LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices



Reply
 
Search this Thread
Old 06-03-2010, 07:26 PM   #1
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,935
Blog Entries: 1

Rep: Reputation: 188Reputation: 188
TCP tuning on RHEL 5


Hello,

We are currently migrating from Solaris 10 to RHEL 5...

We have TCP tuning variables on our Sun boxes that we would like to do on our RHEL boxes...

I have a script that runs on boot that does these values for me...
Code:
echo "Begin  TCP and IP tuning ..."

  # if netstat -s |grep tcpListenDrop is non-zero, this value is not high enough.
  #  the further from zero it is, the larger the change needed.
  #  I saw a web site with 8192 as the value for _both_ max_q and max_q0 values.
  /usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q 1024
  /usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q0 2048

  /usr/sbin/ndd -set /dev/tcp tcp_rexmit_interval_min     1500
  /usr/sbin/ndd -set /dev/tcp tcp_rexmit_interval_initial 3000
  /usr/sbin/ndd -set /dev/tcp tcp_rexmit_interval_max    10000

  if [ `uname -r | cut -d"." -f2` -ge 9 ] ;then
    #Solaris 9 gets some bigger values (as recommended by Helios) ...
    /usr/sbin/ndd -set /dev/tcp tcp_cwnd_max  262144
    /usr/sbin/ndd -set /dev/tcp tcp_xmit_hiwat 131088
    /usr/sbin/ndd -set /dev/tcp tcp_recv_hiwat 131088
  else
    /usr/sbin/ndd -set /dev/tcp tcp_cwnd_max  262144
    /usr/sbin/ndd -set /dev/tcp tcp_xmit_hiwat 65536
    /usr/sbin/ndd -set /dev/tcp tcp_recv_hiwat 65536
  fi

  # This value tells how long to keep alive a connection. The default is 2 hours;
  #  this value is 300 seconds, 5 minutes. (prev version of this script was: 900000, i.e. 15 minutes)
  /usr/sbin/ndd -set /dev/tcp tcp_keepalive_interval 300000
  /usr/sbin/ndd -set /dev/tcp tcp_ip_abort_interval   60000

  # Per CERT "SMURF" advisory
  /usr/sbin/ndd -set /dev/ip ip_respond_to_echo_broadcast   0
  /usr/sbin/ndd -set /dev/ip ip_forward_directed_broadcasts 0

  # Additional values, per CYMRU ...
  if [ -f ${trustednet} ] ; then
    echo "Trusted Network; CYMRU values skipped ..."
  else
    /usr/sbin/ndd -set /dev/ip ip_ignore_redirect 1
    /usr/sbin/ndd -set /dev/ip ip_send_redirects 0
    /usr/sbin/ndd -set /dev/arp arp_cleanup_interval 60000
    /usr/sbin/ndd -set /dev/ip ip_forward_src_routed 0
  fi

  # Tuning value per MacroMedia (along with values in /etc/system)
  # specifically for use running both a web server and application server ...
  /usr/sbin/ndd -set /dev/tcp tcp_slow_start_initial 2
  #
  # This time_wait value was incorrectly named pre- Solaris 2.7
  thisos=`uname -r`
  thisos=`echo "${thisos} * 10" | bc | sed 's/\(.*\)\../\1/'`
  baseos=57
  #
  if [ ${thisos} -lt ${baseos} ] ;then
    /usr/sbin/ndd -set /dev/tcp tcp_close_wait_interval 60000
  else
    /usr/sbin/ndd -set /dev/tcp tcp_time_wait_interval 60000
  fi
  #

  # This is to prevent a bad guy from "guessing" the next TCP sequence number,
  #  allowing an intruder to intercept a connection. Setting to 2 makes the 
  #  next sequence number "random" instead of predictable increment.
  /usr/sbin/ndd -set /dev/tcp tcp_strong_iss 2
  #

  echo "Finish TCP and IP tuning ..."
How would I do that ^ on a RHEL box?

-C
 
Old 06-03-2010, 07:50 PM   #2
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
Hi -

You should be able to do much of the same thing by editing "/etc/sysctl.conf". Here are a couple of links:

http://fasterdata.es.net/TCP-tuning/linux.html

http://www.linuxtopia.org/online_boo...oc-sysctl.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tuning RHEL for "long fat" links dpnctl Linux - Networking 3 06-01-2010 06:30 PM
TCP tuning for a server with very short HTTP connections jampy Linux - Networking 1 12-24-2009 10:15 AM
TCP tuning in Linux for non-blocking socket connection over long-path WAN mmmike123 Linux - Networking 0 04-23-2009 02:32 PM
How to open port 1951/tcp on a RHEL AS 4 machine? tieuphongvan Linux - Networking 4 05-06-2008 03:53 PM
NFS rhel - tcp/udp ebcdic Linux - Software 1 04-09-2007 10:45 AM


All times are GMT -5. The time now is 08:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration