no Command

Edit online

Purpose

Manages the tuning parameters of the network.

Syntax

no [ -p | -r [ -K ] ] { -o Tunable [ = NewValue ] }

no [ -p | -r [ -K ] ] { -d Tunable }

no [ -p | -r [ -K ] ] { -D }

no [ -p | -r [ -K ] ] [ -F ] -a

no -h [ Tunable ]

no [ -F ] -L [ Tunable ]

no [ -F ] -x [ Tunable ]
Note: Multiple flags such as -o, -d, -x, and -L flags are allowed.

Description

The no command configures the tuning parameters of the network. The no command sets or displays the current or next boot values of the system for tuning parameters of the network. This command can make permanent changes or defer the changes until the next system restart. Whether the no command sets or displays a parameter determines the accompanying flag. The -o flag can display the value of a parameter or set a new value for a parameter. When you use the no command to modify a network option, it logs a message to the syslog by using the LOG_KERN facility.
Effect of changing the tunable parameters
The misuse of the no command can make your system inoperable.

For more information on modifying any tunable parameter and its purpose, see the characteristics of the tunable parameter in the Tunable parameters section.

Make sure that the Diagnosis and Tuning sections of the tunable parameter applies to your situation. Changing the value of the tunable parameter might improve the performance of your system.

If the Diagnosis and Tuning sections both contain N/A only, change the tunable parameter only when directed by AIX development.

Flags

Table 1. Flags
Item Description
-a Displays the current value, restart value, Live Update value, or permanent value for all the tunable parameters, one per line in pairs Tunable = Value. Restart value is displayed when you specify -a flag with the -r flag. Live update value is displayed when you specify with the -K flag. Permanent value is displayed when you specify with the -p flag. For the permanent options, a value is displayed for a parameter only if its restart and current values are equal. Otherwise, NONE is displayed as the value.
-d Tunable Resets the tuning value of the tunable variables to a default value. The tunable parameter remains the same. A warning message is displayed if the -r flag is not used in combination and the tunable parameter that must be changed is set to one of the following values:
  • The tuning value of the tunable parameter is not set to its default value and it is of the type Bosboot or Reboot.
  • The tunable parameter is of the type Incremental and must be changed from its default tuning value.
  • The tunable parameter is of the type Reboot and is supported throughout the Live Update operation.
-D Resets the tuning value of all the tunable parameters to their default value. The tunable parameter remains the same. A warning message is displayed if either the -p or -r flags are used in combination and the tunable parameter that must be changed is either of the following types:
  • The tunable parameter is of the type Bosboot or Reboot.
  • The tunable parameter is of the type Incremental and is changed from its default tuning value.
  • The tunable parameter is of the type Reboot and is supported throughout the Live Update operation.
-F Forces restricted tunable parameters to be displayed when you specify the -a, -L, or -x flag on the command line. If you do not specify the -F flag, restricted tunables are not included, unless they are named in association with a display option.
-h [ Tunable ] Displays the help information of the tunable parameter if specified. Otherwise, the -h flag displays the usage statement of the no command.
-K Sets the restart value to its default tuning value in both /etc/tunables/nextboot and /etc/tunables/nextliveupdate files. You can use the -K flag only with the -r flag.

When you specify the -K flag with the -r and -d, or -D flags, the restart value is set to its default tuning value only in the /etc/tunables/nextboot file. The /etc/tunables/nextliveupdate file is updated with the default restart value only if a nondefault tuning value is set for the tunable parameter for the next Live Update operation.
-L [ Tunable ] Lists the characteristics of one or all tunables parameters, one per line, by using the following format: 

NAME              CUR    DEF    BOOT   LVUP   MIN    MAX    UNIT       TYPE
 DEPENDENCIES 
---------------------------------------------------------------------
General Network 
Parameters 
---------------------------------------------------------------------
sockthresh        85     85     85     0      100    %_of_thewall  D
---------------------------------------------------------------------
fasttimo          200    200    200    50     200    millisecond   D
---------------------------------------------------------------------
inet_stack_size   16     16     16     1             kbyte         R
---------------------------------------------------------------------
... 
where: 
    CUR = current value 
    DEF = default tuning value 
    BOOT = reboot value 
    LVUP = Live Update value
    MIN = minimal value 
    MAX = maximum value 
    UNIT = tunable unit of measure 
    TYPE = parameter type the following command: D (for Dynamic), 
           S (for Static), R (for Reboot),B (for Bosboot), M (for Mount),
           I (for Incremental), C (for Connect), and d (for Deprecated) 
    DEPENDENCIES = list of dependent tunable parameters, one per line
-o Tunable [ = NewValue ] Displays or sets the value of a tunable parameter to a new value. The tunable parameter remains the same. A warning message is displayed if the -r flag is not used with the -o flag and the tunable parameter that must be changed is one of the following types:
  • The tunable parameter is of the type Bosboot or Reboot.
  • The tunable parameter is of the type Incremental and its current value is more than the specified value.
  • The tunable parameter is of the type Reboot and is supported throughout the Live Update operation.

When you specify the -r flag with the -o flag without a new value, the nextboot value for the Tunable is displayed. When you specify the -K flag with the -o flag without specifying a new value, the next Live Update value for the tunable parameter is displayed. When you specify the -p in combination without a new value, a value displays only if the current and next boot values for the tunable parameters are the same. Otherwise, NONE is displayed as the value.
-p Specifies that the changes apply to both current and restart values when you specify with the -o, -d or -D flag. The tunable parameter updates the /etc/tunables/nextboot file along with the current value. You cannot use these combinations on Reboot and Bosboot type of tunable parameters. The current value for Reboot and Bosboot type of tunable parameter cannot be changed.

When you specify -a or -o flag without specifying a new value, the values display only if the current and next boot values for a parameter are the same. Otherwise, NONE is displayed as the tunable value.
-r Makes changes that apply to Reboot parameter values when you use with the -o, -d, or -D flag. The -r flag updates the /etc/tunables/nextboot file. If any parameter of type Bosboot is changed, you are prompted to run the Bosboot command. When you use the -a or -o flag without specifying a new value, next boot values for tunables are displayed instead of current values. When you use -r flag with the -K flag, changes apply to both the /etc/tunables/nextboot and /etc/tunables/nextliveupdate files.
-x [ Tunable ] Lists characteristics of one or all tunables, one per line, by using the following spreadsheet format: 
tunable,current,default,reboot,liveupdate,min,max,unit,type,{dtunable } 

where: 
    current = current value 
    default = default tuning value 
    reboot = reboot value 
    liveupdate = Live Update value
    min = minimal value 
    max = maximum value 
    unit = tunable unit of measure 
    TYPE = parameter type the following command: D (for Dynamic), 
           S (for Static), R (for Reboot),B (for Bosboot), M (for Mount),
           I (for Incremental), C (for Connect), and d (for Deprecated) 
        dtunable = space separated list of dependent tunable parameters

If you modify a restricted tunable parameter by using the -o, -d, or -D flag, results in a warning message. The warning message states that a tunable parameter of the restricted-use type is modified. If you specify the -r or -p flag on the command line, you are prompted for confirmation of the change of the restricted parameter. At system restart, the presence of restricted tunable parameter in the /etc/tunables/nextboot file is modified to a value that is different from their default value. The values are modified by using a command line that specifies the -r or -p flag. The modification of a restricted tunable parameter results in an error log entry that identifies the list of the modified tunable parameters.

A change with the -o,-d, or -D flags, to a tunable parameter of type Mount displays a warning message to the user. The warning message states that the change is effective only for future mountings.

A change with the -o, -d, or -D flag, to a tunable parameter of type connect, restarts the inetd command. A warning message is displayed that states that the change is effective only for future socket connections.

An attempt to change with the -o, -d, or -D flag, a tunable parameter of type Bosboot or Reboot without the -r flag, displays an error message.

An attempt to change with the -o, -d, or -D flag, but without the -r flag, the current value of a tunable parameter of type Incremental with a new value smaller than the current value, displays an error message.

Tunable Parameters

The tunable parameters that the tuning commands manipulate, such as no, nfso, vmo, ioo, schedo, and raso commands are classified into the following tunable parameter categories:
Table 2. Tunable parameters categories
Item Description
Dynamic Specifies whether the parameter can be changed at any time.
Static Specifies whether the parameter can never be changed.
Reboot Specifies whether the parameter can be changed during a restart.
Bosboot Specifies whether the parameter can be changed when you run the Bosboot command and restart the system.
Mount Specifies whether changes to the parameter are only effective for future file systems or directory mounts.
Incremental Specifies whether the parameter can be incremented, except at a boot time.
Connect Specifies whether changes to the parameter are only effective for future socket connections.
Deprecated Specifies whether the parameter cannot be changed and is no longer supported by the current release of AIX.
If the tunable parameter of type Bosboot is modified, the tuning command automatically prompts you if you want to run the bosboot command. For parameters of type Connect, the tuning commands automatically restart the inetd daemon if pre520tune is disabled.
Note: The current set of parameters that the no command manages, includes Reboot, Static, Dynamic, Incremental, and Connect types of tunable parameters.

For the default tuning values and range of values for the tunable parameters, refer no command help -h <tunable_parameter_name>.

The following table lists the tunable parameters along with the description:
Table 3. Tunable parameters
Item Description
arpqsize
Purpose
Specifies the maximum number of packets to queue while you await Address Resolution Protocol (ARP) responses.
Tuning
Ethernet, 802.3, Token Ring and FDDI interfaces supports the arpqsize attribute.
arpt_killc
Purpose
Specifies the time in minutes before a complete ARP entry is deleted.
Tuning
To reduce ARP activity in a stable network, you can increase the arpt_killc.
arptab_bsiz
Purpose
Specifies the bucket size of the Address Resolution Protocol (ARP) table.
Tuning
The netstat -p arp command shows the number of ARP packets that are sent and the number of ARP entries that are purged from the ARP table. If large number of entries are purged, the ARP table size must be increased. Use arp -a to show the ARP table-hashing distribution.
arptab_nb
Purpose
Specifies the number of ARP table buckets.
Tuning
The netstat -p arp command shows the number of ARP packets that are sent and the number of ARP entries that are purged from the ARP table. If large number of entries are purged, the ARP table size must be increased. Use arp -a to show the ARP table-hashing distribution. Increase this value for systems that have many clients or servers. The default tuning value provides for 149 x 7 = 1043 ARP entries, but assumes an even hash distribution.
bcastping
Purpose
Allows response to Internet Control Message Protocol (ICMP) echo packets to the broadcast address.
Tuning
A tuning value of 0 disables bcastping tunable parameter and a tuning value on 1 enables bcastping parameter. The default is to not respond to echo packets to a broadcast address. The default tuning value prevents broadcast storms on the network that can result when multiple systems respond to a broadcast address.
start of changebpf_perfend of change
Purpose

Enables or disables the usage of read-write lock for parallel writes in Berkeley Packet Filter (BPF) buffers. BPF kernel extension is used by the tcpdump command and other third-party tool to capture packets, filter, and security to read the network packets from user space by using the libpcap user space library.

Tuning
If you disable this option, BPF uses simple_lock kernel service to process packets. If you enable this option, BPF uses read-write lock instead of simple_lock that helps in better performance of multi queue-supported network device drivers. The default tuning value is 1.
clean_partial_conns
Purpose
Specifies whether SYN attacks are avoided. If nonzero, clean_partial_conns tunable parameter specifies how many partial connections to be removed randomly to make room for new nonattack connections.
Tuning
A tuning value of 0 disables the clean_partial_conns tunable parameter. Turn on clean_partial_conns tunable parameter for servers that need to be protected against the network attacks.
delayack
Purpose
Delays the acknowledgments (ACKs) for certain TCP packets and attempts to piggyback them with the next packet sent instead.
Tuning
Complete this action only for connections whose destination port is specified in the list of the delayackports attribute. This action can be used to increase the performance during a communication with an HTTP Server by reducing the total number of packets sent. The delayack tunable parameter has one of the following four values:
0
No delays, normal operation
1
Delays the ACK for the Synchronize sequence number (SYN) of the server.
2
Delays the ACK for the FIN of the server
3
Delays both the ACKs for the SYN and FIN of the server.
delayackports
Purpose
Specifies the list of destination ports for which the operation that the delayack port option defines is completed.
Tuning

The attribute takes a maximum of 10 ports, which are separated by commas and enclosed in curly braces. For example, no -o delayackports={80,30080}.

To clear the list, set the option delayackports={}.
dgd_flush_cached_route
Purpose
Flushes the cached routes of sockets when Dead Gateway Detection (DGD) detects a previous dead gateway back online. The connections are forced to reacquire the route before you send the data.
Tuning
A tuning value of 1 enables the DGD to flush the cached routes. A tuning value of 0 disables the DGD.
dgd_packets_lost
Purpose
Specifies how many consecutive packets must be lost before DGD decides that a gateway is down.
dgd_ping_time
Purpose
Specifies the seconds that must pass between pings of a gateway by Active DGD.
dgd_retry_time
Purpose
Specifies the minutes a cost of the route must remain raised when a passive DGD raises. After this many minutes pass, the cost of the route is restored to its user-configured value. The unit that is specified is in numbers.
directed_broadcast
Purpose
Specifies whether a directed broadcast to a gateway must be allowed or not.
Tuning
A tuning value of 1 allows packets to be directed to a gateway that must be broadcast on a network on the other side of the gateway.
fasttimo
Purpose
Sets the millisecond delay for the TCP fast timeout timer. This timeout controls how often the system scans the TCP control blocks to send delayed acknowledgments.
Tuning
Reducing this timer value improves the performance with some non-IBM systems. However, this parameter can result in slightly increased system usage.
hstcp
Purpose
Enables the High-speed TCP as specified in Request for Comments (RFC) 3649. The hstcp tunable parameter modifies the congestion control mechanism for use with TCP connections with large congestion windows to improve the average throughput.
Tuning
A tuning value of 1 enables the High-speed TCP enhancements on a system-wide scale. A tuning value of 0 disables it.
icmp6_errmsg_rate
Purpose
Specifies the higher limit for the number of ICMP v6 error messages that can be sent per second. The icmp6_errmsg_rate parameter prevents excessive bandwidth usage by ICMP v6 error messages.
icmpaddressmask
Purpose
Specifies whether the system responds to an ICMP address mask request.
Tuning
If the tuning value is 0, the network silently ignores any ICMP address mask request that it receives.
icmptimestamp
Purpose
Specifies whether the system responds to an ICMP timestamp request.
Tuning
If the tuning value is 0, the network ignores any ICMP timestamp request that it receives.
ie5_old_multicast_mapping
Purpose
Specifies IP multicasts on token ring that must be mapped to the broadcast address rather than a functional address when you use a tuning value 1.
ifstat32
Purpose
Enables or disables the 32-bit statistics. By default, the ifstat32 tunable parameter is disabled. If the ifstat32 tunable parameter is enabled, it updates 32-bit statistics. Some applications might use 32-bit interface counters.
Tuning
A tuning value of 0 disables it and a tuning value of 1 enables it.
ifsize
Purpose
Specifies the maximum number of network interface structures per interface of a single type. This limit does not apply to ethernet interface structures for which the infrastructure expands dynamically to handle any number of ethernet interface structures.
Tuning
The ifsize tunable parameter must be large on systems that support hot plug adapters and on Dynamic Logical Partitioning (DLPAR) configurations, as you can add adapters as required. The static interface table must be large enough to accept the large number of adapters that are added for this system or partition. At system restart, if more adapters of a type are present than that is allowed by the current value of the ifsize tunable parameter, the system automatically increases the tuning value. Increasing the tuning value supports the number of adapters present.
ip6_defttl
Purpose
Specifies the default hop count that is used for Internet Protocol Version 6 (IPv6) packets if no other hop count is specified.
ip6_prune
Purpose
Specifies how often to check the IPv6 routing table for expired routes, in seconds.
ip6forwarding
Purpose
Specifies whether the kernel must forward the IPv6 packets.
Tuning
The default tuning value of 0 prevents forwarding of IPv6 packets when they are not for the local systems. A tuning value of 1 enables forwarding of IPv6 packets.
ip6srcrouteforward
Purpose
Specifies whether the system forwards source-routed IPv6 packets.
Tuning
A tuning value of 1 allows the forwarding of source-routed packets. A tuning value of 0 causes all source-routed packets that are not at their destinations to be discarded.
start of changeip_id_rfc6864end of change start of change
Purpose
Specifies whether the IP identifier must be generated according to the RFC 6864 schema. The RFC 6864 schema explains how to use a constant IP identifier for atomic datagrams and generate unique identifiers for non atomic datagrams. The use of the ip_id_rfc6864 tunable parameter helps you to avoid the use of atomic operation in the data path and provides performance improvement in certain environments.
Tuning
The default tuning value of ip_id_rfc6864 tunable parameter is 1, which generates the IP identifier according to the RFC 6864 schema. A tuning value of 0 generates the IP identifier for every atomic and non atomic datagrams.
end of change
ip_ifdelete_notify
Purpose
Specifies when an interface address is deleted. The existing TCP connections that are bound locally to the interface address and are deleted must be notified with error ENETDOWN.
Tuning
Existing FTP or Telnet connections are disconnected when the ENETDOWN error is returned.
ip_ifdelete_no_retrans
Purpose
Specifies when an interface address is deleted, the existing TCP connections that are bound locally to the interface address must not retransmit data.
Tuning
No further retransmission of data occurs over the existing SSH connections.
ip_nfrag
Purpose
Specifies the maximum number of fragments of an IP packet that can be kept on the IP reassembly queue at a time.
ipforwarding
Purpose
Specifies whether the kernel must forward packets.
Tuning
Set the tuning value of the ipforwarding tunable parameter to 1, if the system is acting as an IP router.
ipfragttl
Purpose
Specifies the time to live for IP fragments in half-seconds.
Tuning
Check for fragments that dropped after timeout netstat -p ip command. If the tuning value of IP or the fragments that are dropped after timeout are nonzero, it can increase the ipfragttl parameter and reduce retransmissions.
ipignoreredirects
Purpose
Specifies whether to process redirects that are received.
Tuning
A tuning value of 0 processes redirects as usual. A tuning value of 1 ignores redirects.
ipqmaxlen
Purpose
Specifies the number of received packets that can be queued on the IP protocol input queue.
Tuning
Examine if the ipintrq overflows netstat -s or use crash to access IP input queue overflow counter. Increase size if system is using many loopback sessions. Most operating system network drivers call IP directly and do not use the IP queue. Increasing the ipqmaxlen tunable parameter on these devices has no effect.
ipoutqueues
Purpose
Specifies whether to queue User Datagram Protocol (UDP) packets that are sent over IPv4. A separate kernel thread handles UDP packets.
Tuning
The default tuning value is 0 and it specifies the UDP to transmit the packet immediately without queuing. A tuning value that is a nonzero value specifies the number of queues you must create and use. For example, to create a single queue that is used by the UDP, enter the following command: 
no -o ipoutqueues=1
ipsendredirects
Purpose
Specifies whether the kernel must send redirect signals.
Tuning
This parameter is a configuration decision with performance consequences.
ipsrcrouteforward
Purpose
Specifies whether the system forwards source-routed packets.
Tuning
The default tuning value of 1 allows the forwarding of source-routed packets. A tuning value of 0 causes all source-routed packets that are not at their destinations to be discarded.
ipsrcrouterecv
Purpose
Specifies whether the system accepts source-routed packets.
Tuning
The default tuning value of 0 causes all source-routed packets that are destined for this system to be discarded. A tuning value of 1 allows source-routed packets to be received.
ipsrcroutesend
Purpose
Specifies whether applications can send source-routed packets.
Tuning
The default tuning value of 1 allows source-routed packets to be sent. A tuning value of 0 causes the setsockopt() command to return an error if an application attempts to set the source routing option. In addition, it removes any source routing options from the outgoing packets.
limited_ss
Purpose
Enables the Limited SlowStart as specified in RFC 3742. This option limits the number of segments by which the congestion window is increased for one window during a slow-start. This enhancement improves the performance for TCP connections with large congestion windows.
Tuning
A tuning value that ranges from 1 to 100 enables the Limited SlowStart enhancements on a system-wide scale and sets it as the number of segments to the value of the maximum SlowStart threshold. A tuning value of 0 disables it. The default tuning value is 0.
llsleep_timeout
Purpose
Specifies timeout value in seconds for link local timeouts, which is used when multi_homed=1.
lo_perf
Purpose
Specifies whether you want to use a separate queue per CPU to improve loopback performance.
Tuning
A tuning value of 1 enables a separate queue per CPU. A tuning value of 0 disables this option.
lowthresh
Purpose
Specifies the maximum number of bytes that can be allocated by using the allocb call for the BPRI_LO priority.
Tuning
When the total amount of memory that is allocated by the net_malloc call reaches this threshold, the allocb request for the BPRI_LO priority returns 0. The lowthresh attribute represents a percentage of the thewall attribute and you can set its tuning value that ranges from 0 to 100.
main_if6
Purpose
Specifies the interface that is used to link the local addresses.
main_site6
Purpose
Specifies the interface that is used for routing the site local address.
maxnip6q
Purpose
Specifies the maximum number of IPv6 packet reassembly queues.
maxttl
Purpose
Specifies the time to live in seconds for Routing Information Protocol (RIP) packets.
medthresh
Purpose
Specifies the maximum number of bytes that can be allocated by using the allocb call for the BPRI_MED priority.
Tuning
When the total amount of memory that is allocated by the net_malloc call reaches this threshold, the allocb request for the BPRI_MED priority returns 0. The medthresh attribute represents a percentage of the thewall attribute. A typical set of 95 represents 95% of thewall attribute.
mpr_policy
Purpose
Specifies the policy that you must use for multipath routing.
Tuning
The following policies are the available multipath routing policies:
Weighted Round-Robin (1)
The policy is applied based on the user-configured weights that are assigned to the multiple routes through the route command. If no weights are configured, it behaves identical to a plain round-robin policy.
Random (2)
Chooses a route at random.
Weighted Random (3)
Chooses a route that is based on user-configured weights and a randomization routine. The policy adds up the weights of all the routes and picks a random number between 0 and total weight. Each of the individual weights is removed from the total weight until this number is 0. This policy picks a route in the range of the total number of routes available.
Lowest Utilization (4)
Chooses a route with the minimum number of current connections that goes through it.
Hash-based (5)
Chooses a route by hashing based on the IP address of the destination.
multi_homed
Purpose
Specifies the level of multi-homed IPv6 host support.
Tuning
Perform the tuning for connections whose destination port is specified in the list of the delayackports parameter. This parameter can be used to increase performance when you communicate with an HTTP Server. The parameter has one of the four following values:
0
Indicates the original functions in AIX 4.3.
1
Indicates that the link local addresses are resolved by querying each interface for the link local address.
2
Indicates that link local addresses are examined for the interface that is defined by the main_if6 tunable parameter.
3
Indicates that link local addresses are examined for the interface that is defined by the main_if6 tunable parameter and site local addresses are routed to the main_site6 interface.
nbc_limit
Purpose
Specifies the total maximum amount of memory that can be used for the Network Buffer Cache.
Tuning
The nbc_limit tunable parameter is in the number of kbs. When the cache grows to this limit, the rarely used cache objects are flushed out of the cache to make room for the new ones.
nbc_max_cache
Purpose
Specifies the maximum size of the cache object that is allowed in the Network Buffer Cache without using the private segments.
Tuning
The nbc_max_cache tunable parameter is in the number of bytes. A data object that is bigger than the specified size is either cached in a private segment or is not cached at all.
nbc_min_cache
Purpose
Specifies the minimum size of the cache object that is allowed in the Network Buffer Cache.
Tuning
The nbc_min_cache tunable parameter is in the number of bytes. A data object that is smaller than the specified size is not put into the NBC. This attribute applies for send_file() command API and some web servers that use the get engine in the kernel.
nbc_ofile_hashsz
Purpose
Specifies the size of the hash table that is used for hashing cache objects in the Network Buffer Cache.
Tuning
This hash table size applies to only opened file entries, that is, entries that cache files from the file system. This tunable parameter resizes the hash table size that affects the hashing of the existing entries. You can modify it when the Network Buffer Cache is empty.
nbc_pseg
Purpose
Specifies the maximum number of private segments that can be created for the Network Buffer Cache.
Tuning
When you set this option to nonzero, a data object between the size that is specified in nbc_max_cache and the segment size (256 MB) is cached in a private segment. A data object that is bigger than the segment size is not cached. When the maximum number of private segments exist, cache data in private segments can be flushed for new cache data so that the number of private segments does not exceed the limit. When the tuning value of the nbc_pseg is set to 0, all cache in private segments is flushed.
nbc_pseg_limit
Purpose
Specifies the maximum amount of cached data size that is allowed in private segments in the Network Buffer Cache.
Tuning
The tuning value is expressed in kbs. As the data that is cached in private segments is pinned by the Network Buffer Cache, the nbc_pseg_limit tunable parameter controls the amount of pinned memory that is used for the Network Buffer Cache in addition to the network buffers in global segments. When the amount of cached data reaches this limit, private segments cache data can be flushed for new cache data so that the total pinned memory size does not exceed the limit. When the nbc_pseg_limit tunable parameter is set to 0, all cache in private segments is flushed.
ndd_event_name
Purpose
Specifies the list of interface names for the ns_alloc and ns_free events to be captured, when the trace of ns_alloc/ns_free events is enabled by setting the ndd_event_tracing option.
ndd_event_tracing
Purpose
Specifies the size of the ns_alloc/ns_free trace buffer.
Tuning
If the tuning value of this option is nonzero all the ns_alloc and ns_free events are traced in a kernel buffer. A tuning value of zero disables this event tracing. If the tuning values of ndd_event_tracing are larger than 1024, it allocates as many items in the kernel buffer for tracing.
ndp_mmaxtries
Purpose
Specifies the maximum number of Multicast NDP Neighbor Discovery Protocol (NDP) packets to send.
ndp_umaxtries
Purpose
Specifies the maximum number of Unicast NDP packets to send.
ndpqsize
Purpose
Specifies the number of packets to hold waiting on completion of an NDP entry that is used by IPv6.
ndpt_down
Purpose
Specifies the time, in half seconds, to hold down an NDP entry.
ndpt_keep
Purpose
Specifies the time, in half seconds, to keep an NDP entry.
ndpt_probe
Purpose
Specifies the time in half seconds to delay before the first NDP probe is sent.
ndpt_reachable
Purpose
Specifies the time, in half seconds, to test if an NDP entry is still valid.
ndpt_retrans
Purpose
Specifies the time, in half seconds, to wait before an NDP request is re transmitted.
net_buf_size
Purpose
Specifies a list of buffer sizes for the net_malloc and net_free events to be captured.
Tuning
The net_buf_size tunable parameters strings represent a list of sizes. If this attribute is not of value at all, only the net_malloc and net_free events of those sizes are captured. A tuning value of all means that the events of any size are captured.
net_buf_type
Purpose
Specifies a list of buffer types for net_malloc and net_free events to be captured.
Tuning
The net_buf_type tunable parameters string represents a list of types. If the string is not empty and different from all, only the net_malloc and net_free events of the specified type is captured.
net_malloc_frag_mask
Purpose
It is used as Boolean attribute for mask with each bucket that requests similar fragments to be promoted to full pages.
Tuning
Allows promotion of allocations smaller than 1 page to full pages for better detection of memory overwrite problems. It is a mask for each bucket size that requests such fragments to be promoted to full pages. Enabling this option for memory fragments results in less performance.
netm_page_promote
Purpose
Specifies whether to allow promotion of a fragment to page size.
Tuning
This option allows promotion of fragment sizes that are specified in the net_malloc_frag_mask tunable parameter to page size. Setting this option to 0, disables the page promotion irrespective of the sizes that are set in the net_malloc_frag_mask tunable parameter.
nonlocsrcroute
Purpose
Informs the IP that strictly source-routed packets can be addressed to hosts outside the local network.
Tuning
A tuning value of 0 disallows addressing to outside hosts. A tuning value of 1 allows packets to be addressed to outside hosts. This attribute does not affect the Loosely source-routed packets.
nstrpush
Purpose
Specifies the maximum number of modules that you can push onto a single stream. The minimum value is 8.
Tuning
This parameter is read-only. This attribute can be set when you load the operating system in the /etc/pse_tune.conf file.
passive_dgd
Purpose
Specifies whether Passive Dead Gateway Detection is enabled.
Tuning
A tuning value of 0 disables passive_dgd, and a value of 1 enables it for all gateways in use.
pmtu_default_age
Purpose
This option is now unused as UDP applications are now required to always set the IP_DONTFRAG socket option to be able to detect decreases in Path Media Transmission Unit (MTU).
Tuning
A tuning value of 0 allows no aging. The default tuning value is 10 minutes. The UDP applications can override the pmtu_default_age tuning value. The pmtu_default_age is a runtime attribute.
pmtu_expire
Purpose
Specifies the default amount of time in minutes before you delete the Path MTU (PMTU) entries with a reference count of zero.
Tuning
A tuning value of 0 suggests that the PMTU entries do not expire.
pmtu_rediscover_interval
Purpose
Specifies the default amount of time in minutes before the path MTU value for UDP and TCP paths are checked for a higher value.
Tuning
A tuning value of 0 allows no path MTU rediscovery.
psebufcalls
Purpose
Specifies the maximum number of bufcalls to allocate by Streams.
Tuning
The Stream subsystem allocates some bufcall structures at initialization, so that when the allocb call fails, the user can register their requests for the bufcall. You are not allowed to decrease this value until the system is restarted. During restart, the parameter returns to its default tuning value.
psecache
Purpose
Controls the number of stream buffers.
psetimers
Purpose
Specifies the maximum number of timers to allocate by Streams.
Tuning
The Stream subsystem allocates some timer structures at initialization so that the Streams driver or module can register their timeout calls. You are not allowed to decrease this value until the system is restarted. During restart, the parameter returns to its default tuning value.
ras_art
Purpose
Specifies the maximum amount of socket reliability, availability, and serviceability (RAS) artifacts that are maintained.
Tuning
The valid value of this tunable parameter ranges from 0 to 10000. The default tuning value is 200. A tuning value of 0 disables this tunable parameter.
rfc1122addrchk
Purpose
Performs address validation as specified by RFC1122, Requirements for Internet Hosts-Communication Layers.
Tuning
A tuning value of 0 does not perform address validation. A tuning value of 1 performs address validation.
rfc1323
Purpose
Enables TCP enhancements as specified by RFC 1323, TCP Extensions for high performance.
Tuning
A tuning value of 0 disables the RFC enhancements on a system-wide scale. A tuning value of 1 specifies that all TCP connections attempt to negotiate the RFC enhancements. The SOCKETS application can override the default behavior on individual TCP connections, by using the setsockopt subroutine. The rfc1323 network option can also be set on a per interface basis through the ifconfig command.
rfc2414
Purpose
Enables the increasing of TCPs initial window as described in RFC 2414.
Tuning
When the rfc2414 tunable parameter is turned on, the initial window depends on setting the tcp_init_window tunable parameter.
roce_v2_mode
Purpose
Enables RDMA over Converged Ethernet (RoCE) protocol mode. This tunable enables RoCE version 1 (RoCE v1) or RoCE version 2 in Open Fabrics enterprise Distribution (OFED) and device driver.
Tuning
The default tuning value of 0 enables RoCE v1 protocol mode, and a value of 1 enables RoCE v2 protocol mode.
route_expire
Purpose
Specifies whether the route expires.
Tuning
A tuning value of 0 allows no route expiration. Negative values are not allowed for this option.
routerevalidate
Purpose
Specifies that each cached route of a connection must be validated when a new route is added to the routing table.
Tuning
This option ensures that applications that keep the same connection open for long periods of time, for example, NFS, use the correct route after routing table changes occur. A tuning value of 0 does not revalidate the cached routes. Turning on this option can cause some performance degradation.
rto_high
Purpose
Specifies the TCP Retransmit Time out high value that is used in calculating factors, and the allowable maximum retransmits that is used in TCP data segment retransmits.
Tuning
The rto_high tunable parameter is the high factor.
rto_length
Purpose
Specifies the TCP Retransmit Time Out length value that is used in calculating factors, and the allowable maximum retransmits that is used in TCP data segment retransmits.
Tuning
The rto_length tunable parameter is the total number of time segments.
rto_limit
Purpose
Specifies the TCP Retransmit Time out limit value that is used in calculating factors, and the allowable maximum retransmits that is used in TCP data segment retransmits.
Tuning
The rto_limit tunable parameter is the number of time segments from the rto_low to rto_high tunable parameter.
rto_low
Purpose
Specifies the TCP Retransmit Time Out low value that is used in calculating factors, and the allowable maximum retransmits that is used in TCP data segment retransmits.
Tuning
The rto_low tunable parameter is the low factor.
sack
Purpose
Enables TCP Selective acknowledgment as described in RFC 2018.
Tuning
A tuning value of 1 makes all TCP connections negotiate sack. Default is zero, which disables the negotiation. The sack feature needs support from the peer TCP. The negotiation phase during connection initiation determines that. When out of order segments are received, Selective acknowledgment from the receiver informs the sender of the data that is received so that the sender can retransmit only the missing segments. This action results in less unnecessary retransmitted segments. The sack is useful for recovering fast from multiple packets drop in a window of data.
sb_max
Purpose
Specifies the maximum buffer size that is allowed for a TCP and UDP socket. Limits the setsockopt, udp_sendspace, udp_recvspace, tcp_sendspace, and tcp_recvspace tunable parameters.
Tuning
Increase the size, preferably to a multiple of 4096. Must be approximately two to four times the largest socket buffer limit.
send_file_duration
Purpose
Specifies the cache validation duration for all the file objects that the send_file system call accessed in the network buffer cache.
Tuning
This attribute is in the number of seconds. A tuning value of 0 means that the cache is validated for every access.
site6_index
Purpose
Specifies the maximum interface number for site local routing.
sockthresh
Purpose
Specifies the maximum amount of network memory that can be allocated for sockets. Used to prevent new sockets or TCP connections from exhausting all MBUF memory and reserve the remaining memory for the existing sockets or TCP connections.
Tuning
When the total amount of memory that is allocated by the net_malloc subroutine reaches the sockthresh threshold, the socket and socketpair system calls fail with an error of ENOBUFS. Incoming connection requests are silently discarded. Existing sockets can continue to use more memory. The sockthresh attribute represents a percentage of the thewall attribute.
sodebug
Purpose
Specifies whether the newly created sockets have SO_DEBUG flag on.
sodebug_env
Purpose
Specifies whether the SO_DEBUG process environment variable is checked for the newly created sockets. If checked, these sockets have the SO_DEBUG flag turned on.
somaxconn
Purpose
Specifies the maximum listen backlog.
Tuning
Increase this parameter on busy web servers to handle peak connection rates.
soreuseport_lb
Purpose
Specifies whether the SO_REUSEPORT socket option is enabled or disabled for the load balancing.
Tuning
This tunable parameter has the following values:
  • 1
    Enables the SO_REUSEPORT socket option.
    0
    Disables the SO_REUSEPORT socket option.
strctlsz
Purpose
Specifies the maximum number of bytes of information that a single system call can pass to a Stream to place into the control part of a message in an M_PROTO or M_PCPROTO block.
Tuning
The putmsg call with a control part that exceeds this size fails with ERANGE.
strmsgsz
Purpose
Specifies the maximum number of bytes of information that a single system call can pass to a Stream to place into the data part of a message in M_DATA blocks.
Tuning
Any write call that exceeds this size is broken into multiple messages. The putmsg call with a data part that exceeds this size fails with ERANGE.
strthresh
Purpose
Specifies the maximum number of bytes Streams are normally allowed to allocate.
Tuning
When the threshold is passed, the strthresh tunable parameter does not allow users without the appropriate privilege to open Streams, push modules, or write to Stream devices, and returns ENOSR. The threshold applies to the output and does not affect the data that comes into the system. For example, the console continues to work properly. A tuning value of 0 means that there is no threshold. The strthresh attribute represents a percentage of the thewall attribute. The thewall attribute indicates the maximum number of bytes that the Streams and Sockets can allocate by using the net_malloc call.
strturncnt
Purpose
Specifies the maximum number of requests that are handled by the current running thread for Module or Elsewhere level Streams synchronization.
Tuning
In a module level synchronization only one thread can run in the module at any time. All other threads that try to acquire the same module enqueues their requests and leave. After the current running thread completes its work, it dequeues all the previously enqueued requests one by one and runs them. If many requests are enqueued in the list, the current running thread must serve all the request and is always busy serving others and starves itself. To avoid this situation, the current running thread serves only the strturncnt number of threads after that a separate kernel thread activates and runs all the pending requests.
subnetsarelocal
Purpose
Specifies whether all subnets that match the subnet mask are to be considered local for purposes of establishing. For example, the TCP maximum segment size.
Tuning
This parameter is used by the in_localaddress subroutine. The default tuning value 1 specifies that addresses that match the local network mask are local. If the tuning value is 0, addresses that match the local subnetwork are local. This option is a configuration decision with performance consequences. If all the subnets do not have the same MTU, fragmentation at bridges can degrade performance. If the subnets do have the same MTU, and the subnetsarelocal tunable parameter is 0, the TCP sessions can use a small maximum segment size (MSS).
tcp_bad_port_limit
Purpose
Specifies the number of TCP segments to a port, which does not have a socket connection, within the time duration of half a second. TCP stops sending TCP reset segments in response after this time.
Tuning
If the tuning value is set to 0, the TCP indicates a bad port number error by sending TCP reset segments. A tuning value greater than 0 indicates the number of TCP segments that are received by a port. This does not have a socket connection, within the time duration of half a second before TCP stops sending TCP reset segments.
tcp_cubic
Purpose
Enables CUBIC, as specified in RFC 8312, by modifying the congestion control mechanism for TCP connections between networks that have large bandwidth to improve the average throughput.
Tuning
A tuning value of 1 enables the CUBIC TCP enhancements for all systems in the network. A tuning value of 0 disables it. The default tuning value is 0.
tcp_cwnd_modified
Purpose
Allows the TCP IP applications with specific socket options to adjust the network congestion window. This parameter might be used only in a specific wide area network (WAN) environment.
Tuning
The default tuning value of 0 disables the tuning parameter. With a tuning value of 1 you can adjust the network congestion window.
tcp_dss
Purpose
Enables or disables the dynamic socket buffer sizing functions. When enabled, TCP attempts to automatically update the send and receive buffers of the socket to improve bandwidth. If an application uses the setsockopt system call to set the TCP send or receive buffer, the dynamic socket buffer sizing is not performed for the particular connection.
Tuning
The default tuning value is 1 that enables the dynamic socket buffer sizing. A tuning value of 0 disables the dynamic socket buffer sizing.
tcp_dss_init_step
Purpose
Represents the multiples of the MSS segments that can be increased at once while the socket buffer size is adjusted. The tcp_dss_init_step tunable is used only if the tcp_dss tunable is enabled. The tcp_dss_init_step tunable parameter controls the increasing pace of buffer sizes and sets the initial step value for receive and send buffers, which are later incremented exponentially to achieve faster optimal size.
Tuning
The default tuning value is 16 and the valid tuning values range from 1-4096.
tcp_ecn
Purpose
Enables TCP level support for Explicit Congestion notification as described in RFC 2481.
Tuning
The default tuning value is off or 0. If the tuning parameter is turned on or if the tuning value is 1 makes all connections negotiate ECN capability with the peer. For this, you need support from the peer TCP and IP level ECN support from the routers in the path.
tcp_ephemeral_high
Purpose
Specifies the largest port number to allocate for TCP ephemeral ports.
Tuning
The number of ephemeral sockets is determined by the tcp_ephemeral_high tunable parameter minus tcp_ephemeral_low tunable parameter. For the maximum number of ephemeral sockets, set the tcp_ephemeral_high tunable parameter to 65535 and the tcp_ephemeral_low tunable parameter to 1024.
tcp_ephemeral_low
Purpose
Specifies the smallest port number to allocate for TCP ephemeral ports.
Tuning
The number of ephemeral sockets is determined by the tcp_ephemeral_high tunable parameter minus tcp_ephemeral_low tunable parameter. For the maximum number of ephemeral sockets, set the tcp_ephemeral_high tunable parameter to 65535 and the tcp_ephemeral_low tunable parameter to 1024.
tcp_fastlo
Purpose
Allows the TCP loopback traffic to cutoff the entire TCP/IP stack protocol and interface to achieve better performance.
Tuning
A tuning value of 1 enables the TCP loopback traffic to cutoff the entire TCP/IP stack. A tuning value of 0 disables this option.
tcp_finwait2
Purpose
Specifies the length of time to wait in the FIN_WAIT2 state before you close the connection, which is measured in half seconds.
tcp_icmpsecure
Purpose
Specifies whether ICMP attacks on TCP are avoided.
Tuning
This option must be turned on to protect TCP connections against ICMP attacks. The ICMP attacks might be the form of ICMP source quench attacks and Path MTU Discovery (PMTUD) attacks. If this network option is turned on, the system does not react to ICMP source quench messages. This option protects against ICMP source quench attacks. If this network option is enabled, the payload of the ICMP message is tested to determine whether the sequence number of the TCP header portion of the payload is within the range of acceptable sequence numbers. This option mitigates PMTUD attacks to a large extent.
tcp_init_window
Purpose
This option is used only when the rfc2414 or tcp_rfc6928 tunable parameter is turned on.
Tuning
  • If the rfc2414 tunable parameter is on and tcp_init_window tunable parameter value is zero, the initial window computation is done according to the rfc2414 tunable parameter.
  • If the tcp_rfc6928 tunable parameter is on and the value is zero, it overrides the value set by the rfc2414 tunable parameter. The initial window computation is done according to the rfc6928 tunable parameter.
  • If tcp_init_window tunable parameter value is not zero, the initial (congestion) window is initialized by several maximum sized segments equal to the value of the tcp_init_window tunable parameter.

Changing the value of the tcp_init_window tunable parameter allows you to tune the TCP slow start. This controls the number of TCP segments or packets outstanding before an ACK is received by changing the tcp_init_window option. For example, if you set the tcp_init_window tunable parameter tuning value to 6, allows 6 packets to be sent initially, instead of the normal 2 or 3 packets. A higher tuning value of the tcp_init_window tunable parameter speeds up the initial packet rate.
tcp_inpcb_hashtab_siz
Purpose
Specifies the size of the inpcb hash table for TCP connections.
Tuning
This table holds the inpcb needed for connection management and is implemented as a table of hash chains. A larger table means that the linked hash chains are smaller and less traversal time on the average but the memory footprint is larger. This value must be a prime number. This option impacts performance and must be used with extreme caution. Consult a performance analyst in case that it is felt that the value needs to be changed. The execution environment might have an influence on the value. It is encouraged to maintain the system-defined defaults as they tend to run optimally in most environments.
tcp_keepcnt
Purpose
Represents the number of keepalive probes that can be sent before you terminate the connection.
Note: You cannot modify the tcp_keepcnt tunable parameter with the -r flag.
tcp_keepidle
Purpose
Specifies the length of time to keep the connection active, measured in half seconds.
tcp_keepinit
Purpose
Sets the initial timeout value for a TCP connection, which is measured in half seconds.
tcp_keepintvl
Purpose
Specifies the interval, which is measured in half seconds, between packets that are sent to validate the connection.
Tuning
This option allows TCP to know that a connection is still valid and keep the connection open when it is otherwise idle. This option is a configuration decision with minimal performance consequences. No change is recommended. If the interval is shortened significantly, processing and bandwidth costs might become significant. For example, 150 half seconds results in 75 seconds between validation probes.
tcp_limited_transmit
Purpose
Enables the feature that enhances the loss recovery of the TCP as described in the RFC 3042.
Tuning
A tuning value of 1 enables this option and 0 disables the option.
tcp_low_rto
Purpose
Specifies the TCP retransmit timeout (RTO) in milliseconds for connections that are experiencing packet drops.
Tuning
A tick is 10 ms, one 100th of a second. The timer_wheel_tick tunable parameter must be set to nonzero value before the tcp_low_rto tunable parameter is set. The tcp_low_rto tunable parameter can be equal to zero or a multiple of ten times the tuning value of the timer_wheel_tick tunable parameter. This tunable parameter allows TCP to use smaller timeout values for packet timeout and retransmit on high-speed networks. The normal TCP retransmit timeout is 1.5 seconds.
tcp_maxburst
Purpose
Specifies the number of back-to-back packets that TCP can send before you allow those packets to be forwarded to their destination.
Tuning
This option can be useful if routers are unable to handle large bursts of TCP packets and are dropping some of them. A tuning value of 0 means no limitation for back-to-back packets before pausing.
tcp_maxqueuelen
Purpose
Specifies the maximum number of TCP segments that can be processed in the reassembly queue.
Tuning
The tuning value ranges from 0 to 32767. A tuning value of 0 means unlimited queue length. The default tuning value is 1000.
tcp_mssdflt
Purpose
Default maximum segment size that is used in communicating with remote networks.
Tuning
The tcp_mssdflt tunable parameter is only used if path MTU discovery is not enabled or path MTU discovery fails to discovery a path MTU. The tcp_mssdflt tunable parameter network option can also be set on a per interface basis. For more information, refer to documentation for ISNO options. Limiting data to (MTU - 40) bytes ensure that only full packets are sent wherever possible.
tcp_nagle_limit
Purpose
This parameter is the Nagle algorithm threshold in bytes, which can be used to disable Nagle.
Tuning
The default tuning value is the Nagle algorithm that is turned on. To disable the Nagle algorithm, set the tuning value to 0 or 1. The TCP disables Nagle algorithm for data segments larger than or equal to this threshold value.
tcp_nagleoverride
Purpose
Setting the tcp_nagle_limit tunable parameter turns off the Nagle algorithm system wide. Setting the tcp_nodelay tunable parameter for a socket turns off the Nagle algorithm for that specific connection. Setting the tcp_ nagleoverride tunable parameter disables the Nagle algorithm only for certain situations during the connection.
Tuning
The tuning value of 1 disables the Nagle algorithm only for certain TCP packets in a connection.
tcp_ndebug
Purpose
Specifies the number of tcp_debug structures.
tcp_newreno
Purpose
Modifies the Fast Recovery algorithm of the TCP as described in RFC 2582.
Tuning
This option fixes the limitation of the Fast Retransmit algorithm of TCP to recover fast from dropped packets when multiple packets in a window are dropped. The sack also achieves the same thing but the sack needs support from both ends of the TCP connection. The NewReno modification is only on the sender side.
tcp_nodelayack
Purpose
Turning on this parameter causes TCP to send immediate Ack packets to the sender. When the tcp_nodelayack tunable parameter is disabled, the TCP delays to send Ack packets by up to 200 ms. This option allows the Ack to be piggy-backed onto a response and minimizes system overload.
Tuning
This option can be used to overcome bugs in other implementations of the TCP Nagle algorithm. Setting this option to a tuning value of 1 causes slightly more system overload, but can result in higher performance for network transfers if the sender is waiting on the acknowledgment of the receiver.
tcp_pmtu_discover
Purpose
Enables or disables the path MTU discovery for TCP applications.
Tuning
A tuning value of 0 disables path MTU discovery for TCP applications. The tuning value of 1 enables it.
tcp_recvspace
Purpose
Specifies the default socket buffer size of the system for receiving data. This option affects the window size that is used by TCP.
Tuning
The optimum buffer size is the product of the media bandwidth and the average round-trip time of a packet. The tcp_recvspace tunable network option can be set on a per interface basis. For more information, refer to documentation on Interface Specific Network Options (ISNO). Most interfaces now have this tunable set in the ISNO defaults. The tcp_recvspace attribute must specify a socket buffer size less than or equal to the setting of the sb_max attribute.
tcp_rfc6928
Purpose
Specifies the setting of the TCP initial window size as described in the RFC 6928. The tuning value of the tcp_rfc6928 tunable parameter is initially set to at least ten segments, which helps in long-distance communication and in limited packet rate applications. When enabled, this option overrides the value set by the rfc2414 tunable.
Tuning
The default tuning value is 1 that enables the tcp_rfc6928 tunable parameter. A tuning value of 0 disables the tcp_rfc6928 tunable parameter.
tcp_sendspace
Purpose
Specifies the default socket buffer size of the system for sending data.
Tuning
The optimum buffer size is the product of the media bandwidth and the average round-trip time of a packet, optimum_window=bandwidth * average_round_trip_time. The tcp_sendspace network option can also be set on a per interface basis. For more information, refer to documentation on Interface Specific Network Options (ISNO). Most interfaces now have this tunable parameter set in the ISNO defaults. The tcp_sendspace tunable parameter must specify a socket buffer size less than or equal to the setting of the sb_max attribute.
tcp_syn_rto
Purpose
Specifies the TCP retransmission timeout (RTO) value, in an interval of half-seconds, for a connection that experiences packet drops before the connection is established.
Tuning
The tuning value of the tcp_syn_rto tunable parameter is set as the initial retransmission timeout value for retransmissions that occur before the connection is established. The tuning values range from 0 to 32767. The default tuning value is 0.
tcp_tcpsecure
Purpose
Specifies whether connection reset attacks and data corruption attacks on TCP are avoided.
Tuning
Protects the TCP connections from one or more of the following three vulnerabilities:
  1. Involves sending of a fake SYN to an established connection to stop the connection. A tuning value of 1 protects from this vulnerability.
  2. Involves sending of a fake RST to an established connection to abort the connection. A tuning value of 2 protects from this vulnerability.
  3. Involves injecting fake data in an established TCP connection. A tuning value of 4 protects from this vulnerability.

The tuning values for the tcp_tcpsecure tunable parameter can range from a minimum of 0, which is the default tuning value and provides no protection from these vulnerabilities to a maximum tuning value of 7. The tuning values of 3, 5, 6, or 7 protects the connection from combinations of these three vulnerabilities.
tcp_timewait
Purpose
The tcp_timewait tunable parameter is used to configure how long connections are kept in the timewait state.
Tuning
The tuning value is given in 15-second intervals. Increasing the tuning value degrades the performance of web servers or applications that open and close many TCP connections.
tcp_ttl
Purpose
Specifies the time to live for TCP packets that are expressed in ticks.
Tuning
A tick is 0.6 seconds that is 100 ticks per minutes.
tcprexmtthresh
Purpose
Specifies the number of consecutive duplicate acknowledgments, which cause TCP to goto the fast retransmit phase.
Tuning
Increase this parameter if TCP performance is low due to an increased number of duplicate acknowledgments but the network is not congested. If you set a high value for the tcprexmtthresh tunable parameter, can cause TCP to time out and retransmit.
tcptr_enable
Purpose
Enables TCP traffic regulation that is defined by policies that created by using the tcptr command. A tuning value of 0 means disabled. Any nonzero value means that traffic regulation is enabled.
Tuning
A tuning value of 0 disables this option. This option must be turned on for servers that must protect against network attacks.
tcp_use_maxlen
Purpose
Allows you to set the outgoing packet size to the maximum allowed size to be sent if the largesend tunable parameter is enabled. If the largesend tunable parameter is not enabled, outgoing packet size is capped to the multiples of the MTU segments instead of the maximum sized segments.
Tuning
The default tuning value of 1 enables the tcp_use_maxlen tuning parameter. A tuning value of 0 disables the tcp_use_maxlen tunable parameter.
thewall
Purpose
Specifies the maximum amount of memory in kbs, which is allocated to the memory pool.
Tuning
You cannot set this attribute anymore.
timer_wheel_tick
Purpose
Specifies the slot interval of the timer wheel, in ticks, where a tick=1000/HZ=10 ms.
Tuning
Use timer_wheel_tick tunable parameter with tcp_low_rto tunable parameter to reduce the TCP timeout values to smaller units.
udp_bad_port_limit
Purpose
Specifies the number of UDP packets to a port with no socket that can be received in a 500-millisecond period before a UDP stops sending ICMP errors in response to such packets.
Tuning
If the tuning value is set to 0, the ICMP errors are always sent when UDP packets are received for a bad port number. A tuning value greater than 0 specifies the number of packets to be received before UDP stops sending ICMP errors.
udp_ephemeral_high
Purpose
Specifies the largest port number to allocate for UDP ephemeral ports.
udp_ephemeral_low
Purpose
Specifies the smallest port number to allocate for UDP ephemeral ports.
udp_inpcb_hashtab_siz
Purpose
Specifies the size of the inpcb hash table for UDP connections. The inpcb hash table holds the inpcbs that is necessary for connection management and is implemented as a table of hash chains. A larger table indicates that the linked hash chains are smaller and less traversal time on the average but the memory footprint is larger.
Tuning
A tuning value must be a prime number. This option impacts performance and must be used with extreme caution. To change the tuning value, consult a performance analyst. The execution environment can have an influence on the tuning value. Maintain the system-defined defaults as they tend to run optimally in most environments.
start of changeudp_num_cached_routesend of change start of change
Purpose

Specifies the number of routes to cache per UDP socket. If an application communicates with multiple detonations or hosts by using the same UDP socket, it might incur another overhead as a result of frequent allocation and deallocation of routes. If you set this tuning value to the expected number of destinations that the UDP socket communicates, the udp_num_cached_routes parameter reduces the overhead and improves the performance of such applications.

Tuning

The default tuning value of 1 indicates that each UDP socket can cache a single route. A tuning value that is greater than 1 allows more routes to be cached per UDP socket and increases the usage of the memory proportionally for UDP applications that communicate with multiple destinations by using the same UDP socket.

end of change
udp_pmtu_discover
Purpose
Enables or disables the path MTU discovery for UDP applications.
Tuning
The UDP applications must be written to use path MTU discovery. A tuning value of 0 disables this feature. A tuning value of 1 enables the feature.
udp_recvspace
Purpose
Specifies the default socket buffer size of the system for receiving a UDP data.
Tuning
Change when nonzero n in netstat -s command report of udp: n socket buffer overflows. The udp_recvspace tunable parameter must specify a socket buffer size less than or equal to the setting of the sb_max tunable parameter. Increase the buffer size to a multiple of 4096.
udp_send_perf
Purpose
Improves the UDP Transmit performance by caching address information and memory buffers (buffs) that are used to transmit packets over a network.
Tuning
The default tuning value of 0 disables the caching. To enable a caching, specify a tuning value of 1. For example, enter the following command to enable caching:
no -o udp_send_perf=1
udp_sendspace
Purpose
Specifies the default socket buffer size in bytes of the system to send UDP data.
Tuning
The udp_sendspace tunable parameter must specify a socket buffer size less than or equal to the setting of the sb_max tunable parameter. The udp_sendspace tunable parameter must be at least as large as the largest datagram size that the application sends. Increase the buffer size to a multiple of 4096.
udp_ttl
Purpose
Specifies the time to live in seconds for the UDP packets.
udpcksum
Purpose
Turns on or turns off the UDP checksum.
Tuning
A tuning value of 0 turns off the UDP checksum and a tuning value of 1 turns on the UDP checksum.
unix_sock_buf
Purpose
Specifies the default system-socket buffer size in bytes for UNIX domain socket buffers.
Tuning
The unix_sock_buf tunable parameter must specify a system-socket buffer size that is less than or equal to the buffer size that you specify by using the sb_max tunable parameter. By default, the tuning value of the unix_sock_buf tunable parameter is set to 16 KB (16384 bytes). You can increase the buffer size to a multiple of 4096.
use_sndbufpool
Purpose
Enables the caching of mbuf clusters to improve the performance.
Tuning
If this tuning value is disabled, to allocate a mbuf cluster, AIX allocates a cluster buffer and mbuf buffer to point to it, which requires two buffer allocation operations. To free the cluster, two buffer-free operations are required. If you enable the use_sndbufpool tunable parameter, AIX maintains a cache of clusters for each cluster size that you use. This option improves performance by reducing overload to allocate and free mbuf clusters. The default tuning value of 1 enables this option on a system-wide scale. The mbuf cluster cache is displayed by using the netstat -M command.
Compatibility Mode

When operating in pre 5.2 compatibility mode controlled by the pre520tune attribute of sys0, see AIX 5.2 compatibility mode. The restart values for parameters, except type Bosboot, are not applicable because in the pre 5.2 compatibility mode they are not applied during boot.

In pre 5.2 compatibility mode, setting restart values to tuning parameters remains achieved by embedding calls to tuning commands in scripts that are called during the boot sequence. Therefore, parameters of type Reboot can be set without the -r flag so that existing scripts continue to work.

This mode is automatically turned on when a machine is MIGRATED to AIX 5L Version 5.2. For complete installations, it is turned OFF and the restart values for parameters are set by applying the content of the /etc/tunables/nextboot file during the restart sequence. Only in that mode the -r and -p flags are fully functional. See Kernel Tuning in the Performance Tools Guide and Reference for details.

Security

Attention RBAC users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations that are associated with this command, see the lssecattr command or the getcmdattr subcommand.

Examples

  1. Enter the following command to display the maximum size of the mbuf pool: 
    no -o thewall
  2. Enter the following command to reset the time to live for UDP packets its default size: 
    no -d udp_ttl
  3. Enter the following command to change the default socket buffer sizes on your system: 
    no -r -o tcp_sendspace=32768
no -r -o udp_recvspace=32768
  4. Enter the following command to use a system as an internet work router over Internet Protocol networks: 
     no -o ipforwarding=1
  5. Enter the following command to list the current value, restart value, range, unit, type, and dependencies of all the tunable parameters that are managed by the no command: 
    no -L
  6. Enter the following command to display the help information about the udp_ephemeral_high tunable parameter: 
    no -h udp_ephemeral_high
  7. Enter the following command to permanently turn off the ip6srcrouteforward tunable parameter: 
    no -p -o ip6srcrouteforward=0
  8. Enter the following command to list the restart values for all the tuning parameters of the network tuning: 
    no -r -a
  9. Enter the following command to list in spreadsheet format, the current value, restart value, range, unit, type, and dependencies of all the tunable parameters that are managed by the no command: 
    no -x
  10. Enter the following command to log all allocations and frees of type mbuf or socket that are of size 256 or 4096: 
    no -o net_buf_type={mbuf:socket} -o net_buf_size={256:4096} -o net_malloc_police=1
  11. Enter the following command to log all allocations and frees of type mbuf: 
    no -o net_buf_type={mbuf} -o net_buf_size={all} -o net_malloc_police=1
  12. Enter the following command to log all ns_alloc and ns_free network service for the en0 or en3 adapters by using a 2000 events buffer size: 
    no -o ndd_event_name={en0:en3} -o ndd_event_tracing=2000
  13. Enter the following command to log all ns_alloc and ns_free network service for all the en adapters by using a 2000 events buffer size: 
    no -o ndd_event_name={en} -o ndd_event_tracing=2000
  14. Enter the following command to log all ns_alloc and ns_free network service for all the adapters: 
    no -o ndd_event_name={all} -o ndd_event_tracing=1