Difference between revisions of "Talk:Sysctl"

From ArchWiki
Jump to navigation Jump to search
(Virtual memory: re, close)
m (Virtual memory: removed closed discussion)
Line 13: Line 13:
 
So, isn't {{ic|0}} the safe value? Our wiki says otherwise. -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 08:56, 17 September 2013 (UTC)
 
So, isn't {{ic|0}} the safe value? Our wiki says otherwise. -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 08:56, 17 September 2013 (UTC)
 
:With setting {{ic|0}} the system would 'assassinate' a socket in time_wait prematurely upon receiving a RST. While this might sound like a good idea (it frees up a socket quicker), it opens the door for tcp sequence problems/syn replay. Those problems were described in RFC1337 and enabling the setting {{ic|1}} is one way to deal with them (letting TIME_WAIT packets idle out even if a reset is received, so that the sequence number cannot be reused meanwhile). The wiki is correct in my view. <s>Kernel doc is wrong here - "prevent" should read "enable".</s>  --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:12, 17 September 2013 (UTC)
 
:With setting {{ic|0}} the system would 'assassinate' a socket in time_wait prematurely upon receiving a RST. While this might sound like a good idea (it frees up a socket quicker), it opens the door for tcp sequence problems/syn replay. Those problems were described in RFC1337 and enabling the setting {{ic|1}} is one way to deal with them (letting TIME_WAIT packets idle out even if a reset is received, so that the sequence number cannot be reused meanwhile). The wiki is correct in my view. <s>Kernel doc is wrong here - "prevent" should read "enable".</s>  --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:12, 17 September 2013 (UTC)
 
== <s>Virtual memory</s> ==
 
 
[https://www.kernel.org/doc/Documentation/sysctl/vm.txt| Documentation] has changed::
 
{{bc|
 
 
dirty_ratio
 
 
Contains, as a percentage of total available memory that contains free pages
 
and reclaimable pages, the number of pages at which a process which is
 
generating disk writes will itself start writing out dirty data.
 
 
The total available memory is not equal to total system memory.}}
 
{{bc|
 
dirty_background_ratio
 
 
Contains, as a percentage of total available memory that contains free pages
 
and reclaimable pages, the number of pages at which the background kernel
 
flusher threads will start writing out dirty data.
 
 
The total available memory is not equal to total system memory.
 
}}
 
: -[[User:Tsester|Tsester]] ([[User talk:Tsester|talk]]) 21:27, 16 May 2016 (UTC)
 
 
:Hm, the quote might have been shortened before to keep it simple before the example calculation. Anyhow, updated it with [https://wiki.archlinux.org/index.php?title=Sysctl&type=revision&diff=435334&oldid=422169], thanks. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:53, 17 May 2016 (UTC)
 

Revision as of 11:10, 4 June 2016

net.ipv4.tcp_rfc1337

From kernel doc:

tcp_rfc1337 - BOOLEAN
	If set, the TCP stack behaves conforming to RFC1337. If unset,
	we are not conforming to RFC, but prevent TCP TIME_WAIT
	assassination.
	Default: 0

So, isn't 0 the safe value? Our wiki says otherwise. -- Lahwaacz (talk) 08:56, 17 September 2013 (UTC)

With setting 0 the system would 'assassinate' a socket in time_wait prematurely upon receiving a RST. While this might sound like a good idea (it frees up a socket quicker), it opens the door for tcp sequence problems/syn replay. Those problems were described in RFC1337 and enabling the setting 1 is one way to deal with them (letting TIME_WAIT packets idle out even if a reset is received, so that the sequence number cannot be reused meanwhile). The wiki is correct in my view. Kernel doc is wrong here - "prevent" should read "enable". --Indigo (talk) 21:12, 17 September 2013 (UTC)