## Networking
# See https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

net.nf_conntrack_max = 131072

## IPv4 tuning

# Reset all configuration parameters to RFC1812
net.ipv4.ip_forward = 1

# Disable routing to {{ primary_interface }}
net.ipv4.conf.{{ primary_interface }}.forwarding = 0

# Use larger ARP cache
net.ipv4.neigh.default.gc_thresh1 = 2048
net.ipv4.neigh.default.gc_thresh2 = 4096
net.ipv4.neigh.default.gc_thresh3 = 8192

# Maximum number of routes allowed in the kernel
net.ipv4.route.max_size = 8388608


## IPv6 tuning

# Configure router behaviour
net.ipv6.conf.all.forwarding = 1

# Disable routing to {{ primary_interface }}
net.ipv6.conf.{{ primary_interface }}.forwarding = 0
net.ipv6.conf.{{ primary_interface }}.accept_ra = 0

# Accept Duplicate Address Detection; default = 1
net.ipv6.conf.default.accept_dad = 0
net.ipv6.conf.all.accept_dad = 0

# Use larger neighbor table
net.ipv6.neigh.default.gc_thresh1 = 2048
net.ipv6.neigh.default.gc_thresh2 = 4096
net.ipv6.neigh.default.gc_thresh3 = 8192

# Maximum number of routes allowed in the kernel
net.ipv6.route.max_size = 8388608