1 files changed, 90 insertions, 7 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 006b39dec87d..d0536b5a4e01 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -487,6 +487,30 @@ tcp_dma_copybreak - INTEGER
        and CONFIG_NET_DMA is enabled.
        Default: 4096
+tcp_thin_linear_timeouts - BOOLEAN
+        Enable dynamic triggering of linear timeouts for thin streams.
+        If set, a check is performed upon retransmission by timeout to
+        determine if the stream is thin (less than 4 packets in flight).
+        As long as the stream is found to be thin, up to 6 linear
+        timeouts may be performed before exponential backoff mode is
+        initiated. This improves retransmission latency for
+        non-aggressive thin streams, often found to be time-dependent.
+        For more information on thin streams, see
+        Documentation/networking/tcp-thin.txt
+        Default: 0
+tcp_thin_dupack - BOOLEAN
+        Enable dynamic triggering of retransmissions after one dupACK
+        for thin streams. If set, a check is performed upon reception
+        of a dupACK to determine if the stream is thin (less than 4
+        packets in flight). As long as the stream is found to be thin,
+        data is retransmitted on the first received dupACK. This
+        improves retransmission latency for non-aggressive thin
+        streams, often found to be time-dependent.
+        For more information on thin streams, see
+        Documentation/networking/tcp-thin.txt
+        Default: 0
 UDP variables:
 udp_mem - vector of 3 INTEGERs: min, pressure, max
@@ -564,6 +588,37 @@ ip_local_port_range - 2 INTEGERS
        (i.e. by default) range 1024-4999 is enough to issue up to
        2000 connections per second to systems supporting timestamps.
+ip_local_reserved_ports - list of comma separated ranges
+        Specify the ports which are reserved for known third-party
+        applications. These ports will not be used by automatic port
+        assignments (e.g. when calling connect() or bind() with port
+        number 0). Explicit port allocation behavior is unchanged.
+        The format used for both input and output is a comma separated
+        list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
+        10). Writing to the file will clear all previously reserved
+        ports and update the current list with the one given in the
+        input.
+        Note that ip_local_port_range and ip_local_reserved_ports
+        settings are independent and both are considered by the kernel
+        when determining which ports are available for automatic port
+        assignments.
+        You can reserve ports which are not in the current
+        ip_local_port_range, e.g.:
+        $ cat /proc/sys/net/ipv4/ip_local_port_range
+        32000   61000
+        $ cat /proc/sys/net/ipv4/ip_local_reserved_ports
+        8080,9148
+        although this is redundant. However such a setting is useful
+        if later the port range is changed to a value that will
+        include the reserved ports.
+        Default: Empty
 ip_nonlocal_bind - BOOLEAN
        If set, allows processes to bind() to non-local IP addresses,
        which can be quite useful - but may break some applications.
@@ -692,6 +747,25 @@ proxy_arp - BOOLEAN
        conf/{all,interface}/proxy_arp is set to TRUE,
        it will be disabled otherwise
+proxy_arp_pvlan - BOOLEAN
+        Private VLAN proxy arp.
+        Basically allow proxy arp replies back to the same interface
+        (from which the ARP request/solicitation was received).
+        This is done to support (ethernet) switch features, like RFC
+        3069, where the individual ports are NOT allowed to
+        communicate with each other, but they are allowed to talk to
+        the upstream router.  As described in RFC 3069, it is possible
+        to allow these hosts to communicate through the upstream
+        router by proxy_arp'ing. Don't need to be used together with
+        proxy_arp.
+        This technology is known by different names:
+          In RFC 3069 it is called VLAN Aggregation.
+          Cisco and Allied Telesyn call it Private VLAN.
+          Hewlett-Packard call it Source-Port filtering or port-isolation.
+          Ericsson call it MAC-Forced Forwarding (RFC Draft).
 shared_media - BOOLEAN
        Send(router) or accept(host) RFC1620 shared media redirects.
        Overrides ip_secure_redirects.
@@ -833,9 +907,18 @@ arp_notify - BOOLEAN
            or hardware address changes.
 arp_accept - BOOLEAN
-        Define behavior when gratuitous arp replies are received:
+        Define behavior for gratuitous ARP frames who's IP is not
-        0 - drop gratuitous arp frames
+        already present in the ARP table:
-        1 - accept gratuitous arp frames
+        0 - don't create new entries in the ARP table
+        1 - create new entries in the ARP table
+        Both replies and requests type gratuitous arp will trigger the
+        ARP table to be updated, if this setting is on.
+        If the ARP table already contains the IP address of the
+        gratuitous arp frame, the arp table will be updated regardless
+        if this setting is on or off.
 app_solicit - INTEGER
        The maximum number of probes to send to the user space ARP daemon
@@ -1074,10 +1157,10 @@ regen_max_retry - INTEGER
        Default: 5
 max_addresses - INTEGER
-        Number of maximum addresses per interface.  0 disables limitation.
+        Maximum number of autoconfigured addresses per interface.  Setting
-        It is recommended not set too large value (or 0) because it would
+        to zero disables the limitation.  It is not recommended to set this
-        be too easy way to crash kernel to allow to create too much of
+        value too large (or to zero) because it would be an easy way to
-        autoconfigured addresses.
+        crash the kernel by allowing too many addresses to be created.
        Default: 16
 disable_ipv6 - BOOLEAN

diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 006b39dec87d..d0536b5a4e01 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt
@@ -487,6 +487,30 @@ tcp_dma_copybreak - INTEGER
487	and CONFIG_NET_DMA is enabled.	487	and CONFIG_NET_DMA is enabled.
488	Default: 4096	488	Default: 4096
489		489
		490	tcp_thin_linear_timeouts - BOOLEAN
		491	Enable dynamic triggering of linear timeouts for thin streams.
		492	If set, a check is performed upon retransmission by timeout to
		493	determine if the stream is thin (less than 4 packets in flight).
		494	As long as the stream is found to be thin, up to 6 linear
		495	timeouts may be performed before exponential backoff mode is
		496	initiated. This improves retransmission latency for
		497	non-aggressive thin streams, often found to be time-dependent.
		498	For more information on thin streams, see
		499	Documentation/networking/tcp-thin.txt
		500	Default: 0
		501
		502	tcp_thin_dupack - BOOLEAN
		503	Enable dynamic triggering of retransmissions after one dupACK
		504	for thin streams. If set, a check is performed upon reception
		505	of a dupACK to determine if the stream is thin (less than 4
		506	packets in flight). As long as the stream is found to be thin,
		507	data is retransmitted on the first received dupACK. This
		508	improves retransmission latency for non-aggressive thin
		509	streams, often found to be time-dependent.
		510	For more information on thin streams, see
		511	Documentation/networking/tcp-thin.txt
		512	Default: 0
		513
490	UDP variables:	514	UDP variables:
491		515
492	udp_mem - vector of 3 INTEGERs: min, pressure, max	516	udp_mem - vector of 3 INTEGERs: min, pressure, max
@@ -564,6 +588,37 @@ ip_local_port_range - 2 INTEGERS
564	(i.e. by default) range 1024-4999 is enough to issue up to	588	(i.e. by default) range 1024-4999 is enough to issue up to
565	2000 connections per second to systems supporting timestamps.	589	2000 connections per second to systems supporting timestamps.
566		590
		591	ip_local_reserved_ports - list of comma separated ranges
		592	Specify the ports which are reserved for known third-party
		593	applications. These ports will not be used by automatic port
		594	assignments (e.g. when calling connect() or bind() with port
		595	number 0). Explicit port allocation behavior is unchanged.
		596
		597	The format used for both input and output is a comma separated
		598	list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
		599	10). Writing to the file will clear all previously reserved
		600	ports and update the current list with the one given in the
		601	input.
		602
		603	Note that ip_local_port_range and ip_local_reserved_ports
		604	settings are independent and both are considered by the kernel
		605	when determining which ports are available for automatic port
		606	assignments.
		607
		608	You can reserve ports which are not in the current
		609	ip_local_port_range, e.g.:
		610
		611	$ cat /proc/sys/net/ipv4/ip_local_port_range
		612	32000 61000
		613	$ cat /proc/sys/net/ipv4/ip_local_reserved_ports
		614	8080,9148
		615
		616	although this is redundant. However such a setting is useful
		617	if later the port range is changed to a value that will
		618	include the reserved ports.
		619
		620	Default: Empty
		621
567	ip_nonlocal_bind - BOOLEAN	622	ip_nonlocal_bind - BOOLEAN
568	If set, allows processes to bind() to non-local IP addresses,	623	If set, allows processes to bind() to non-local IP addresses,
569	which can be quite useful - but may break some applications.	624	which can be quite useful - but may break some applications.
@@ -692,6 +747,25 @@ proxy_arp - BOOLEAN
692	conf/{all,interface}/proxy_arp is set to TRUE,	747	conf/{all,interface}/proxy_arp is set to TRUE,
693	it will be disabled otherwise	748	it will be disabled otherwise
694		749
		750	proxy_arp_pvlan - BOOLEAN
		751	Private VLAN proxy arp.
		752	Basically allow proxy arp replies back to the same interface
		753	(from which the ARP request/solicitation was received).
		754
		755	This is done to support (ethernet) switch features, like RFC
		756	3069, where the individual ports are NOT allowed to
		757	communicate with each other, but they are allowed to talk to
		758	the upstream router. As described in RFC 3069, it is possible
		759	to allow these hosts to communicate through the upstream
		760	router by proxy_arp'ing. Don't need to be used together with
		761	proxy_arp.
		762
		763	This technology is known by different names:
		764	In RFC 3069 it is called VLAN Aggregation.
		765	Cisco and Allied Telesyn call it Private VLAN.
		766	Hewlett-Packard call it Source-Port filtering or port-isolation.
		767	Ericsson call it MAC-Forced Forwarding (RFC Draft).
		768
695	shared_media - BOOLEAN	769	shared_media - BOOLEAN
696	Send(router) or accept(host) RFC1620 shared media redirects.	770	Send(router) or accept(host) RFC1620 shared media redirects.
697	Overrides ip_secure_redirects.	771	Overrides ip_secure_redirects.
@@ -833,9 +907,18 @@ arp_notify - BOOLEAN
833	or hardware address changes.	907	or hardware address changes.
834		908
835	arp_accept - BOOLEAN	909	arp_accept - BOOLEAN
836	Define behavior when gratuitous arp replies are received:	910	Define behavior for gratuitous ARP frames who's IP is not
837	0 - drop gratuitous arp frames	911	already present in the ARP table:
838	1 - accept gratuitous arp frames	912	0 - don't create new entries in the ARP table
		913	1 - create new entries in the ARP table
		914
		915	Both replies and requests type gratuitous arp will trigger the
		916	ARP table to be updated, if this setting is on.
		917
		918	If the ARP table already contains the IP address of the
		919	gratuitous arp frame, the arp table will be updated regardless
		920	if this setting is on or off.
		921
839		922
840	app_solicit - INTEGER	923	app_solicit - INTEGER
841	The maximum number of probes to send to the user space ARP daemon	924	The maximum number of probes to send to the user space ARP daemon
@@ -1074,10 +1157,10 @@ regen_max_retry - INTEGER
1074	Default: 5	1157	Default: 5
1075		1158
1076	max_addresses - INTEGER	1159	max_addresses - INTEGER
1077	Number of maximum addresses per interface. 0 disables limitation.	1160	Maximum number of autoconfigured addresses per interface. Setting
1078	It is recommended not set too large value (or 0) because it would	1161	to zero disables the limitation. It is not recommended to set this
1079	be too easy way to crash kernel to allow to create too much of	1162	value too large (or to zero) because it would be an easy way to
1080	autoconfigured addresses.	1163	crash the kernel by allowing too many addresses to be created.
1081	Default: 16	1164	Default: 16
1082		1165
1083	disable_ipv6 - BOOLEAN	1166	disable_ipv6 - BOOLEAN