...
Setting | Recommended Value | Rationale |
net.core.netdev_max_backlog | 30000 | Set maximum number of packets, queued on the INPUT side, when the interface receives packets faster than kernel can process them. Recommended setting is for 10GbE links. For 1GbE links use 8000. |
net.core.wmem_max | 67108864 | Set max to 16MB (16777216) for 1GbE links and 64MB (67108864) for 10GbE links. |
net.core.rmem_max | 67108864 | Set max to 16MB (16777216) for 1GbE links and 64MB (67108864) for 10GbE links. |
net.ipv4.tcp_congestion_control | htcp | There seem to be bugs in both bic and cubic (the default) for a number of versions of the Linux kernel up to version 2.6.33. The kernel version for Redhat 5.x is 2.6.18-x and 2.6.32-x for Redhat 6.x |
net.ipv4.tcp_congestion_window | 10 | This is the default for Linux operating systems based on Linux kernel 2.6.39 or later. |
net.ipv4.tcp_fin_timeout | 10 | This setting determines the time that must elapse before TCP/IP can release a closed connection and reuse its resources. During this TIME_WAIT state, reopening the connection to the client costs less than establishing a new connection. By reducing the value of this entry, TCP/IP can release closed connections faster, making more resources available for new connections. The default value is 60. The recommened setting lowers its to 10. You can lower this even further, but too low, and you can run into socket close errors in networks with lots of jitter. |
net.ipv4.tcp_keepalive_intervalintvl | 30 | This determines the wait time between isAlive interval probes. Default value is 75. Recommended value reduces this in keeping with the reduction of the overall keepalive time. |
net.ipv4.tcp_keepalive_probes | 5 | How many keepalive probes to send out before the socket is timed out. Default value is 9. Recommended value reduces this to 5 so that retry attempts will take 2.5 minutes. |
net.ipv4.tcp_keepalive_time | 600 | Set the TCP Socket timeout value to 10 minutes instead of 2 hour default. With an idle socket, the system will wait tcp_keepalive_time seconds, and after that try tcp_keepalive_probes times to send a TCP KEEPALIVE in intervals of tcp_keepalive_intvl seconds. If the retry attempts fail, the socket times out. |
net.ipv4.tcp_low_latency | 1 | Configure TCP for low latency, favoring low latency over throughput |
net.ipv4.tcp_max_orphans | 16384 | Limit number of orphans, each orphan can eat up to 16M (max wmem) of unswappable memory |
net.ipv4.tcp_max_tw_buckets | 1440000 | Maximal number of timewait sockets held by system simultaneously. If this number is exceeded time-wait socket is immediately destroyed and warning is printed. This limit exists to help prevent simple DoS attacks. |
net.ipv4.tcp_no_metrics_save | 1 | Disable caching TCP metrics on connection close |
net.ipv4.tcp_orphan_retries | 0 | Limit number of orphans, each orphan can eat up to 16M (max wmem) of unswappable memory |
net.ipv4.tcp_rfc1337 | 1 | Enable a fix for RFC1337 - time-wait assassination hazards in TCP |
net.ipv4.tcp_rmem | 10240 131072 33554432 | Setting is min/default/max. Recommed increasing the Linux autotuning TCP buffer limit to 32MB |
net.ipv4.tcp_wmem | 10240 131072 33554432 | Setting is min/default/max. Recommed increasing the Linux autotuning TCP buffer limit to 32MB |
net.ipv4.tcp_sack | 1 | Enable select acknowledgments |
net.ipv4.tcp_slow_start_after_idle | 0 | By default, TCP starts with a single small segment, gradually increasing it by one each time. This results in unnecessary slowness that impacts the start of every request. |
net.ipv4.tcp_syncookies | 0 | Many default Linux installations use SYN cookies to protect the system against malicious attacks that flood TCP SYN packets. The use of SYN cookies dramatically reduces network bandwidth, and can be triggered by a running Geode cluster. If your Geode cluster is otherwise protected against such attacks, disable SYN cookies to ensure that Geode network throughput is not affected. NOTE: if SYN floods are an issue and SYN cookies can’t be disabled, try the following: net.ipv4.tcp_max_syn_backlog="16384" net.ipv4.tcp_synack_retries="1" net.ipv4.tcp_max_orphans="400000" |
net.ipv4.tcp_timestamps | 1 | Enable timestamps as defined in RFC1323: |
net.ipv4.tcp_tw_recycle | 1 | This enables fast recycling of TIME_WAIT sockets. The default value is 0 (disabled). Should be used with caution with load balancers and not at all when behind a NAT device. |
net.ipv4.tcp_tw_reuse | 1 | This allows reusing sockets in TIME_WAIT state for new connections when it is safe from protocol viewpoint. Default value is 0 (disabled). It is generally a safer alternative to tcp_tw_recycle. The tcp_tw_reuse setting is particularly useful in environments where numerous short connections are open and left in TIME_WAIT state, such as web servers and loadbalancers. |
net.ipv4.tcp_window_scaling | 1 | Turn on window scaling which can be an option to enlarge the transfer window: |
...