aboutsummaryrefslogtreecommitdiffstats
path: root/Documentation/networking
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation/networking')
-rw-r--r--Documentation/networking/ip-sysctl.txt256
1 files changed, 214 insertions, 42 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index a40feaee62ec..d84932650fd3 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -148,9 +148,9 @@ tcp_available_congestion_control - STRING
148 but not loaded. 148 but not loaded.
149 149
150tcp_base_mss - INTEGER 150tcp_base_mss - INTEGER
151 The initial value of search_low to be used by Packetization Layer 151 The initial value of search_low to be used by the packetization layer
152 Path MTU Discovery (MTU probing). If MTU probing is enabled, 152 Path MTU discovery (MTU probing). If MTU probing is enabled,
153 this is the inital MSS used by the connection. 153 this is the initial MSS used by the connection.
154 154
155tcp_congestion_control - STRING 155tcp_congestion_control - STRING
156 Set the congestion control algorithm to be used for new 156 Set the congestion control algorithm to be used for new
@@ -185,10 +185,9 @@ tcp_frto - INTEGER
185 timeouts. It is particularly beneficial in wireless environments 185 timeouts. It is particularly beneficial in wireless environments
186 where packet loss is typically due to random radio interference 186 where packet loss is typically due to random radio interference
187 rather than intermediate router congestion. F-RTO is sender-side 187 rather than intermediate router congestion. F-RTO is sender-side
188 only modification. Therefore it does not require any support from 188 only modification. Therefore it does not require any support from
189 the peer, but in a typical case, however, where wireless link is 189 the peer.
190 the local access link and most of the data flows downlink, the 190
191 faraway servers should have F-RTO enabled to take advantage of it.
192 If set to 1, basic version is enabled. 2 enables SACK enhanced 191 If set to 1, basic version is enabled. 2 enables SACK enhanced
193 F-RTO if flow uses SACK. The basic version can be used also when 192 F-RTO if flow uses SACK. The basic version can be used also when
194 SACK is in use though scenario(s) with it exists where F-RTO 193 SACK is in use though scenario(s) with it exists where F-RTO
@@ -276,7 +275,7 @@ tcp_mem - vector of 3 INTEGERs: min, pressure, max
276 memory. 275 memory.
277 276
278tcp_moderate_rcvbuf - BOOLEAN 277tcp_moderate_rcvbuf - BOOLEAN
279 If set, TCP performs receive buffer autotuning, attempting to 278 If set, TCP performs receive buffer auto-tuning, attempting to
280 automatically size the buffer (no greater than tcp_rmem[2]) to 279 automatically size the buffer (no greater than tcp_rmem[2]) to
281 match the size required by the path for full throughput. Enabled by 280 match the size required by the path for full throughput. Enabled by
282 default. 281 default.
@@ -336,7 +335,7 @@ tcp_rmem - vector of 3 INTEGERs: min, default, max
336 pressure. 335 pressure.
337 Default: 8K 336 Default: 8K
338 337
339 default: default size of receive buffer used by TCP sockets. 338 default: initial size of receive buffer used by TCP sockets.
340 This value overrides net.core.rmem_default used by other protocols. 339 This value overrides net.core.rmem_default used by other protocols.
341 Default: 87380 bytes. This value results in window of 65535 with 340 Default: 87380 bytes. This value results in window of 65535 with
342 default setting of tcp_adv_win_scale and tcp_app_win:0 and a bit 341 default setting of tcp_adv_win_scale and tcp_app_win:0 and a bit
@@ -344,8 +343,10 @@ tcp_rmem - vector of 3 INTEGERs: min, default, max
344 343
345 max: maximal size of receive buffer allowed for automatically 344 max: maximal size of receive buffer allowed for automatically
346 selected receiver buffers for TCP socket. This value does not override 345 selected receiver buffers for TCP socket. This value does not override
347 net.core.rmem_max, "static" selection via SO_RCVBUF does not use this. 346 net.core.rmem_max. Calling setsockopt() with SO_RCVBUF disables
348 Default: 87380*2 bytes. 347 automatic tuning of that socket's receive buffer size, in which
348 case this value is ignored.
349 Default: between 87380B and 4MB, depending on RAM size.
349 350
350tcp_sack - BOOLEAN 351tcp_sack - BOOLEAN
351 Enable select acknowledgments (SACKS). 352 Enable select acknowledgments (SACKS).
@@ -358,7 +359,7 @@ tcp_slow_start_after_idle - BOOLEAN
358 Default: 1 359 Default: 1
359 360
360tcp_stdurg - BOOLEAN 361tcp_stdurg - BOOLEAN
361 Use the Host requirements interpretation of the TCP urg pointer field. 362 Use the Host requirements interpretation of the TCP urgent pointer field.
362 Most hosts use the older BSD interpretation, so if you turn this on 363 Most hosts use the older BSD interpretation, so if you turn this on
363 Linux might not communicate correctly with them. 364 Linux might not communicate correctly with them.
364 Default: FALSE 365 Default: FALSE
@@ -371,12 +372,12 @@ tcp_synack_retries - INTEGER
371tcp_syncookies - BOOLEAN 372tcp_syncookies - BOOLEAN
372 Only valid when the kernel was compiled with CONFIG_SYNCOOKIES 373 Only valid when the kernel was compiled with CONFIG_SYNCOOKIES
373 Send out syncookies when the syn backlog queue of a socket 374 Send out syncookies when the syn backlog queue of a socket
374 overflows. This is to prevent against the common 'syn flood attack' 375 overflows. This is to prevent against the common 'SYN flood attack'
375 Default: FALSE 376 Default: FALSE
376 377
377 Note, that syncookies is fallback facility. 378 Note, that syncookies is fallback facility.
378 It MUST NOT be used to help highly loaded servers to stand 379 It MUST NOT be used to help highly loaded servers to stand
379 against legal connection rate. If you see synflood warnings 380 against legal connection rate. If you see SYN flood warnings
380 in your logs, but investigation shows that they occur 381 in your logs, but investigation shows that they occur
381 because of overload with legal connections, you should tune 382 because of overload with legal connections, you should tune
382 another parameters until this warning disappear. 383 another parameters until this warning disappear.
@@ -386,7 +387,7 @@ tcp_syncookies - BOOLEAN
386 to use TCP extensions, can result in serious degradation 387 to use TCP extensions, can result in serious degradation
387 of some services (f.e. SMTP relaying), visible not by you, 388 of some services (f.e. SMTP relaying), visible not by you,
388 but your clients and relays, contacting you. While you see 389 but your clients and relays, contacting you. While you see
389 synflood warnings in logs not being really flooded, your server 390 SYN flood warnings in logs not being really flooded, your server
390 is seriously misconfigured. 391 is seriously misconfigured.
391 392
392tcp_syn_retries - INTEGER 393tcp_syn_retries - INTEGER
@@ -419,19 +420,21 @@ tcp_window_scaling - BOOLEAN
419 Enable window scaling as defined in RFC1323. 420 Enable window scaling as defined in RFC1323.
420 421
421tcp_wmem - vector of 3 INTEGERs: min, default, max 422tcp_wmem - vector of 3 INTEGERs: min, default, max
422 min: Amount of memory reserved for send buffers for TCP socket. 423 min: Amount of memory reserved for send buffers for TCP sockets.
423 Each TCP socket has rights to use it due to fact of its birth. 424 Each TCP socket has rights to use it due to fact of its birth.
424 Default: 4K 425 Default: 4K
425 426
426 default: Amount of memory allowed for send buffers for TCP socket 427 default: initial size of send buffer used by TCP sockets. This
427 by default. This value overrides net.core.wmem_default used 428 value overrides net.core.wmem_default used by other protocols.
428 by other protocols, it is usually lower than net.core.wmem_default. 429 It is usually lower than net.core.wmem_default.
429 Default: 16K 430 Default: 16K
430 431
431 max: Maximal amount of memory allowed for automatically selected 432 max: Maximal amount of memory allowed for automatically tuned
432 send buffers for TCP socket. This value does not override 433 send buffers for TCP sockets. This value does not override
433 net.core.wmem_max, "static" selection via SO_SNDBUF does not use this. 434 net.core.wmem_max. Calling setsockopt() with SO_SNDBUF disables
434 Default: 128K 435 automatic tuning of that socket's send buffer size, in which case
436 this value is ignored.
437 Default: between 64K and 4MB, depending on RAM size.
435 438
436tcp_workaround_signed_windows - BOOLEAN 439tcp_workaround_signed_windows - BOOLEAN
437 If set, assume no receipt of a window scaling option means the 440 If set, assume no receipt of a window scaling option means the
@@ -1073,24 +1076,193 @@ bridge-nf-filter-pppoe-tagged - BOOLEAN
1073 Default: 1 1076 Default: 1
1074 1077
1075 1078
1076UNDOCUMENTED: 1079proc/sys/net/sctp/* Variables:
1080
1081addip_enable - BOOLEAN
1082 Enable or disable extension of Dynamic Address Reconfiguration
1083 (ADD-IP) functionality specified in RFC5061. This extension provides
1084 the ability to dynamically add and remove new addresses for the SCTP
1085 associations.
1086
1087 1: Enable extension.
1088
1089 0: Disable extension.
1090
1091 Default: 0
1092
1093addip_noauth_enable - BOOLEAN
1094 Dynamic Address Reconfiguration (ADD-IP) requires the use of
1095 authentication to protect the operations of adding or removing new
1096 addresses. This requirement is mandated so that unauthorized hosts
1097 would not be able to hijack associations. However, older
1098 implementations may not have implemented this requirement while
1099 allowing the ADD-IP extension. For reasons of interoperability,
1100 we provide this variable to control the enforcement of the
1101 authentication requirement.
1102
1103 1: Allow ADD-IP extension to be used without authentication. This
1104 should only be set in a closed environment for interoperability
1105 with older implementations.
1106
1107 0: Enforce the authentication requirement
1108
1109 Default: 0
1110
1111auth_enable - BOOLEAN
1112 Enable or disable Authenticated Chunks extension. This extension
1113 provides the ability to send and receive authenticated chunks and is
1114 required for secure operation of Dynamic Address Reconfiguration
1115 (ADD-IP) extension.
1116
1117 1: Enable this extension.
1118 0: Disable this extension.
1119
1120 Default: 0
1121
1122prsctp_enable - BOOLEAN
1123 Enable or disable the Partial Reliability extension (RFC3758) which
1124 is used to notify peers that a given DATA should no longer be expected.
1125
1126 1: Enable extension
1127 0: Disable
1128
1129 Default: 1
1130
1131max_burst - INTEGER
1132 The limit of the number of new packets that can be initially sent. It
1133 controls how bursty the generated traffic can be.
1134
1135 Default: 4
1136
1137association_max_retrans - INTEGER
1138 Set the maximum number for retransmissions that an association can
1139 attempt deciding that the remote end is unreachable. If this value
1140 is exceeded, the association is terminated.
1141
1142 Default: 10
1143
1144max_init_retransmits - INTEGER
1145 The maximum number of retransmissions of INIT and COOKIE-ECHO chunks
1146 that an association will attempt before declaring the destination
1147 unreachable and terminating.
1148
1149 Default: 8
1150
1151path_max_retrans - INTEGER
1152 The maximum number of retransmissions that will be attempted on a given
1153 path. Once this threshold is exceeded, the path is considered
1154 unreachable, and new traffic will use a different path when the
1155 association is multihomed.
1156
1157 Default: 5
1158
1159rto_initial - INTEGER
1160 The initial round trip timeout value in milliseconds that will be used
1161 in calculating round trip times. This is the initial time interval
1162 for retransmissions.
1163
1164 Default: 3000
1077 1165
1078dev_weight FIXME 1166rto_max - INTEGER
1079discovery_slots FIXME 1167 The maximum value (in milliseconds) of the round trip timeout. This
1080discovery_timeout FIXME 1168 is the largest time interval that can elapse between retransmissions.
1081fast_poll_increase FIXME 1169
1082ip6_queue_maxlen FIXME 1170 Default: 60000
1083lap_keepalive_time FIXME 1171
1084lo_cong FIXME 1172rto_min - INTEGER
1085max_baud_rate FIXME 1173 The minimum value (in milliseconds) of the round trip timeout. This
1086max_dgram_qlen FIXME 1174 is the smallest time interval the can elapse between retransmissions.
1087max_noreply_time FIXME 1175
1088max_tx_data_size FIXME 1176 Default: 1000
1089max_tx_window FIXME 1177
1090min_tx_turn_time FIXME 1178hb_interval - INTEGER
1091mod_cong FIXME 1179 The interval (in milliseconds) between HEARTBEAT chunks. These chunks
1092no_cong FIXME 1180 are sent at the specified interval on idle paths to probe the state of
1093no_cong_thresh FIXME 1181 a given path between 2 associations.
1094slot_timeout FIXME 1182
1095warn_noreply_time FIXME 1183 Default: 30000
1184
1185sack_timeout - INTEGER
1186 The amount of time (in milliseconds) that the implementation will wait
1187 to send a SACK.
1188
1189 Default: 200
1190
1191valid_cookie_life - INTEGER
1192 The default lifetime of the SCTP cookie (in milliseconds). The cookie
1193 is used during association establishment.
1194
1195 Default: 60000
1196
1197cookie_preserve_enable - BOOLEAN
1198 Enable or disable the ability to extend the lifetime of the SCTP cookie
1199 that is used during the establishment phase of SCTP association
1200
1201 1: Enable cookie lifetime extension.
1202 0: Disable
1203
1204 Default: 1
1205
1206rcvbuf_policy - INTEGER
1207 Determines if the receive buffer is attributed to the socket or to
1208 association. SCTP supports the capability to create multiple
1209 associations on a single socket. When using this capability, it is
1210 possible that a single stalled association that's buffering a lot
1211 of data may block other associations from delivering their data by
1212 consuming all of the receive buffer space. To work around this,
1213 the rcvbuf_policy could be set to attribute the receiver buffer space
1214 to each association instead of the socket. This prevents the described
1215 blocking.
1216
1217 1: rcvbuf space is per association
1218 0: recbuf space is per socket
1219
1220 Default: 0
1221
1222sndbuf_policy - INTEGER
1223 Similar to rcvbuf_policy above, this applies to send buffer space.
1224
1225 1: Send buffer is tracked per association
1226 0: Send buffer is tracked per socket.
1227
1228 Default: 0
1229
1230sctp_mem - vector of 3 INTEGERs: min, pressure, max
1231 Number of pages allowed for queueing by all SCTP sockets.
1232
1233 min: Below this number of pages SCTP is not bothered about its
1234 memory appetite. When amount of memory allocated by SCTP exceeds
1235 this number, SCTP starts to moderate memory usage.
1236
1237 pressure: This value was introduced to follow format of tcp_mem.
1238
1239 max: Number of pages allowed for queueing by all SCTP sockets.
1240
1241 Default is calculated at boot time from amount of available memory.
1242
1243sctp_rmem - vector of 3 INTEGERs: min, default, max
1244 See tcp_rmem for a description.
1245
1246sctp_wmem - vector of 3 INTEGERs: min, default, max
1247 See tcp_wmem for a description.
1248
1249UNDOCUMENTED:
1096 1250
1251/proc/sys/net/core/*
1252 dev_weight FIXME
1253
1254/proc/sys/net/unix/*
1255 max_dgram_qlen FIXME
1256
1257/proc/sys/net/irda/*
1258 fast_poll_increase FIXME
1259 warn_noreply_time FIXME
1260 discovery_slots FIXME
1261 slot_timeout FIXME
1262 max_baud_rate FIXME
1263 discovery_timeout FIXME
1264 lap_keepalive_time FIXME
1265 max_noreply_time FIXME
1266 max_tx_data_size FIXME
1267 max_tx_window FIXME
1268 min_tx_turn_time FIXME