linux poison RSS
linux poison Email

Tune TCP/IP setting using sysctl

Tunable TCP settings can be found on /proc/sys/net/ipv4 . Here are the details of few of them.

tcp_keepalive_probes : Number of KEEPALIVE probes tcp sends out, until the server decides that the connection is broken.

tcp_keepalive_time : This value shows how often tcp sends out KEEPALIVE messages. The default is 7200 (2 hours).

tcp_syn_retries : Number of times initial SYNs for a TCP connection attempt will be retransmitted. This value should not be more than 255. This is only the timeout for outgoing connections.

tcp_retries1 : This defines how often an answer to a TCP connection request is retransmitted before it gives up. This is only the timeout for incoming connections.

tcp_fin_timeout : The length of time (in seconds) TCP takes to receive a final FIN before the socket is always closed. This is required to prevent DoS attacks

You can change the values by updating the files in /proc/sys/net/ipv4 or sysctl . To make it permanent add it to /etc/sysctl.conf. Below are the default values of these parameters, you can change these values to suite your requirement.

# vi /etc/sysctl
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_syn_retries = 5


Post a Comment

Related Posts with Thumbnails