability to create multiple | ||
1196 | associations on a single socket. When using this capability, it is | ||
1197 | possible that a single stalled association that's buffering a lot | ||
1198 | of data may block other associations from delivering their data by | ||
1199 | consuming all of the receive buffer space. To work around this, | ||
1200 | the rcvbuf_policy could be set to attribute the receiver buffer space | ||
1201 | to each association instead of the socket. This prevents the described | ||
1202 | blocking. | ||
1203 | |||
1204 | 1: rcvbuf space is per association | ||
1205 | 0: recbuf space is per socket | ||
1206 | |||
1207 | Default: 0 | ||
1208 | |||
1209 | sndbuf_policy - INTEGER | ||
1210 | Similar to rcvbuf_policy above, this applies to send buffer space. | ||
1211 | |||
1212 | 1: Send buffer is tracked per association | ||
1213 | 0: Send buffer is tracked per socket. | ||
1214 | |||
1215 | Default: 0 | ||
1216 | |||
1217 | sctp_mem - vector of 3 INTEGERs: min, pressure, max | ||
1218 | Number of pages allowed for queueing by all SCTP sockets. | ||
1219 | |||
1220 | min: Below this number of pages SCTP is not bothered about its | ||
1221 | memory appetite. When amount of memory allocated by SCTP exceeds | ||
1222 | this number, SCTP starts to moderate memory usage. | ||
1223 | |||
1224 | pressure: This value was introduced to follow format of tcp_mem. | ||
1225 | |||
1226 | max: Number of pages allowed for queueing by all SCTP sockets. | ||
1227 | |||
1228 | Default is calculated at boot time from amount of available memory. | ||
1229 | |||
1230 | sctp_rmem - vector of 3 INTEGERs: min, default, max | ||
1231 | See tcp_rmem for a description. | ||
1232 | |||
1233 | sctp_wmem - vector of 3 INTEGERs: min, default, max | ||
1234 | See tcp_wmem for a description. | ||
1235 | |||
1236 | UNDOCUMENTED: | ||
1083 | 1237 | ||
1238 | /proc/sys/net/core/* | ||
1239 | dev_weight FIXME | ||
1240 | |||
1241 | /proc/sys/net/unix/* | ||
1242 | max_dgram_qlen FIXME | ||
1243 | |||
1244 | /proc/sys/net/irda/* | ||
1245 | fast_poll_increase FIXME | ||
1246 | warn_noreply_time FIXME | ||
1247 | discovery_slots FIXME | ||
1248 | slot_timeout FIXME | ||
1249 | max_baud_rate FIXME | ||
1250 | discovery_timeout FIXME | ||
1251 | lap_keepalive_time FIXME | ||
1252 | max_noreply_time FIXME | ||
1253 | max_tx_data_size FIXME | ||
1254 | max_tx_window FIXME | ||
1255 | min_tx_turn_time FIXME | ||