~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/Documentation/admin-guide/sysctl/net.rst

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /Documentation/admin-guide/sysctl/net.rst (Version linux-6.12-rc7) and /Documentation/admin-guide/sysctl/net.rst (Version linux-5.0.21)


  1 ================================                  
  2 Documentation for /proc/sys/net/                  
  3 ================================                  
  4                                                   
  5 Copyright                                         
  6                                                   
  7 Copyright (c) 1999                                
  8                                                   
  9         - Terrehon Bowden <terrehon@pacbell.net    
 10         - Bodo Bauer <bb@ricochet.net>             
 11                                                   
 12 Copyright (c) 2000                                
 13                                                   
 14         - Jorge Nerin <comandante@zaralinux.com    
 15                                                   
 16 Copyright (c) 2009                                
 17                                                   
 18         - Shen Feng <shen@cn.fujitsu.com>          
 19                                                   
 20 For general info and legal blurb, please look     
 21                                                   
 22 ----------------------------------------------    
 23                                                   
 24 This file contains the documentation for the s    
 25 /proc/sys/net                                     
 26                                                   
 27 The interface  to  the  networking  parts  of     
 28 /proc/sys/net. The following table shows all p    
 29 see only some of them, depending on your kerne    
 30                                                   
 31                                                   
 32 Table : Subdirectories in /proc/sys/net           
 33                                                   
 34  ========= =================== = ========== ==    
 35  Directory Content               Directory  Co    
 36  ========= =================== = ========== ==    
 37  802       E802 protocol         mptcp      Mu    
 38  appletalk Appletalk protocol    netfilter  Ne    
 39  ax25      AX25                  netrom     NE    
 40  bridge    Bridging              rose       X.    
 41  core      General parameter     tipc       TI    
 42  ethernet  Ethernet protocol     unix       Un    
 43  ipv4      IP version 4          x25        X.    
 44  ipv6      IP version 6                           
 45  ========= =================== = ========== ==    
 46                                                   
 47 1. /proc/sys/net/core - Network core options      
 48 ============================================      
 49                                                   
 50 bpf_jit_enable                                    
 51 --------------                                    
 52                                                   
 53 This enables the BPF Just in Time (JIT) compil    
 54 and efficient infrastructure allowing to execu    
 55 hook points. It is used in a number of Linux k    
 56 as networking (e.g. XDP, tc), tracing (e.g. kp    
 57 and security (e.g. seccomp). LLVM has a BPF ba    
 58 restricted C into a sequence of BPF instructio    
 59 through bpf(2) and passing a verifier in the k    
 60 translate these BPF proglets into native CPU i    
 61 two flavors of JITs, the newer eBPF JIT curren    
 62                                                   
 63   - x86_64                                        
 64   - x86_32                                        
 65   - arm64                                         
 66   - arm32                                         
 67   - ppc64                                         
 68   - ppc32                                         
 69   - sparc64                                       
 70   - mips64                                        
 71   - s390x                                         
 72   - riscv64                                       
 73   - riscv32                                       
 74   - loongarch64                                   
 75   - arc                                           
 76                                                   
 77 And the older cBPF JIT supported on the follow    
 78                                                   
 79   - mips                                          
 80   - sparc                                         
 81                                                   
 82 eBPF JITs are a superset of cBPF JITs, meaning    
 83 migrate cBPF instructions into eBPF instructio    
 84 compile them transparently. Older cBPF JITs ca    
 85 tcpdump filters, seccomp rules, etc, but not m    
 86 programs loaded through bpf(2).                   
 87                                                   
 88 Values:                                           
 89                                                   
 90         - 0 - disable the JIT (default value)     
 91         - 1 - enable the JIT                      
 92         - 2 - enable the JIT and ask the compi    
 93                                                   
 94 bpf_jit_harden                                    
 95 --------------                                    
 96                                                   
 97 This enables hardening for the BPF JIT compile    
 98 JIT backends. Enabling hardening trades off pe    
 99 mitigate JIT spraying.                            
100                                                   
101 Values:                                           
102                                                   
103         - 0 - disable JIT hardening (default v    
104         - 1 - enable JIT hardening for unprivi    
105         - 2 - enable JIT hardening for all use    
106                                                   
107 where "privileged user" in this context means     
108 CAP_BPF or CAP_SYS_ADMIN in the root user name    
109                                                   
110 bpf_jit_kallsyms                                  
111 ----------------                                  
112                                                   
113 When BPF JIT compiler is enabled, then compile    
114 addresses to the kernel, meaning they neither     
115 in /proc/kallsyms. This enables export of thes    
116 be used for debugging/tracing. If bpf_jit_hard    
117 feature is disabled.                              
118                                                   
119 Values :                                          
120                                                   
121         - 0 - disable JIT kallsyms export (def    
122         - 1 - enable JIT kallsyms export for p    
123                                                   
124 bpf_jit_limit                                     
125 -------------                                     
126                                                   
127 This enforces a global limit for memory alloca    
128 compiler in order to reject unprivileged JIT r    
129 been surpassed. bpf_jit_limit contains the val    
130 in bytes.                                         
131                                                   
132 dev_weight                                        
133 ----------                                        
134                                                   
135 The maximum number of packets that kernel can     
136 it's a Per-CPU variable. For drivers that supp    
137 aggregated packet is counted as one packet in     
138                                                   
139 Default: 64                                       
140                                                   
141 dev_weight_rx_bias                                
142 ------------------                                
143                                                   
144 RPS (e.g. RFS, aRFS) processing is competing w    
145 of the driver for the per softirq cycle netdev    
146 the proportion of the configured netdev_budget    
147 processing during RX softirq cycles. It is fur    
148 dev_weight adaptable for asymmetric CPU needs     
149 (see dev_weight_tx_bias) It is effective on a     
150 on dev_weight and is calculated multiplicative    
151                                                   
152 Default: 1                                        
153                                                   
154 dev_weight_tx_bias                                
155 ------------------                                
156                                                   
157 Scales the maximum number of packets that can     
158 Effective on a per CPU basis. Allows scaling o    
159 net stack processing needs. Be careful to avoi    
160                                                   
161 Calculation is based on dev_weight (dev_weight    
162                                                   
163 Default: 1                                        
164                                                   
165 default_qdisc                                     
166 -------------                                     
167                                                   
168 The default queuing discipline to use for netw    
169 overriding the default of pfifo_fast with an a    
170 queuing discipline is created without addition    
171 to queuing disciplines that work well without     
172 fair queue (sfq), CoDel (codel) or fair queue     
173 queuing disciplines like Hierarchical Token Bu    
174 which require setting up classes and bandwidth    
175 interfaces still use mq as root qdisc, which i    
176 leaves. Virtual devices (like e.g. lo or veth)    
177 default to noqueue.                               
178                                                   
179 Default: pfifo_fast                               
180                                                   
181 busy_read                                         
182 ---------                                         
183                                                   
184 Low latency busy poll timeout for socket reads    
185 Approximate time in us to busy loop waiting fo    
186 This sets the default value of the SO_BUSY_POL    
187 Can be set or overridden per socket by setting    
188 which is the preferred method of enabling. If     
189 globally via sysctl, a value of 50 is recommen    
190                                                   
191 Will increase power usage.                        
192                                                   
193 Default: 0 (off)                                  
194                                                   
195 busy_poll                                         
196 ----------------                                  
197 Low latency busy poll timeout for poll and sel    
198 Approximate time in us to busy loop waiting fo    
199 Recommended value depends on the number of soc    
200 For several sockets 50, for several hundreds 1    
201 For more than that you probably want to use ep    
202 Note that only sockets with SO_BUSY_POLL set w    
203 so you want to either selectively set SO_BUSY_    
204 sysctl.net.busy_read globally.                    
205                                                   
206 Will increase power usage.                        
207                                                   
208 Default: 0 (off)                                  
209                                                   
210 mem_pcpu_rsv                                      
211 ------------                                      
212                                                   
213 Per-cpu reserved forward alloc cache size in p    
214                                                   
215 rmem_default                                      
216 ------------                                      
217                                                   
218 The default setting of the socket receive buff    
219                                                   
220 rmem_max                                          
221 --------                                          
222                                                   
223 The maximum receive socket buffer size in byte    
224                                                   
225 rps_default_mask                                  
226 ----------------                                  
227                                                   
228 The default RPS CPU mask used on newly created    
229 mask means RPS disabled by default.               
230                                                   
231 tstamp_allow_data                                 
232 -----------------                                 
233 Allow processes to receive tx timestamps loope    
234 packet contents. If disabled, transmit timesta    
235 processes are dropped unless socket option SOF    
236                                                   
237 Default: 1 (on)                                   
238                                                   
239                                                   
240 wmem_default                                      
241 ------------                                      
242                                                   
243 The default setting (in bytes) of the socket s    
244                                                   
245 wmem_max                                          
246 --------                                          
247                                                   
248 The maximum send socket buffer size in bytes.     
249                                                   
250 message_burst and message_cost                    
251 ------------------------------                    
252                                                   
253 These parameters  are used to limit the warnin    
254 log from  the  networking  code.  They  enforc    
255 denial-of-service attack  impossible. A higher    
256 fewer messages that will be written. Message_b    
257 be dropped.  The  default  settings  limit  wa    
258 seconds.                                          
259                                                   
260 warnings                                          
261 --------                                          
262                                                   
263 This sysctl is now unused.                        
264                                                   
265 This was used to control console messages from    
266 occur because of problems on the network like     
267 checksums.                                        
268                                                   
269 These messages are now emitted at KERN_DEBUG a    
270 and controlled by the dynamic_debug facility.     
271                                                   
272 netdev_budget                                     
273 -------------                                     
274                                                   
275 Maximum number of packets taken from all inter    
276 poll). In one polling cycle interfaces which a    
277 probed in a round-robin manner. Also, a pollin    
278 netdev_budget_usecs microseconds, even if netd    
279 exhausted.                                        
280                                                   
281 netdev_budget_usecs                               
282 ---------------------                             
283                                                   
284 Maximum number of microseconds in one NAPI pol    
285 will exit when either netdev_budget_usecs have    
286 poll cycle or the number of packets processed     
287                                                   
288 netdev_max_backlog                                
289 ------------------                                
290                                                   
291 Maximum number of packets, queued on the INPUT    
292 receives packets faster than kernel can proces    
293                                                   
294 netdev_rss_key                                    
295 --------------                                    
296                                                   
297 RSS (Receive Side Scaling) enabled drivers use    
298 randomly generated.                               
299 Some user space might need to gather its conte    
300 provide ethtool -x support yet.                   
301                                                   
302 ::                                                
303                                                   
304   myhost:~# cat /proc/sys/net/core/netdev_rss_    
305   84:50:f4:00:a8:15:d1:a7:e9:7f:1d:60:35:c7:47    
306                                                   
307 File contains nul bytes if no driver ever call    
308                                                   
309 Note:                                             
310   /proc/sys/net/core/netdev_rss_key contains 5    
311   but most drivers only use 40 bytes of it.       
312                                                   
313 ::                                                
314                                                   
315   myhost:~# ethtool -x eth0                       
316   RX flow hash indirection table for eth0 with    
317       0:    0     1     2     3     4     5       
318   RSS hash key:                                   
319   84:50:f4:00:a8:15:d1:a7:e9:7f:1d:60:35:c7:47    
320                                                   
321 netdev_tstamp_prequeue                            
322 ----------------------                            
323                                                   
324 If set to 0, RX packet timestamps can be sampl    
325 the target CPU processes packets. It might giv    
326 permit to distribute the load on several cpus.    
327                                                   
328 If set to 1 (default), timestamps are sampled     
329 queueing.                                         
330                                                   
331 netdev_unregister_timeout_secs                    
332 ------------------------------                    
333                                                   
334 Unregister network device timeout in seconds.     
335 This option controls the timeout (in seconds)     
336 waiting for a network device refcount to drop     
337 unregistration. A lower value may be useful du    
338 a leaked reference faster. A larger value may     
339 warnings on slow/loaded systems.                  
340 Default value is 10, minimum 1, maximum 3600.     
341                                                   
342 skb_defer_max                                     
343 -------------                                     
344                                                   
345 Max size (in skbs) of the per-cpu list of skbs    
346 by the cpu which allocated them. Used by TCP s    
347                                                   
348 Default: 64                                       
349                                                   
350 optmem_max                                        
351 ----------                                        
352                                                   
353 Maximum ancillary buffer size allowed per sock    
354 of struct cmsghdr structures with appended dat    
355 optmem_max as a limit for its internal structu    
356                                                   
357 Default : 128 KB                                  
358                                                   
359 fb_tunnels_only_for_init_net                      
360 ----------------------------                      
361                                                   
362 Controls if fallback tunnels (like tunl0, gre0    
363 sit0, ip6tnl0, ip6gre0) are automatically crea    
364 (a) value = 0; respective fallback tunnels are    
365 loaded in every net namespaces (backward compa    
366 (b) value = 1; [kcmd value: initns] respective    
367 created only in init net namespace and every o    
368 not have them.                                    
369 (c) value = 2; [kcmd value: none] fallback tun    
370 when a module is loaded in any of the net name    
371 "2" is pointless after boot if these modules a    
372 a kernel command-line option that can change t    
373 Documentation/admin-guide/kernel-parameters.tx    
374                                                   
375 Not creating fallback tunnels gives control to    
376 whatever is needed only and avoid creating dev    
377                                                   
378 Default : 0  (for compatibility reasons)          
379                                                   
380 devconf_inherit_init_net                          
381 ------------------------                          
382                                                   
383 Controls if a new network namespace should inh    
384 settings under /proc/sys/net/{ipv4,ipv6}/conf/    
385 default, we keep the current behavior: for IPv    
386 settings from init_net and for IPv6 we reset a    
387                                                   
388 If set to 1, both IPv4 and IPv6 settings are f    
389 current ones in init_net. If set to 2, both IP    
390 forced to reset to their default values. If se    
391 settings are forced to inherit from current on    
392 new netns has been created.                       
393                                                   
394 Default : 0  (for compatibility reasons)          
395                                                   
396 txrehash                                          
397 --------                                          
398                                                   
399 Controls default hash rethink behaviour on soc    
400 to SOCK_TXREHASH_DEFAULT (i. e. not overridden    
401                                                   
402 If set to 1 (default), hash rethink is perform    
403 If set to 0, hash rethink is not performed.       
404                                                   
405 gro_normal_batch                                  
406 ----------------                                  
407                                                   
408 Maximum number of the segments to batch up on     
409 exits GRO, either as a coalesced superframe or    
410 GRO has decided not to coalesce, it is placed     
411 list is then passed to the stack when the numb    
412 gro_normal_batch limit.                           
413                                                   
414 high_order_alloc_disable                          
415 ------------------------                          
416                                                   
417 By default the allocator for page frags tries     
418 on x86). While the default behavior gives good    
419 might have hit a contention in page allocation    
420 true on older kernels (< 5.14) when high-order    
421 lists. This allows to opt-in for order-0 alloc    
422 historical importance.                            
423                                                   
424 Default: 0                                        
425                                                   
426 2. /proc/sys/net/unix - Parameters for Unix do    
427 ----------------------------------------------    
428                                                   
429 There is only one file in this directory.         
430 unix_dgram_qlen limits the max number of datag    
431 socket's buffer. It will not take effect unles    
432                                                   
433                                                   
434 3. /proc/sys/net/ipv4 - IPV4 settings             
435 -------------------------------------             
436 Please see: Documentation/networking/ip-sysctl    
437 Documentation/admin-guide/sysctl/net.rst for d    
438                                                   
439                                                   
440 4. Appletalk                                      
441 ------------                                      
442                                                   
443 The /proc/sys/net/appletalk  directory  holds     
444 when Appletalk is loaded. The configurable par    
445                                                   
446 aarp-expiry-time                                  
447 ----------------                                  
448                                                   
449 The amount  of  time  we keep an ARP entry bef    
450 old hosts.                                        
451                                                   
452 aarp-resolve-time                                 
453 -----------------                                 
454                                                   
455 The amount of time we will spend trying to res    
456                                                   
457 aarp-retransmit-limit                             
458 ---------------------                             
459                                                   
460 The number of times we will retransmit a query    
461                                                   
462 aarp-tick-time                                    
463 --------------                                    
464                                                   
465 Controls the rate at which expires are checked    
466                                                   
467 The directory  /proc/net/appletalk  holds the     
468 on a machine.                                     
469                                                   
470 The fields  indicate  the DDP type, the local     
471 the remote  address,  the  size of the transmi    
472 received queue  (bytes waiting for application    
473 owning the socket.                                
474                                                   
475 /proc/net/atalk_iface lists  all  the  interfa    
476 shows the  name  of the interface, its Appleta    
477 that address  (or  network number for phase 1     
478 interface.                                        
479                                                   
480 /proc/net/atalk_route lists  each  known  netw    
481 (network) that the route leads to, the router     
482 route flags, and the device the route is using    
483                                                   
484 5. TIPC                                           
485 -------                                           
486                                                   
487 tipc_rmem                                         
488 ---------                                         
489                                                   
490 The TIPC protocol now has a tunable for the re    
491 tcp_rmem - i.e. a vector of 3 INTEGERs: (min,     
492                                                   
493 ::                                                
494                                                   
495     # cat /proc/sys/net/tipc/tipc_rmem            
496     4252725 34021800        68043600              
497     #                                             
498                                                   
499 The max value is set to CONN_OVERLOAD_LIMIT, a    
500 are scaled (shifted) versions of that same val    
501 is not at this point in time used in any meani    
502 preserved in order to be consistent with thing    
503                                                   
504 named_timeout                                     
505 -------------                                     
506                                                   
507 TIPC name table updates are distributed asynch    
508 any form of transaction handling. This means t    
509 possible. One such is that a name withdrawal s    
510 by another node may arrive after a second, ove    
511 has been accepted from a third node, although     
512 originally may have been issued in the correct    
513 If named_timeout is nonzero, failed topology u    
514 queue until another event arrives that clears     
515 expires. Value is in milliseconds.                
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php