The network subsystem is rather complex and its tuning highly depends on the system use scenario and also on external factors such as software clients or hardware components (switches, routers, or gateways) in your network. The Linux kernel aims more at reliability and low latency than low overhead and high throughput. Other settings can mean less security, but better performance.
Networking is largely based on the TCP/IP protocol and a socket interface for communication; for more information about TCP/IP, see Chapter 20, Basic Networking (↑Administration Guide). The Linux kernel handles data it receives or sends via the socket interface in socket buffers. These kernel socket buffers are tunable.
Since kernel version 2.6.17 full autotuning with 4 MB maximum buffer size exists. This means that manual tuning in most cases will not improve networking performance considerably. It is often the best not to touch the following variables, or, at least, to check the outcome of tuning efforts carefully.
If you update from an older kernel, it is recommended to remove manual TCP tunings in favor of the autotuning feature.
The special files in the
/proc file system can
modify the size and behavior of kernel socket buffers; for general
information about the
/proc file system, see
Section 2.6, “The
/proc File System”. Find networking related files in:
/proc/sys/net/core /proc/sys/net/ipv4 /proc/sys/net/ipv6
net variables are explained in the
ipv4 variables are explained in
/proc file system, for example, it is
possible to either set the Maximum Socket Receive Buffer and Maximum
Socket Send Buffer for all protocols, or both these options for the TCP
protocol only (in
ipv4) and thus overriding the
setting for all protocols (in
/proc/sys/net/ipv4/tcp_moderate_rcvbuf is set
1, autotuning is active and buffer size is
The three values setting the minimum, initial, and maximum size of the Memory Receive Buffer per connection. They define the actual memory usage, not just TCP window size.
The same as
tcp_rmem, but just for Memory Send
Buffer per connection.
Set to limit the maximum receive buffer size that applications can request.
Set to limit the maximum send buffer size that applications can request.
/proc it is possible to disable TCP features
that you do not need (all TCP features are switched on by default). For
example, check the following files:
TCP timestamps are defined in RFC1323.
TCP window scaling is also defined in RFC1323.
Select acknowledgments (SACKS).
Use sysctl to read or write variables of the
/proc file system. sysctl is
preferable to cat (for reading) and
echo (for writing), because it also reads settings
/etc/sysctl.conf and, thus, those settings
survive reboots reliably. With sysctl you can read all
variables and their values easily; as
root use the following
command to list TCP related settings:
sysctl -a | grep tcp
|Side-Effects of Tuning Network Variables|
Tuning network variables can affect other system resources such as CPU or memory use.
Before starting with network tuning, it is important to isolate network bottlenecks and network traffic patterns. There are some tools that can help you with detecting those bottlenecks.
The following tools can help analyzing your network traffic: netstat, tcpdump, and wireshark. Wireshark is a network traffic analyzer.
The Linux firewall and masquerading features are provided by the Netfilter kernel modules. This is a highly configurable rule based framework. If a rule matches a packet, Netfilter accepts or denies it or takes special action (“target”) as defined by rules such as address translation.
There are quite some properties, Netfilter is able to take into account. Thus, the more rules are defined, the longer packet processing may last. Also advanced connection tracking could be rather expensive and, thus, slowing down overall networking.
For more information, see the home page of the Netfilter and iptables project, http://www.netfilter.org
Eduardo Ciliendo, Takechika Kunimasa: “Linux Performance and Tuning Guidelines” (2007), esp. sections 1.5, 3.5, and 4.7: http://www.redbooks.ibm.com/redpapers/abstracts/redp4285.html
John Heffner, Matt Mathis: “Tuning TCP for Linux 2.4 and 2.6” (2006): http://www.psc.edu/networking/projects/tcptune/#Linux