====== TCP ======

Les machines sont puissantes, le réseau est rapide, et pourtant à partir d'un certain nombre de connexions TCP des erreurs apparaissent, comme ''too many open files''.

Sources:
  * https://klaver.it/linux/sysctl.conf
  * https://www.slashroot.in/linux-kernel-rpfilter-settings-reverse-path-filtering
  * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/

Les valeurs sont lisibles dans ''/proc/sys/net/ipv4/''

Sur les performances:
<code bash>
$ cat /etc/security/limits.d/nofile.conf

# debian 10.4 = 1024
* soft nofile 4096

$ cat /etc/sysctl.d/local.conf

# Increase number of incoming connections
# debian 10.4 = 128
net.core.somaxconn = 1024
# Increase number of incoming connections backlog
# debian 10.4 = 1000
net.core.netdev_max_backlog = 4096

# Decrease the time default value for tcp_fin_timeout connection
# debian 10.4 = 60
net.ipv4.tcp_fin_timeout = 15
# Decrease the time default value for connections to keep alive
# debian 10.4 = 7200
net.ipv4.tcp_keepalive_time = 300
# debian 10.4 = 9
net.ipv4.tcp_keepalive_probes = 5
# debian 10.4 = 75
net.ipv4.tcp_keepalive_intvl = 15

# try to reuse time-wait connections, but don't recycle them (recycle can break clients behind NAT)
# debian 10.4 No such file or directory
#net.ipv4.tcp_tw_recycle = 0
# # debian 10.4 = 2
net.ipv4.tcp_tw_reuse = 1

# Limit number of orphans, each orphan can eat up to 16M (max wmem) of unswappable memory
# debian 10.4 = 32768
net.ipv4.tcp_max_orphans = 16384
# debian 10.4 = 0
#net.ipv4.tcp_orphan_retries = 0

# How many times to retry killing an alive TCP connection
# debian 10.4 = 15
#net.ipv4.tcp_retries2 = 15
# debian 10.4 = 3
#net.ipv4.tcp_retries1 = 3

</code>


{{https://upload.wikimedia.org/wikipedia/commons/f/f6/Tcp_state_diagram_fixed_new.svg}}