Difference between revisions of "Talk:Sysctl"

From ArchWiki
Jump to: navigation, search
m
m (Virtual memory: removed closed discussion)
 
(37 intermediate revisions by 8 users not shown)
Line 1: Line 1:
I can't imagine this being a very long article, but I do find it useful. I didn't have a clue what this command did until I came across it now. I recall it from my first time installing Arch, with regard to storing the volume levels in alsamixer. --[[User:Mustard|Mustard]] 10:31, 22 October 2010 (EDT)
+
== net.ipv4.tcp_rfc1337 ==
  
error: permission denied on key 'net.ipv4.conf.all.mc_forwarding'
+
From [https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt kernel doc]:
error: permission denied on key 'net.ipv4.conf.default.mc_forwarding'
+
  
Are these not used any-more?
+
{{bc|
 +
tcp_rfc1337 - BOOLEAN
 +
If set, the TCP stack behaves conforming to RFC1337. If unset,
 +
we are not conforming to RFC, but prevent TCP TIME_WAIT
 +
assassination.
 +
Default: 0
 +
}}
  
:it's read only which might mean that it has to be changed while compiling the kernel, I'm not sure (it used to work), it is disabled by default anyway [[User:Thestinger|thestinger]] 16:39, 26 October 2010 (EDT)
+
So, isn't {{ic|0}} the safe value? Our wiki says otherwise. -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 08:56, 17 September 2013 (UTC)
 +
:With setting {{ic|0}} the system would 'assassinate' a socket in time_wait prematurely upon receiving a RST. While this might sound like a good idea (it frees up a socket quicker), it opens the door for tcp sequence problems/syn replay. Those problems were described in RFC1337 and enabling the setting {{ic|1}} is one way to deal with them (letting TIME_WAIT packets idle out even if a reset is received, so that the sequence number cannot be reused meanwhile). The wiki is correct in my view. <s>Kernel doc is wrong here - "prevent" should read "enable".</s>  --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:12, 17 September 2013 (UTC)

Latest revision as of 11:10, 4 June 2016

net.ipv4.tcp_rfc1337

From kernel doc:

tcp_rfc1337 - BOOLEAN
	If set, the TCP stack behaves conforming to RFC1337. If unset,
	we are not conforming to RFC, but prevent TCP TIME_WAIT
	assassination.
	Default: 0

So, isn't 0 the safe value? Our wiki says otherwise. -- Lahwaacz (talk) 08:56, 17 September 2013 (UTC)

With setting 0 the system would 'assassinate' a socket in time_wait prematurely upon receiving a RST. While this might sound like a good idea (it frees up a socket quicker), it opens the door for tcp sequence problems/syn replay. Those problems were described in RFC1337 and enabling the setting 1 is one way to deal with them (letting TIME_WAIT packets idle out even if a reset is received, so that the sequence number cannot be reused meanwhile). The wiki is correct in my view. Kernel doc is wrong here - "prevent" should read "enable". --Indigo (talk) 21:12, 17 September 2013 (UTC)