Lines Matching +full:layer +full:- +full:primary
1 .. SPDX-License-Identifier: GPL-2.0
10 ip_forward - BOOLEAN
11 - 0 - disabled (default)
12 - not 0 - enabled
20 ip_default_ttl - INTEGER
25 ip_no_pmtu_disc - INTEGER
27 fragmentation-required ICMP is received, the PMTU to this
38 accept fragmentation-needed errors if the underlying protocol
48 Possible values: 0-3
52 min_pmtu - INTEGER
53 default 552 - minimum Path MTU. Unless this is changed manually,
56 ip_forward_use_pmtu - BOOLEAN
60 You only need to enable this if you have user-space software
69 - 0 - disabled
70 - 1 - enabled
72 fwmark_reflect - BOOLEAN
73 Controls the fwmark of kernel-generated IPv4 reply packets that are not
80 fib_multipath_use_neigh - BOOLEAN
90 - 0 - disabled
91 - 1 - enabled
93 fib_multipath_hash_policy - INTEGER
97 Default: 0 (Layer 3)
101 - 0 - Layer 3
102 - 1 - Layer 4
103 - 2 - Layer 3 or inner Layer 3 if present
104 - 3 - Custom multipath hash. Fields used for multipath hash calculation
107 fib_multipath_hash_fields - UNSIGNED INTEGER
134 fib_multipath_hash_seed - UNSIGNED INTEGER
140 internal random-generated one.
142 The actual hashing algorithm is not specified -- there is no guarantee
148 fib_sync_mem - UNSIGNED INTEGER
154 ip_forward_update_priority - INTEGER
157 according to an rt_tos2priority table (see e.g. man tc-prio).
163 - 0 - Do not update priority.
164 - 1 - Update priority.
166 route/max_size - INTEGER
176 neigh/default/gc_thresh1 - INTEGER
182 neigh/default/gc_thresh2 - INTEGER
189 neigh/default/gc_thresh3 - INTEGER
190 Maximum number of non-PERMANENT neighbor entries allowed. Increase
192 with large numbers of directly-connected peers.
196 neigh/default/unres_qlen_bytes - INTEGER
209 neigh/default/unres_qlen - INTEGER
222 neigh/default/interval_probe_time_ms - INTEGER
228 mtu_expires - INTEGER
231 min_adv_mss - INTEGER
235 fib_notify_on_flag_change - INTEGER
246 The notifications will indicate to user-space the state of the route.
252 - 0 - Do not emit notifications.
253 - 1 - Emit notifications.
254 - 2 - Emit notifications only for RTM_F_OFFLOAD_FAILED flag change.
258 ipfrag_high_thresh - LONG INTEGER
261 ipfrag_low_thresh - LONG INTEGER
262 (Obsolete since linux-4.17)
267 ipfrag_time - INTEGER
270 ipfrag_max_dist - INTEGER
271 ipfrag_max_dist is a non-negative integer value which defines the
278 is done on fragments before they are added to a reassembly queue - if
293 bc_forwarding - INTEGER
294 bc_forwarding enables the feature described in rfc1812#section-5.3.5.2
303 inet_peer_threshold - INTEGER
306 entries' time-to-live and time intervals between garbage collection
307 passes. More entries, less time-to-live, less GC interval.
309 inet_peer_minttl - INTEGER
310 Minimum time-to-live of entries. Should be enough to cover fragment
311 time-to-live on the reassembling side. This minimum time-to-live is
315 inet_peer_maxttl - INTEGER
316 Maximum time-to-live of entries. Unused entries will expire after
324 somaxconn - INTEGER
326 Defaults to 4096. (Was 128 before linux-5.4)
329 tcp_abort_on_overflow - BOOLEAN
337 tcp_adv_win_scale - INTEGER
338 Obsolete since linux-6.6
340 (if tcp_adv_win_scale > 0) or bytes-bytes/2^(-tcp_adv_win_scale),
343 Possible values are [-31, 31], inclusive.
347 tcp_allowed_congestion_control - STRING
348 Show/set the congestion control choices available to non-privileged
354 tcp_app_win - INTEGER
362 tcp_autocorking - BOOLEAN
373 tcp_available_congestion_control - STRING
378 tcp_base_mss - INTEGER
379 The initial value of search_low to be used by the packetization layer
383 tcp_mtu_probe_floor - INTEGER
389 tcp_min_snd_mss - INTEGER
398 tcp_congestion_control - STRING
408 tcp_dsack - BOOLEAN
411 tcp_early_retrans - INTEGER
413 losses into fast recovery (draft-ietf-tcpm-rack). Note that
418 - 0 disables TLP
419 - 3 or 4 enables TLP
423 tcp_ecn - INTEGER
442 tcp_ecn_fallback - BOOLEAN
444 back to non-ECN. Currently, this knob implements the fallback
452 tcp_fack - BOOLEAN
455 tcp_fin_timeout - INTEGER
459 valid "receive only" state for an un-orphaned connection, an
467 tcp_frto - INTEGER
468 Enables Forward RTO-Recovery (F-RTO) defined in RFC5682.
469 F-RTO is an enhanced recovery algorithm for TCP retransmission
471 RTT fluctuates (e.g., wireless). F-RTO is sender-side only
474 By default it's enabled with a non-zero value. 0 disables F-RTO.
476 tcp_fwmark_accept - BOOLEAN
487 tcp_invalid_ratelimit - INTEGER
492 (a) out-of-window sequence number,
493 (b) out-of-window acknowledgment number, or
497 a buggy or malicious middlebox or man-in-the-middle can
503 Using 0 disables rate-limiting of dupacks in response to
509 tcp_keepalive_time - INTEGER
513 tcp_keepalive_probes - INTEGER
517 tcp_keepalive_intvl - INTEGER
523 tcp_l3mdev_accept - BOOLEAN
533 tcp_low_latency - BOOLEAN
536 tcp_max_orphans - INTEGER
548 tcp_max_syn_backlog - INTEGER
552 This is a per-listener limit.
562 tcp_max_tw_buckets - INTEGER
564 If this number is exceeded time-wait socket is immediately destroyed
570 tcp_mem - vector of 3 INTEGERs: min, pressure, max
584 tcp_min_rtt_wlen - INTEGER
591 Possible values: 0 - 86400 (1 day)
595 tcp_moderate_rcvbuf - BOOLEAN
596 If set, TCP performs receive buffer auto-tuning, attempting to
601 tcp_mtu_probing - INTEGER
602 Controls TCP Packetization-Layer Path MTU Discovery. Takes three
605 - 0 - Disabled
606 - 1 - Disabled by default, enabled when an ICMP black hole detected
607 - 2 - Always enabled, use initial MSS of tcp_base_mss.
609 tcp_probe_interval - UNSIGNED INTEGER
610 Controls how often to start TCP Packetization-Layer Path MTU
614 tcp_probe_threshold - INTEGER
615 Controls when TCP Packetization-Layer Path MTU Discovery probing
619 tcp_no_metrics_save - BOOLEAN
627 tcp_no_ssthresh_metrics_save - BOOLEAN
632 tcp_orphan_retries - INTEGER
643 tcp_recovery - INTEGER
659 tcp_reflect_tos - BOOLEAN
669 tcp_reordering - INTEGER
676 tcp_max_reordering - INTEGER
683 tcp_retrans_collapse - BOOLEAN
684 Bug-to-bug compatibility with some broken printers.
688 tcp_retries1 - INTEGER
691 and reports this suspicion to the network layer.
697 tcp_retries2 - INTEGER
712 tcp_rfc1337 - BOOLEAN
719 tcp_rmem - vector of 3 INTEGERs: min, default, max
738 tcp_sack - BOOLEAN
741 tcp_comp_sack_delay_ns - LONG INTEGER
748 tcp_comp_sack_slack_ns - LONG INTEGER
756 tcp_comp_sack_nr - INTEGER
762 tcp_backlog_ack_defer - BOOLEAN
769 tcp_slow_start_after_idle - BOOLEAN
777 tcp_stdurg - BOOLEAN
784 tcp_synack_retries - INTEGER
791 tcp_syncookies - INTEGER
816 tcp_migrate_req - BOOLEAN
818 the initial SYN packet is received during the three-way handshake.
819 When a listener is closed, in-flight request sockets during the
841 tcp_fastopen - INTEGER
852 the option value being the length of the syn-data backlog.
860 application before 3-way handshake finishes.
863 0x200 (server) accept data-in-SYN w/o any cookie option present.
873 tcp_fastopen_blackhole_timeout_sec - INTEGER
877 get detected right after Fastopen is re-enabled and will reset to
883 tcp_fastopen_key - list of comma separated 32-digit hexadecimal INTEGERs
884 The list consists of a primary key and an optional backup key. The
885 primary key is used for both creating and validating cookies, while the
889 A randomly chosen primary key may be configured by the kernel if
894 per-socket keys will be used instead of any keys that are specified via
897 A key is specified as 4 8-digit hexadecimal integers which are separated
898 by a '-' as: xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx. Leading zeros may be
899 omitted. A primary and a backup key may be specified by separating them
900 by a comma. If only one key is specified, it becomes the primary key and
903 tcp_syn_retries - INTEGER
911 tcp_timestamps - INTEGER
914 - 0: Disabled.
915 - 1: Enable timestamps as defined in RFC1323 and use random offset for
917 - 2: Like 1, but without random offsets.
921 tcp_min_tso_segs - INTEGER
924 Since linux-3.12, TCP does an automatic sizing of TSO frames,
932 tcp_tso_rtt_log - INTEGER
935 Starting from linux-5.18, TCP autosizing can be tweaked
941 tso_packet_size = sk->sk_pacing_rate / 1024;
955 tcp_pacing_ss_ratio - INTEGER
956 sk->sk_pacing_rate is set by TCP stack using a ratio applied
964 tcp_pacing_ca_ratio - INTEGER
965 sk->sk_pacing_rate is set by TCP stack using a ratio applied
972 tcp_syn_linear_timeouts - INTEGER
982 tcp_tso_win_divisor - INTEGER
990 tcp_tw_reuse - INTEGER
991 Enable reuse of TIME-WAIT sockets for new connections when it is
994 - 0 - disable
995 - 1 - global enable
996 - 2 - enable for loopback traffic only
1003 tcp_tw_reuse_delay - UNSIGNED INTEGER
1004 The delay in milliseconds before a TIME-WAIT socket can be reused by a
1005 new connection, if TIME-WAIT socket reuse is enabled. The actual reuse
1017 tcp_window_scaling - BOOLEAN
1020 tcp_shrink_window - BOOLEAN
1027 - 0 - Disabled. The window is never shrunk.
1028 - 1 - Enabled. The window is shrunk when necessary to remain within
1030 This only occurs if a non-zero receive window
1035 tcp_wmem - vector of 3 INTEGERs: min, default, max
1056 tcp_notsent_lowat - UNSIGNED INTEGER
1069 tcp_workaround_signed_windows - BOOLEAN
1077 tcp_thin_linear_timeouts - BOOLEAN
1084 non-aggressive thin streams, often found to be time-dependent.
1086 Documentation/networking/tcp-thin.rst
1090 tcp_limit_output_bytes - INTEGER
1102 tcp_challenge_ack_limit - INTEGER
1104 in RFC 5961 (Improving TCP's Robustness to Blind In-Window Attacks)
1110 tcp_ehash_entries - INTEGER
1117 tcp_child_ehash_entries - INTEGER
1135 Possible values: 0, 2^n (n: 0 - 24 (16Mi))
1139 tcp_plb_enabled - BOOLEAN
1150 field, and currently no-op for IPv4 headers. It is possible
1163 tcp_plb_idle_rehash_rounds - INTEGER
1169 Possible Values: 0 - 31
1173 tcp_plb_rehash_rounds - INTEGER
1180 Possible Values: 0 - 31
1184 tcp_plb_suspend_rto_sec - INTEGER
1192 Possible Values: 0 - 255
1196 tcp_plb_cong_thresh - INTEGER
1201 The 0-1 fraction range is mapped to 0-256 range to avoid floating
1210 Possible Values: 0 - 256
1214 tcp_pingpong_thresh - INTEGER
1217 "ping-pong" (request-response) connection for which delayed
1223 Possible Values: 1 - 255
1227 tcp_rto_min_us - INTEGER
1236 Possible Values: 1 - INT_MAX
1243 udp_l3mdev_accept - BOOLEAN
1252 udp_mem - vector of 3 INTEGERs: min, pressure, max
1263 udp_rmem_min - INTEGER
1270 udp_wmem_min - INTEGER
1273 udp_hash_entries - INTEGER
1280 udp_child_ehash_entries - INTEGER
1295 Possible values: 0, 2^n (n: 7 (128) - 16 (64K))
1303 raw_l3mdev_accept - BOOLEAN
1315 cipso_cache_enable - BOOLEAN
1324 cipso_cache_bucket_size - INTEGER
1334 cipso_rbm_optfmt - BOOLEAN
1338 categories in order to make the packet data 32-bit aligned.
1342 cipso_rbm_structvalid - BOOLEAN
1355 ip_local_port_range - 2 INTEGERS
1364 ip_local_reserved_ports - list of comma separated ranges
1365 Specify the ports which are reserved for known third-party
1371 list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
1397 ip_unprivileged_port_start - INTEGER
1398 This is a per-namespace sysctl. It defines the first
1406 ip_nonlocal_bind - BOOLEAN
1407 If set, allows processes to bind() to non-local IP addresses,
1408 which can be quite useful - but may break some applications.
1412 ip_autobind_reuse - BOOLEAN
1421 ip_dynaddr - INTEGER
1422 If set non-zero, enables support for dynamic addresses.
1423 If set to a non-zero value larger than 1, a kernel log
1429 ip_early_demux - BOOLEAN
1439 ping_group_range - 2 INTEGERS
1446 tcp_early_demux - BOOLEAN
1451 udp_early_demux - BOOLEAN
1457 icmp_echo_ignore_all - BOOLEAN
1458 If set non-zero, then the kernel will ignore all ICMP ECHO
1463 icmp_echo_enable_probe - BOOLEAN
1469 icmp_echo_ignore_broadcasts - BOOLEAN
1470 If set non-zero, then the kernel will ignore all ICMP ECHO and
1475 icmp_ratelimit - INTEGER
1485 icmp_msgs_per_sec - INTEGER
1493 icmp_msgs_burst - INTEGER
1500 icmp_ratemask - INTEGER
1527 icmp_ignore_bogus_error_responses - BOOLEAN
1535 icmp_errors_use_inbound_ifaddr - BOOLEAN
1537 If zero, icmp error messages are sent with the primary address of
1540 If non-zero, the message will be sent with the primary address of
1546 Note that if no primary address exists for the interface selected,
1547 then the primary address of the first non-loopback interface that
1552 igmp_max_memberships - INTEGER
1564 M = 65536-sizeof (ip header)/(sizeof(Group record))
1569 (65536-24) / 12 = 5459
1574 igmp_max_msf - INTEGER
1580 igmp_qrv - INTEGER
1587 force_igmp_version - INTEGER
1588 - 0 - (default) No enforcement of a IGMP version, IGMPv1/v2 fallback
1591 - 1 - Enforce to use IGMP version 1. Will also reply IGMPv1 report if
1593 - 2 - Enforce to use IGMP version 2. Will fallback to IGMPv1 if receive
1595 - 3 - Enforce to use IGMP version 3. The same react with default 0.
1611 log_martians - BOOLEAN
1617 accept_redirects - BOOLEAN
1621 - both conf/{all,interface}/accept_redirects are TRUE in the case
1626 - at least one of conf/{all,interface}/accept_redirects is TRUE in the
1633 - TRUE (host)
1634 - FALSE (router)
1636 forwarding - BOOLEAN
1640 mc_forwarding - BOOLEAN
1646 medium_id - INTEGER
1651 to its medium, value of -1 means that medium is not known.
1657 proxy_arp - BOOLEAN
1664 proxy_arp_pvlan - BOOLEAN
1682 Hewlett-Packard call it Source-Port filtering or port-isolation.
1683 Ericsson call it MAC-Forced Forwarding (RFC Draft).
1685 proxy_delay - INTEGER
1693 shared_media - BOOLEAN
1703 secure_redirects - BOOLEAN
1716 send_redirects - BOOLEAN
1725 bootp_relay - BOOLEAN
1736 accept_source_route - BOOLEAN
1743 - TRUE (router)
1744 - FALSE (host)
1746 accept_local - BOOLEAN
1752 route_localnet - BOOLEAN
1758 rp_filter - INTEGER
1759 - 0 - No source validation.
1760 - 1 - Strict mode as defined in RFC3704 Strict Reverse Path
1764 - 2 - Loose mode as defined in RFC3704 Loose Reverse Path
1779 src_valid_mark - BOOLEAN
1780 - 0 - The fwmark of the packet is not included in reverse path
1785 - 1 - The fwmark of the packet is included in reverse path route
1798 arp_filter - BOOLEAN
1799 - 1 - Allows you to have multiple network interfaces on the same
1806 - 0 - (default) The kernel can respond to arp requests with addresses
1810 particular interfaces. Only for more complex setups like load-
1817 arp_announce - INTEGER
1822 - 0 - (default) Use any local address, configured on any interface
1823 - 1 - Try to avoid local addresses that are not in the target's
1832 - 2 - Always use the best local address for this target.
1836 for primary IP addresses on all our subnets on the outgoing
1849 arp_ignore - INTEGER
1853 - 0 - (default): reply for any local target IP address, configured
1855 - 1 - reply only if the target IP address is local address
1857 - 2 - reply only if the target IP address is local address
1860 - 3 - do not reply for local addresses configured with scope host,
1862 - 4-7 - reserved
1863 - 8 - do not reply for all local addresses
1868 arp_notify - BOOLEAN
1877 arp_accept - INTEGER
1881 - 0 - don't create new entries in the ARP table
1882 - 1 - create new entries in the ARP table
1883 - 2 - create new entries only if the source IP address is in the same
1894 arp_evict_nocarrier - BOOLEAN
1900 - 1 - (default): Clear the ARP cache on NOCARRIER events
1901 - 0 - Do not clear ARP cache on NOCARRIER events
1903 mcast_solicit - INTEGER
1908 ucast_solicit - INTEGER
1912 app_solicit - INTEGER
1917 mcast_resolicit - INTEGER
1921 disable_policy - BOOLEAN
1924 disable_xfrm - BOOLEAN
1927 igmpv2_unsolicited_report_interval - INTEGER
1933 igmpv3_unsolicited_report_interval - INTEGER
1939 ignore_routes_with_linkdown - BOOLEAN
1942 promote_secondaries - BOOLEAN
1943 When a primary IP address is removed from this interface
1947 drop_unicast_in_l2_multicast - BOOLEAN
1948 Drop any unicast IP packets that are received in link-layer
1956 drop_gratuitous_arp - BOOLEAN
1964 tag - INTEGER
1969 xfrm4_gc_thresh - INTEGER
1970 (Obsolete since linux-4.14)
1975 igmp_link_local_mcast_reports - BOOLEAN
1986 - Andi Kleen
1988 - Nicolas Delon
2000 bindv6only - BOOLEAN
2005 - TRUE: disable IPv4-mapped address feature
2006 - FALSE: enable IPv4-mapped address feature
2010 flowlabel_consistency - BOOLEAN
2015 - TRUE: enabled
2016 - FALSE: disabled
2020 auto_flowlabels - INTEGER
2039 flowlabel_state_ranges - BOOLEAN
2040 Split the flow label number space into two ranges. 0-0x7FFFF is
2041 reserved for the IPv6 flow manager facility, 0x80000-0xFFFFF
2044 - TRUE: enabled
2045 - FALSE: disabled
2049 flowlabel_reflect - INTEGER
2053 https://tools.ietf.org/html/draft-wang-6man-flow-label-reflection-01
2057 - 1: enabled for established flows
2060 in "tcp: change IPv6 flow-label upon receiving spurious retransmission"
2063 - 2: enabled for TCP RESET packets (no active listener)
2067 - 4: enabled for ICMPv6 echo reply messages.
2071 fib_multipath_hash_policy - INTEGER
2074 Default: 0 (Layer 3)
2078 - 0 - Layer 3 (source and destination addresses plus flow label)
2079 - 1 - Layer 4 (standard 5-tuple)
2080 - 2 - Layer 3 or inner Layer 3 if present
2081 - 3 - Custom multipath hash. Fields used for multipath hash calculation
2084 fib_multipath_hash_fields - UNSIGNED INTEGER
2111 anycast_src_echo_reply - BOOLEAN
2115 - TRUE: enabled
2116 - FALSE: disabled
2120 idgen_delay - INTEGER
2127 idgen_retries - INTEGER
2133 mld_qrv - INTEGER
2140 max_dst_opts_number - INTEGER
2141 Maximum number of non-padding TLVs allowed in a Destination
2148 max_hbh_opts_number - INTEGER
2149 Maximum number of non-padding TLVs allowed in a Hop-by-Hop
2156 max_dst_opts_length - INTEGER
2162 max_hbh_length - INTEGER
2163 Maximum length allowed for a Hop-by-Hop options extension
2168 skip_notify_on_dev_down - BOOLEAN
2177 nexthop_compat_mode - BOOLEAN
2188 Note that as a backward-compatible mode, dumping of modern features
2195 fib_notify_on_flag_change - INTEGER
2206 The notifications will indicate to user-space the state of the route.
2212 - 0 - Do not emit notifications.
2213 - 1 - Emit notifications.
2214 - 2 - Emit notifications only for RTM_F_OFFLOAD_FAILED flag change.
2216 ioam6_id - INTEGER
2224 ioam6_id_wide - LONG INTEGER
2235 ip6frag_high_thresh - INTEGER
2241 ip6frag_low_thresh - INTEGER
2244 ip6frag_time - INTEGER
2248 Change the interface-specific default settings.
2254 Change all the interface-specific settings.
2258 conf/all/disable_ipv6 - BOOLEAN
2260 setting and also all per-interface ``disable_ipv6`` settings to the same
2268 conf/all/forwarding - BOOLEAN
2279 proxy_ndp - BOOLEAN
2282 fwmark_reflect - BOOLEAN
2283 Controls the fwmark of kernel-generated IPv6 reply packets that are not
2296 accept_ra - INTEGER
2315 - enabled if local forwarding is disabled.
2316 - disabled if local forwarding is enabled.
2318 accept_ra_defrtr - BOOLEAN
2323 - enabled if accept_ra is enabled.
2324 - disabled if accept_ra is disabled.
2326 ra_defrtr_metric - UNSIGNED INTEGER
2336 accept_ra_from_local - BOOLEAN
2337 Accept RA with source-address that is found on local machine
2340 Default is to NOT accept these as it may be an un-intended
2345 - enabled if accept_ra_from_local is enabled
2347 - disabled if accept_ra_from_local is disabled
2350 accept_ra_min_hop_limit - INTEGER
2358 accept_ra_min_lft - INTEGER
2366 accept_ra_pinfo - BOOLEAN
2371 - enabled if accept_ra is enabled.
2372 - disabled if accept_ra is disabled.
2374 ra_honor_pio_life - BOOLEAN
2379 - If enabled, the PIO valid lifetime will always be honored.
2380 - If disabled, RFC4862 section 5.5.3e is used to determine
2385 ra_honor_pio_pflag - BOOLEAN
2386 The Prefix Information Option P-flag indicates the network can
2387 allocate a unique IPv6 prefix per client using DHCPv6-PD.
2388 This sysctl can be enabled when a userspace DHCPv6-PD client
2389 is running to cause the P-flag to take effect: i.e. the
2390 P-flag suppresses any effects of the A-flag within the same
2393 - If disabled, the P-flag is ignored.
2394 - If enabled, the P-flag will disable SLAAC autoconfiguration
2399 accept_ra_rt_info_min_plen - INTEGER
2408 * -1 if accept_ra_rtr_pref is disabled.
2410 accept_ra_rt_info_max_plen - INTEGER
2419 * -1 if accept_ra_rtr_pref is disabled.
2421 accept_ra_rtr_pref - BOOLEAN
2426 - enabled if accept_ra is enabled.
2427 - disabled if accept_ra is disabled.
2429 accept_ra_mtu - BOOLEAN
2435 - enabled if accept_ra is enabled.
2436 - disabled if accept_ra is disabled.
2438 accept_redirects - BOOLEAN
2443 - enabled if local forwarding is disabled.
2444 - disabled if local forwarding is enabled.
2446 accept_source_route - INTEGER
2449 - >= 0: Accept only routing header type 2.
2450 - < 0: Do not accept routing header.
2454 autoconf - BOOLEAN
2460 - enabled if accept_ra_pinfo is enabled.
2461 - disabled if accept_ra_pinfo is disabled.
2463 dad_transmits - INTEGER
2468 forwarding - INTEGER
2469 Configure interface-specific Host/Router behaviour.
2478 - 0 Forwarding disabled
2479 - 1 Forwarding enabled
2505 hop_limit - INTEGER
2510 mtu - INTEGER
2515 ip_nonlocal_bind - BOOLEAN
2516 If set, allows processes to bind() to non-local IPv6 addresses,
2517 which can be quite useful - but may break some applications.
2521 router_probe_interval - INTEGER
2527 router_solicitation_delay - INTEGER
2533 router_solicitation_interval - INTEGER
2538 router_solicitations - INTEGER
2544 use_oif_addrs_only - BOOLEAN
2551 use_tempaddr - INTEGER
2563 * -1 (for point-to-point devices and loopback devices)
2565 temp_valid_lft - INTEGER
2567 minimum required lifetime (typically 5-7 seconds), temporary addresses
2572 temp_prefered_lft - INTEGER
2575 5-7 seconds), the preferred lifetime is the minimum required. If
2581 keep_addr_on_down - INTEGER
2591 max_desync_factor - INTEGER
2599 regen_min_advance - INTEGER
2609 regen_max_retry - INTEGER
2615 max_addresses - INTEGER
2623 disable_ipv6 - BOOLEAN
2625 will be dynamically set to TRUE if DAD fails for the link-local
2631 it will dynamically create a link-local address on the given
2639 accept_dad - INTEGER
2645 2 Enable DAD, and disable IPv6 operation if MAC-based duplicate
2646 link-local address has been found.
2652 force_tllao - BOOLEAN
2653 Enable sending the target link-layer address option even when
2658 Quoting from RFC 2461, section 4.4, Target link-layer address:
2664 omitted since the sender of the solicitation has the correct link-
2665 layer address; otherwise it would not have be able to send the unicast
2666 solicitation in the first place. However, including the link-layer
2668 race condition where the sender deletes the cached link-layer address
2671 ndisc_notify - BOOLEAN
2674 * 0 - (default): do nothing
2675 * 1 - Generate unsolicited neighbour advertisements when device is brought
2678 ndisc_tclass - INTEGER
2686 * 0 - (default)
2688 ndisc_evict_nocarrier - BOOLEAN
2694 - 1 - (default): Clear neighbor discover cache on NOCARRIER events.
2695 - 0 - Do not clear neighbor discovery cache on NOCARRIER events.
2697 mldv1_unsolicited_report_interval - INTEGER
2703 mldv2_unsolicited_report_interval - INTEGER
2709 force_mld_version - INTEGER
2710 * 0 - (default) No enforcement of a MLD version, MLDv1 fallback allowed
2711 * 1 - Enforce to use MLD version 1
2712 * 2 - Enforce to use MLD version 2
2714 suppress_frag_ndisc - INTEGER
2718 * 1 - (default) discard fragmented neighbor discovery packets
2719 * 0 - allow fragmented neighbor discovery packets
2721 optimistic_dad - BOOLEAN
2731 use_optimistic - BOOLEAN
2743 stable_secret - IPv6 address
2745 addresses for link-local addresses and autoconfigured
2748 addrgenmode ip-link. conf/default/stable_secret is used as the
2757 addr_gen_mode - INTEGER
2758 Defines how link-local and autoconf addresses are generated.
2762 1 do no generate a link-local address, use EUI64 for addresses
2769 drop_unicast_in_l2_multicast - BOOLEAN
2770 Drop any unicast IPv6 packets that are received in link-layer
2775 drop_unsolicited_na - BOOLEAN
2782 accept_untracked_na - INTEGER
2786 - 0 - (default) Do not accept unsolicited and untracked neighbor
2789 - 1 - Add a new neighbor cache entry in STALE state for routers on
2791 with target link-layer address option specified if no neighbor entry
2796 This is as per router-side behavior documented in RFC9131.
2800 This will optimize the return path for the initial off-link
2802 ensuring that the first-hop router which turns on this setting doesn't
2803 have to buffer the initial return packets to do neighbor-solicitation.
2809 - 2 - Extend option (1) to add a new neighbor cache entry only if the
2813 enhanced_dad - BOOLEAN
2826 ratelimit - INTEGER
2834 ratemask - list of comma separated ranges
2839 list of ranges (e.g. "0-127,129" for ICMPv6 message type 0 to 127 and
2843 Refer to: https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml
2847 Default: 0-1,3-127 (rate limit ICMPv6 errors except Packet Too Big)
2849 echo_ignore_all - BOOLEAN
2850 If set non-zero, then the kernel will ignore all ICMP ECHO
2855 echo_ignore_multicast - BOOLEAN
2856 If set non-zero, then the kernel will ignore all ICMP ECHO
2861 echo_ignore_anycast - BOOLEAN
2862 If set non-zero, then the kernel will ignore all ICMP ECHO
2867 error_anycast_as_unicast - BOOLEAN
2874 xfrm6_gc_thresh - INTEGER
2875 (Obsolete since linux-4.14)
2883 YOSHIFUJI Hideaki / USAGI Project <yoshfuji@linux-ipv6.org>
2889 bridge-nf-call-arptables - BOOLEAN
2890 - 1 : pass bridged ARP traffic to arptables' FORWARD chain.
2891 - 0 : disable this.
2895 bridge-nf-call-iptables - BOOLEAN
2896 - 1 : pass bridged IPv4 traffic to iptables' chains.
2897 - 0 : disable this.
2901 bridge-nf-call-ip6tables - BOOLEAN
2902 - 1 : pass bridged IPv6 traffic to ip6tables' chains.
2903 - 0 : disable this.
2907 bridge-nf-filter-vlan-tagged - BOOLEAN
2908 - 1 : pass bridged vlan-tagged ARP/IP/IPv6 traffic to {arp,ip,ip6}tables.
2909 - 0 : disable this.
2913 bridge-nf-filter-pppoe-tagged - BOOLEAN
2914 - 1 : pass bridged pppoe-tagged IP/IPv6 traffic to {ip,ip6}tables.
2915 - 0 : disable this.
2919 bridge-nf-pass-vlan-input-dev - BOOLEAN
2920 - 1: if bridge-nf-filter-vlan-tagged is enabled, try to find a vlan
2922 vlan. This allows use of e.g. "iptables -i br0.1" and makes the
2923 REDIRECT target work with vlan-on-top-of-bridge interfaces. When no
2927 - 0: disable bridge netfilter vlan interface lookup.
2934 addip_enable - BOOLEAN
2936 (ADD-IP) functionality specified in RFC5061. This extension provides
2946 pf_enable - INTEGER
2956 https://datatracker.ietf.org/doc/draft-ietf-tsvwg-sctp-failover for
2965 pf_expose - INTEGER
2970 SCTP_ADDR_PF state will be sent and a SCTP_PF-state transport info
2973 SCTP_PF state and a SCTP_PF-state transport info can be got via
2975 SCTP_PEER_ADDR_CHANGE event will be sent and it returns -EACCES when
2976 trying to get a SCTP_PF-state transport info via SCTP_GET_PEER_ADDR_INFO
2987 addip_noauth_enable - BOOLEAN
2988 Dynamic Address Reconfiguration (ADD-IP) requires the use of
2993 allowing the ADD-IP extension. For reasons of interoperability,
2998 1 Allow ADD-IP extension to be used without authentication. This
3007 auth_enable - BOOLEAN
3011 (ADD-IP) extension.
3013 - 1: Enable this extension.
3014 - 0: Disable this extension.
3018 prsctp_enable - BOOLEAN
3022 - 1: Enable extension
3023 - 0: Disable
3027 max_burst - INTEGER
3033 association_max_retrans - INTEGER
3040 max_init_retransmits - INTEGER
3041 The maximum number of retransmissions of INIT and COOKIE-ECHO chunks
3047 path_max_retrans - INTEGER
3055 pf_retrans - INTEGER
3063 http://www.ietf.org/id/draft-nishida-tsvwg-sctp-failover-05.txt
3071 ps_retrans - INTEGER
3072 Primary.Switchover.Max.Retrans (PSMR), it's a tunable parameter coming
3073 from section-5 "Primary Path Switchover" in rfc7829. The primary path
3075 the old primary path exceeds PSMR, so that "the SCTP sender is allowed
3077 primary destination address becomes active again". Note this feature
3083 rto_initial - INTEGER
3090 rto_max - INTEGER
3096 rto_min - INTEGER
3102 hb_interval - INTEGER
3109 sack_timeout - INTEGER
3115 valid_cookie_life - INTEGER
3121 cookie_preserve_enable - BOOLEAN
3125 - 1: Enable cookie lifetime extension.
3126 - 0: Disable
3130 cookie_hmac_alg - STRING
3132 a listening sctp socket to a connecting client in the INIT-ACK chunk.
3146 rcvbuf_policy - INTEGER
3157 - 1: rcvbuf space is per association
3158 - 0: rcvbuf space is per socket
3162 sndbuf_policy - INTEGER
3165 - 1: Send buffer is tracked per association
3166 - 0: Send buffer is tracked per socket.
3170 sctp_mem - vector of 3 INTEGERs: min, pressure, max
3183 sctp_rmem - vector of 3 INTEGERs: min, default, max
3193 sctp_wmem - vector of 3 INTEGERs: min, default, max
3203 addr_scope_policy - INTEGER
3204 Control IPv4 address scoping - draft-stewart-tsvwg-sctp-ipv4-00
3206 - 0 - Disable IPv4 address scoping
3207 - 1 - Enable IPv4 address scoping
3208 - 2 - Follow draft but allow IPv4 private addresses
3209 - 3 - Follow draft but allow IPv4 link local addresses
3213 udp_port - INTEGER
3215 using the IANA-assigned UDP port number 9899 (sctp-tunneling).
3217 This UDP sock is used for processing the incoming UDP-encapsulated
3223 for the outgoing UDP-encapsulated SCTP packets. For the dest port,
3228 encap_port - INTEGER
3232 outgoing UDP-encapsulated SCTP packets by default. Users can also
3244 plpmtud_probe_interval - INTEGER
3256 reconf_enable - BOOLEAN
3262 - 1: Enable extension.
3263 - 0: Disable extension.
3267 intl_enable - BOOLEAN
3270 messages sent on different streams. With this feature enabled, I-DATA
3276 - 1: Enable extension.
3277 - 0: Disable extension.
3281 ecn_enable - BOOLEAN
3293 l3mdev_accept - BOOLEAN
3306 Please see: Documentation/admin-guide/sysctl/net.rst for descriptions of these entries.
3312 max_dgram_qlen - INTEGER