TCP Tunable Parameters

tcp_deferred_ack_interval

Description

The time-out value for TCP delayed acknowledgment (ACK) timer in milliseconds.

Refer to RFC 1122, 4.2.3.2.

Default

100 milliseconds

Range

1 millisecond to 1 minute

Dynamic?

Yes

When to Change

Do not increase this value to more than 500 milliseconds.

If in some circumstances, slow network links (less than 57.6 Kbps) with greater than 512 bytes maximum segment size (MSS) when the interval is short for receiving more than one TCP segment, increase the value.

Commitment Level

Unstable

tcp_deferred_acks_max

Description

The maximum number of TCP segments (in units of maximum segment size MSS for individual connections) received before an acknowledgment (ACK) is generated. If set to 0 or 1, it means no delayed ACKs, assuming all segments are 1 MSS long.

Note that for remote destinations (not directly connected), the maximum number is fixed to 2, no matter what this parameter is set to. The actual number is dynamically calculated for each connection. The value is the default maximum.

Default

8

Range

0 to 16

Dynamic?

Yes

When to Change

Do not change the value. In some circumstances, when the network traffic becomes very bursty because of the delayed ACK effect, decrease the value. Do not decrease this value below 2.

Commitment Level

Unstable

tcp_wscale_always

Description

If set to 1, TCP always sends SYN segment with the window scale option, even if the option value is 0. Note that if TCP receives a SYN segment with the window scale option, even if the parameter is set to 0, TCP responds with a SYN segment with the window scale option, and the option value is set according to the receive window size.

Refer to RFC 1323 for the window scale option.

Default

0 (disabled)

Range

0 (disabled), 1 (enabled)

Dynamic?

Yes

When to Change

If you want the window scale option in a high-speed network configuration, enable it.

Commitment Level

Unstable

tcp_tstamp_always

Description

If set to 1, TCP always sends SYN segment with the timestamp option. Note that if TCP receives a SYN segment with the timestamp option, TCP responds with a SYN segment with the timestamp option even if the parameter is set to 0.

Default

0 (disabled)

Range

0 (disabled), 1 (enabled)

Dynamic?

Yes

When to Change

In summary, if an accurate measurement of round trip time (RTT) and TCP sequence number wraparound is a problem, enable it.

Refer to RFC 1323 for more reasons to enable this option.

Commitment Level

Unstable

tcp_xmit_hiwat

Description

The default send window size in bytes. Refer to the following discussion of per-route metrics for setting a different value on a per route basis. See tcp_max_buf also.

Default

16,384 bytes

Range

4096 to 1,073,741,824

Dynamic?

Yes

When to Change

Note that this is the default value. An application can use setsockopt(3SOCKET) SO_SNDBUF to change the individual connection's send buffer.

Commitment Level

Unstable

tcp_recv_hiwat

Description

The default receive window size in bytes. Refer to the following discussion of per-route metrics for setting a different value on a per-route basis. See tcp_recv_hiwat_minmss and tcp_max_buf also.

Default

24,576

Range

2048 to 1,073,741,824

Dynamic?

Yes

When to Change

Note that this is the default value. An application can use setsockopt(3SOCKET) SO_RCVBUF to change the individual connection's receive buffer.

Commitment Level

Unstable

tcp_max_buf

Description

The maximum buffer size in bytes. It controls how large the send and receive buffers are set to by an application using setsockopt(3SOCKET).

Default

1,048,576

Range

8192 to 1,073,741,824

Dynamic?

Yes

When to Change

If TCP connections are being made in a high-speed network environment, increase the value to match the network link speed.

Commitment Level

Unstable

tcp_cwnd_max

Description

The maximum value of TCP congestion window (cwnd) in bytes.

Refer to RFC 1122 and RFC 2581 for more information on TCP congestion window.

Default

1,048,576

Range

128 to 1,073,741,824

Dynamic?

Yes

When to Change

This is the maximum value a TCP cwnd can grow to. Note that even if an application uses setsockopt(3SOCKET) to change the window size to a value higher than tcp_cwnd_max, the actual window used can never grow beyond tcp_cwnd_max. Thus, tcp_max_buf should be greater than tcp_cwnd_max in general.

Commitment Level

Unstable

tcp_slow_start_initial

Description

The maximum initial congestion window (cwnd) size in MSS of a TCP connection.

Refer to RFC 2414 on how initial congestion window size is calculated.

When to Change

This is the maximum value a TCP cwnd can grow to. Note that even if an application uses setsockopt(3SOCKET) to change the window size to a value higher than tcp_cwnd_max, the actual window used can never grow beyond tcp_cwnd_max. Thus, tcp_max_buf should be greater than tcp_cwnd_max in general.

Commitment Level

Unstable

Dynamic?

Yes

When to Change

Do not change the value.

If the initial cwnd size causes network congestion under special circumstances, decrease the value.

Commitment Level

Unstable

tcp_slow_start_after_idle

Description

The congestion window size in MSS of a TCP connection after it has been idled (no segment received) for a period of one retransmission timeout (RTO).

Refer to RFC 2414 for the calculation.

Default

4

Range

1 to 16,384

Dynamic?

Yes

When to Change

See tcp_slow_start_initial for more information.

Commitment Level

Unstable

tcp_sack_permitted

Description

If set to 2, TCP always sends SYN segment with the selective acknowledgment (SACK) permitted option. If TCP receives a SYN segment with a SACK-permitted option and this parameter is set to 1, TCP responds with a SACK-permitted option. If the parameter is set to 0, TCP does not send a SACK-permitted option, regardless of whether the incoming segment contains the SACK permitted option or not.

Refer to RFC 2018 for information on the SACK option.

Default

2 (active enabled)

Range

0 (disabled), 1 (passive enabled), 2 (active enabled)

Dynamic?

Yes

When to Change

SACK processing can improve TCP retransmission performance so it should be actively enabled. If, in some circumstances, the other side can be confused with the SACK option actively enabled, set the value to 1 so that SACK processing is enabled only when incoming connections allow SACK processing.

Commitment Level

Unstable

tcp_rev_src_routes

Description

If set to 0, TCP does not reverse the IP source routing option for incoming connections for security reasons. If set to 1, TCP does the normal reverse source routing.

Default

0 (disabled)

Range

0 (disabled), 1 (enabled)

Dynamic?

Yes

When to Change

If IP source routing is needed for diagnostic purposes, enable it.

Commitment Level

Unstable

tcp_time_wait_interval

Description

The time in milliseconds a TCP connection stays in TIME-WAIT state.

Refer to RFC 1122, 4.2.2.13 for more information.

Default

4 minutes

Range

1 second to 10 minutes

Dynamic?

Yes

When to Change

On a busy web server, there can be too many TCP connections in TIME-WAIT state, consuming too much memory. In this situation, you can decrease the value for performance reasons. Do not set the value lower than 60 seconds.

Refer to RFC 1122, 4.2.2.13 for more information.

Commitment Level

Unstable

tcp_conn_req_max_q

Description

The default maximum number of pending TCP connections for a TCP listener waiting to be accepted by accept(3SOCKET). See also tcp_conn_req_max_q0.

Default

128

Range

1 to 4,294,967,296

Dynamic?

Yes

When to Change

For applications such as web servers that might receive several connection requests, the default value might be increased to match the incoming rate.

Do not increase the parameter to a very large value. The pending TCP connections can consume excessive memory. And if an application is not fast enough to handle that many connection requests in a timely fashion because the number of pending TCP connections is too large, new incoming requests might be denied.

Note that increasing tcp_conn_req_max_q does not mean that applications can have that many pending TCP connections. Applications can use listen(3SOCKET) to change the maximum number of pending TCP connections for each socket. This parameter is the maximum an application can use listen() to set the number to. This means that even if this parameter is set to a very large value, the actual maximum number for a socket might be much less than tcp_conn_req_max_q, depending on the value used in listen().

Commitment Level

Unstable

tcp_conn_req_max_q0

Description

The default maximum number of incomplete (three-way handshake not yet finished) pending TCP connections for a TCP listener.

Refer to RFC 793 for more information on TCP three-way handshake. See also tcp_conn_req_max_q.

Default

1024

Range

0 to 4,294,967,296

Dynamic?

Yes

When to Change

For applications, such as web servers that might receive excessive connection requests, you can increase the default value to match the incoming rate.

The following explains the relationship between tcp_conn_req_max_q0 and the maximum number of pending connections for each socket.

When a connection request is received, TCP first checks if the number (N) of pending TCP connections (three-way handshake is done) waiting to be accepted exceeds the maximum for the listener. If the connections are excessive, the request is denied. If the number of connections is allowable, then TCP checks if the number of incomplete pending TCP connections exceeds the sum of N and tcp_conn_req_max_q0. If it does not, the request is accepted. Otherwise, the oldest incomplete pending TCP request is dropped.

Commitment Level

Unstable

tcp_conn_req_min

Description

The default minimum value of the maximum number of pending TCP connection requests for a listener waiting to be accepted. This is the lowest maximum value of listen(3SOCKET) an application can use.

Default

1

Range

1 to 1024

Dynamic?

Yes

When to Change

This can be a solution for applications that use listen(3SOCKET) to set the maximum number of pending TCP connections to a value too low. Increase the value to match the incoming connection request rate.

Commitment Level

Unstable

TCP Parameters Set in the /etc/system File

These parameters can be set only in the /etc/system file. After the file is modified, reboot the system.

The following entry sets tcp_conn_hash_size:

set tcp:tcp_conn_hash_size=1024

tcp_conn_hash_size

Description

Controls the hash table size in the TCP module for all TCP connections.

Data Type

Signed integer

Default

512

Range

512 to 1,073,741,824

Implicit

The value should be a power of 2.

Dynamic?

No. The parameter can only be changed at boot time.

Validation

If you set the parameter to a value that is not a power of 2, it is rounded up to the nearest power of 2.

When to Change

If the system consistently has tens of thousands of TCP connections, increase the value accordingly. With the default value, TCP performs well up to a few thousand active connections. Note that increasing the hash table size means more memory consumption so set an appropriate value to avoid wasting memory unnecessarily.

Commitment Level

Unstable

ipc_tcp_conn_hash_size

Description

Controls the hash table size in an IP module for all active (in ESTABLISHED state) TCP connections.

Data Type

Unsigned integer

Default

512

Range

512 to 2,147,483,648

Implicit

It should be a power of two.

Dynamic?

No. This parameter can only be changed at boot time.

Validation

If you set the parameter to a value that is not a power of 2, it is rounded up to the nearest power of two.

When to Change

If the system consistently has tens of thousands of active TCP connections, increase the value accordingly. With the default value, the system performs well up to a few thousand active connections. Note that increasing the hash table size means more memory consumption so set an appropriate value to avoid wasting memory unnecessarily.

Commitment Level

Unstable

TCP Parameters With Additional Cautions

Changing the following parameters is not recommended unless there are extenuating circumstances that are described with each parameter.

tcp_ip_abort_interval

Description

The default total retransmission timeout value for a TCP connection in milliseconds. For a given TCP connection, if TCP has been retransmitting for tcp_ip_abort_interval period of time and it has not received any acknowledgment from the other endpoint during this period, TCP closes this connection.

For TCP retransmission timeout (RTO) calculation, refer to RFC 1122, 4.2.3. See also tcp_rexmit_interval_max.

Default

8 minutes

Range

500 millisecond to 1193 hours

Dynamic?

Yes

When to Change

Do not change this value. See tcp_rexmit_interval_max for exceptions.

Commitment Level

Unstable

tcp_rexmit_interval_initial

Description

The default initial retransmission timeout (RTO) value for a TCP connection in milliseconds. Refer to the following discussion of per route metrics for setting a different value on a per-route basis.

Default

3 seconds

Range

1 millisecond to 20 seconds

Dynamic?

Yes

When to Change

Do not change this value. Lowering the value can result in unnecessary retransmissions.

Commitment Level

Unstable

tcp_rexmit_interval_max

Description

The default maximum retransmission timeout value (RTO) in milliseconds. The calculated RTO for all TCP connections cannot exceed this value. See also tcp_ip_abort_interval.

Default

60 seconds

Range

1 millisecond to 20 seconds

Dynamic?

Yes

When to Change

Do not change the value in a normal network environment.

If in some special circumstances, the round trip time (RTT) for a connection is in the order of 10 seconds, you can change the value to a higher value. If you change this value, you should also change the tcp_ip_abort_interval parameter to match it. Change the value of tcp_ip_abort_interval to at least four times the value of tcp_rexmit_interval_max.

Commitment Level

Unstable

tcp_rexmit_interval_min

Description

The default minimum retransmission time-out (RTO) value in milliseconds. The calculated RTO for all TCP connections cannot be lower than this value. See also tcp_rexmit_interval_max.

Default

400 milliseconds

Range

1 millisecond to 20 seconds

Dynamic?

Yes

When to Change

Do not change the value in a normal network environment.

TCP's RTO calculation should be able to cope with most RTT fluctuations. If in some very special circumstances such that the round trip time (RTT) for a connection is in the order of 10 seconds, change to a higher value. If you change this value, you should change the tcp_rexmit_interval_max parameter to match it. You should change the value of tcp_rexmit_interval_max to at least eight times the value of tcp_rexmit_interval_min.

Commitment Level

Unstable

tcp_rexmit_interval_extra

Description

A constant added to the calculated retransmission time-out value (RTO) in milliseconds.

Default

0 milliseconds

Range

0 to 2 hours

Dynamic?

Yes

When to Change

Do not change the value.

When the RTO calculation fails to obtain a good value for a connection in some circumstances, you can change this value to avoid unnecessary retransmissions.

Commitment Level

Unstable

tcp_tstamp_if_wscale

Description

If this parameter is set to 1, and the window scale option is enabled for a connection, TCP also enables the timestamp option for that connection.

Default

1 (enabled)

Range

0 (disabled), 1 (enabled)

Dynamic?

Yes

When to Change

Do not change this value. In general, when TCP is used in high-speed network, protection against sequence number wraparound is essential, thus you need the timestamp option.

Commitment Level

Unstable

tcp_recv_hiwat_minmss

Description

Controls the default minimum receive window size. The minimum is tcp_recv_hiwat_minmss times the size of maximum segment size (MSS) of a connection.

Default

4

Range

1 to 65,536

Dynamic?

Yes

When to Change

Do not change the value. If changing it is necessary, do not change the value lower than 4.

Commitment Level

Unstable

tcp_compression_enabled

Description

If set to 1, protocol control blocks of TCP connections in TIME-WAIT state are compressed to reduce memory usage. If set to 0, no compression is done. See tcp_time_wait_interval also.

Default

1 (enabled)

Range

0 (disabled), 1 (enabled)

Dynamic?

Yes

When to Change

Do not turn off the compression mechanism.

Commitment Level

Unstable