1 files changed, 55 insertions, 0 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 10742902146f..a46d78583ae1 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -440,6 +440,10 @@ tcp_syncookies - BOOLEAN
        SYN flood warnings in logs not being really flooded, your server
        is seriously misconfigured.
+        If you want to test which effects syncookies have to your
+        network connections you can set this knob to 2 to enable
+        unconditionally generation of syncookies.
 tcp_fastopen - INTEGER
        Enable TCP Fast Open feature (draft-ietf-tcpm-fastopen) to send data
        in the opening SYN packet. To use this feature, the client application
@@ -478,6 +482,15 @@ tcp_syn_retries - INTEGER
 tcp_timestamps - BOOLEAN
        Enable timestamps as defined in RFC1323.
+tcp_min_tso_segs - INTEGER
+        Minimal number of segments per TSO frame.
+        Since linux-3.12, TCP does an automatic sizing of TSO frames,
+        depending on flow rate, instead of filling 64Kbytes packets.
+        For specific usages, it's possible to force TCP to build big
+        TSO frames. Note that TCP stack might split too big TSO packets
+        if available window is too small.
+        Default: 2
 tcp_tso_win_divisor - INTEGER
        This allows control over what percentage of the congestion window
        can be consumed by a single TSO frame.
@@ -516,6 +529,19 @@ tcp_wmem - vector of 3 INTEGERs: min, default, max
        this value is ignored.
        Default: between 64K and 4MB, depending on RAM size.
+tcp_notsent_lowat - UNSIGNED INTEGER
+        A TCP socket can control the amount of unsent bytes in its write queue,
+        thanks to TCP_NOTSENT_LOWAT socket option. poll()/select()/epoll()
+        reports POLLOUT events if the amount of unsent bytes is below a per
+        socket value, and if the write queue is not full. sendmsg() will
+        also not add new buffers if the limit is hit.
+        This global variable controls the amount of unsent data for
+        sockets not using TCP_NOTSENT_LOWAT. For these sockets, a change
+        to the global variable has immediate effect.
+        Default: UINT_MAX (0xFFFFFFFF)
 tcp_workaround_signed_windows - BOOLEAN
        If set, assume no receipt of a window scaling option means the
        remote TCP is broken and treats the window as a signed quantity.
@@ -1022,7 +1048,15 @@ disable_policy - BOOLEAN
 disable_xfrm - BOOLEAN
        Disable IPSEC encryption on this interface, whatever the policy
+igmpv2_unsolicited_report_interval - INTEGER
+        The interval in milliseconds in which the next unsolicited
+        IGMPv1 or IGMPv2 report retransmit will take place.
+        Default: 10000 (10 seconds)
+igmpv3_unsolicited_report_interval - INTEGER
+        The interval in milliseconds in which the next unsolicited
+        IGMPv3 report retransmit will take place.
+        Default: 1000 (1 seconds)
 tag - INTEGER
        Allows you to write a number, which can be used as required.
@@ -1314,6 +1348,27 @@ ndisc_notify - BOOLEAN
        1 - Generate unsolicited neighbour advertisements when device is brought
            up or hardware address changes.
+mldv1_unsolicited_report_interval - INTEGER
+        The interval in milliseconds in which the next unsolicited
+        MLDv1 report retransmit will take place.
+        Default: 10000 (10 seconds)
+mldv2_unsolicited_report_interval - INTEGER
+        The interval in milliseconds in which the next unsolicited
+        MLDv2 report retransmit will take place.
+        Default: 1000 (1 second)
+force_mld_version - INTEGER
+        0 - (default) No enforcement of a MLD version, MLDv1 fallback allowed
+        1 - Enforce to use MLD version 1
+        2 - Enforce to use MLD version 2
+suppress_frag_ndisc - INTEGER
+        Control RFC 6980 (Security Implications of IPv6 Fragmentation
+        with IPv6 Neighbor Discovery) behavior:
+        1 - (default) discard fragmented neighbor discovery packets
+        0 - allow fragmented neighbor discovery packets
 icmp/*:
 ratelimit - INTEGER
        Limit the maximal rates for sending ICMPv6 packets.

diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 10742902146f..a46d78583ae1 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt
@@ -440,6 +440,10 @@ tcp_syncookies - BOOLEAN
440	SYN flood warnings in logs not being really flooded, your server	440	SYN flood warnings in logs not being really flooded, your server
441	is seriously misconfigured.	441	is seriously misconfigured.
442		442
		443	If you want to test which effects syncookies have to your
		444	network connections you can set this knob to 2 to enable
		445	unconditionally generation of syncookies.
		446
443	tcp_fastopen - INTEGER	447	tcp_fastopen - INTEGER
444	Enable TCP Fast Open feature (draft-ietf-tcpm-fastopen) to send data	448	Enable TCP Fast Open feature (draft-ietf-tcpm-fastopen) to send data
445	in the opening SYN packet. To use this feature, the client application	449	in the opening SYN packet. To use this feature, the client application
@@ -478,6 +482,15 @@ tcp_syn_retries - INTEGER
478	tcp_timestamps - BOOLEAN	482	tcp_timestamps - BOOLEAN
479	Enable timestamps as defined in RFC1323.	483	Enable timestamps as defined in RFC1323.
480		484
		485	tcp_min_tso_segs - INTEGER
		486	Minimal number of segments per TSO frame.
		487	Since linux-3.12, TCP does an automatic sizing of TSO frames,
		488	depending on flow rate, instead of filling 64Kbytes packets.
		489	For specific usages, it's possible to force TCP to build big
		490	TSO frames. Note that TCP stack might split too big TSO packets
		491	if available window is too small.
		492	Default: 2
		493
481	tcp_tso_win_divisor - INTEGER	494	tcp_tso_win_divisor - INTEGER
482	This allows control over what percentage of the congestion window	495	This allows control over what percentage of the congestion window
483	can be consumed by a single TSO frame.	496	can be consumed by a single TSO frame.
@@ -516,6 +529,19 @@ tcp_wmem - vector of 3 INTEGERs: min, default, max
516	this value is ignored.	529	this value is ignored.
517	Default: between 64K and 4MB, depending on RAM size.	530	Default: between 64K and 4MB, depending on RAM size.
518		531
		532	tcp_notsent_lowat - UNSIGNED INTEGER
		533	A TCP socket can control the amount of unsent bytes in its write queue,
		534	thanks to TCP_NOTSENT_LOWAT socket option. poll()/select()/epoll()
		535	reports POLLOUT events if the amount of unsent bytes is below a per
		536	socket value, and if the write queue is not full. sendmsg() will
		537	also not add new buffers if the limit is hit.
		538
		539	This global variable controls the amount of unsent data for
		540	sockets not using TCP_NOTSENT_LOWAT. For these sockets, a change
		541	to the global variable has immediate effect.
		542
		543	Default: UINT_MAX (0xFFFFFFFF)
		544
519	tcp_workaround_signed_windows - BOOLEAN	545	tcp_workaround_signed_windows - BOOLEAN
520	If set, assume no receipt of a window scaling option means the	546	If set, assume no receipt of a window scaling option means the
521	remote TCP is broken and treats the window as a signed quantity.	547	remote TCP is broken and treats the window as a signed quantity.
@@ -1022,7 +1048,15 @@ disable_policy - BOOLEAN
1022	disable_xfrm - BOOLEAN	1048	disable_xfrm - BOOLEAN
1023	Disable IPSEC encryption on this interface, whatever the policy	1049	Disable IPSEC encryption on this interface, whatever the policy
1024		1050
		1051	igmpv2_unsolicited_report_interval - INTEGER
		1052	The interval in milliseconds in which the next unsolicited
		1053	IGMPv1 or IGMPv2 report retransmit will take place.
		1054	Default: 10000 (10 seconds)
1025		1055
		1056	igmpv3_unsolicited_report_interval - INTEGER
		1057	The interval in milliseconds in which the next unsolicited
		1058	IGMPv3 report retransmit will take place.
		1059	Default: 1000 (1 seconds)
1026		1060
1027	tag - INTEGER	1061	tag - INTEGER
1028	Allows you to write a number, which can be used as required.	1062	Allows you to write a number, which can be used as required.
@@ -1314,6 +1348,27 @@ ndisc_notify - BOOLEAN
1314	1 - Generate unsolicited neighbour advertisements when device is brought	1348	1 - Generate unsolicited neighbour advertisements when device is brought
1315	up or hardware address changes.	1349	up or hardware address changes.
1316		1350
		1351	mldv1_unsolicited_report_interval - INTEGER
		1352	The interval in milliseconds in which the next unsolicited
		1353	MLDv1 report retransmit will take place.
		1354	Default: 10000 (10 seconds)
		1355
		1356	mldv2_unsolicited_report_interval - INTEGER
		1357	The interval in milliseconds in which the next unsolicited
		1358	MLDv2 report retransmit will take place.
		1359	Default: 1000 (1 second)
		1360
		1361	force_mld_version - INTEGER
		1362	0 - (default) No enforcement of a MLD version, MLDv1 fallback allowed
		1363	1 - Enforce to use MLD version 1
		1364	2 - Enforce to use MLD version 2
		1365
		1366	suppress_frag_ndisc - INTEGER
		1367	Control RFC 6980 (Security Implications of IPv6 Fragmentation
		1368	with IPv6 Neighbor Discovery) behavior:
		1369	1 - (default) discard fragmented neighbor discovery packets
		1370	0 - allow fragmented neighbor discovery packets
		1371
1317	icmp/*:	1372	icmp/*:
1318	ratelimit - INTEGER	1373	ratelimit - INTEGER
1319	Limit the maximal rates for sending ICMPv6 packets.	1374	Limit the maximal rates for sending ICMPv6 packets.