From 5f4ad12d3af4146ce1da613704ee87838a235f98 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Thu, 11 Jan 2024 11:13:02 +0100
Subject: [PATCH] Add sysctl.d conf in openmptcprouter package

---
 .../files/etc/sysctl.d/openmptcprouter.conf   | 63 +++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 openmptcprouter/files/etc/sysctl.d/openmptcprouter.conf

diff --git a/openmptcprouter/files/etc/sysctl.d/openmptcprouter.conf b/openmptcprouter/files/etc/sysctl.d/openmptcprouter.conf
new file mode 100644
index 000000000..584db2854
--- /dev/null
+++ b/openmptcprouter/files/etc/sysctl.d/openmptcprouter.conf
@@ -0,0 +1,63 @@
+# local sysctl settings can be stored in this directory
+# max open files
+fs.file-max = 512000
+# max read buffer
+net.core.rmem_max = 16777216
+# max write buffer
+net.core.wmem_max = 16777216
+#net.core.optmem_max = 33554432
+# default read buffer
+net.core.rmem_default = 16777216
+# default write buffer
+net.core.wmem_default = 16777216
+# max processor input queue
+net.core.netdev_max_backlog = 8192
+# max backlog
+net.core.somaxconn = 8192
+
+# resist SYN flood attacks
+net.ipv4.tcp_syncookies = 1
+# reuse timewait sockets when safe
+net.ipv4.tcp_tw_reuse = 1
+# turn off fast timewait sockets recycling
+#net.ipv4.tcp_tw_recycle = 0
+# short FIN timeout
+#net.ipv4.tcp_fin_timeout = 60
+# increase max orphans
+net.ipv4.tcp_max_orphans = 16384
+# short keepalive time
+#net.ipv4.tcp_keepalive_time = 2400
+# outbound port range
+net.ipv4.ip_local_port_range = 9999 65000
+# max SYN backlog
+net.ipv4.tcp_max_syn_backlog = 10240
+# max timewait sockets held by system simultaneously
+net.ipv4.tcp_max_tw_buckets = 10000
+# turn on TCP Fast Open on both client and server side
+#net.ipv4.tcp_fastopen = 3
+# TCP receive buffer
+net.ipv4.tcp_rmem = 4096 87380 16777216
+# TCP write buffer
+net.ipv4.tcp_wmem = 4096 87380 16777216
+# TCP buffer
+net.ipv4.tcp_mem = 1638400 1638400 1638400
+# UDP buffer
+net.ipv4.udp_mem = 4096 131072 67108864
+# turn off path MTU discovery
+net.ipv4.tcp_mtu_probing = 0
+
+# for low-latency network, use cubic instead
+# net.ipv4.tcp_congestion_control = balia
+
+# Default conntrack is too small
+net.netfilter.nf_conntrack_max = 131072
+
+net.ipv4.conf.all.ignore_routes_with_linkdown = 1
+net.ipv4.conf.default.ignore_routes_with_linkdown = 1
+
+net.ipv4.tcp_ecn = 2
+#net.ipv4.tcp_sack = 0
+#net.ipv4.tcp_dsack = 0
+#net.ipv4.tcp_fack = 0
+net.ipv4.tcp_slow_start_after_idle = 0
+net.ipv4.route.gc_timeout = 150
\ No newline at end of file