Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
ffdo-infrastruktur
/
ffdo-ansible
zrkadlo https://github.com/ffdo/ffdo-ansible.git
5
0
Fork 0
Súbory
Strom: 55d97e124c
Branche Tagy
ffdo-ansible
/
roles
/
mesh-routing
/
templates
/
sysctl.conf.j2

sysctl.conf.j2 1.1 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142 
  1. ## Networking
    2. 

  2. # See https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
    3. 

  3. 

  4. net.nf_conntrack_max = 131072
    5. 

  5. 

  6. ## IPv4 tuning
    7. 

  7. 

  8. # Reset all configuration parameters to RFC1812
    9. 

  9. net.ipv4.ip_forward = 1
    10. 

  10. 

  11. # Disable routing to {{ primary_interface }}
    12. 

  12. net.ipv4.conf.{{ primary_interface }}.forwarding = 0
    13. 

  13. 

  14. # Use larger ARP cache
    15. 

  15. net.ipv4.neigh.default.gc_thresh1 = 2048
    16. 

  16. net.ipv4.neigh.default.gc_thresh2 = 4096
    17. 

  17. net.ipv4.neigh.default.gc_thresh3 = 8192
    18. 

  18. 

  19. # Maximum number of routes allowed in the kernel
    20. 

  20. net.ipv4.route.max_size = 8388608
    21. 

  21. 

  22. 

  23. ## IPv6 tuning
    24. 

  24. 

  25. # Configure router behaviour
    26. 

  26. net.ipv6.conf.all.forwarding = 1
    27. 

  27. 

  28. # Disable routing to {{ primary_interface }}
    29. 

  29. net.ipv6.conf.{{ primary_interface }}.forwarding = 0
    30. 

  30. net.ipv6.conf.{{ primary_interface }}.accept_ra = 0
    31. 

  31. 

  32. # Accept Duplicate Address Detection; default = 1
    33. 

  33. net.ipv6.conf.default.accept_dad = 0
    34. 

  34. net.ipv6.conf.all.accept_dad = 0
    35. 

  35. 

  36. # Use larger neighbor table
    37. 

  37. net.ipv6.neigh.default.gc_thresh1 = 2048
    38. 

  38. net.ipv6.neigh.default.gc_thresh2 = 4096
    39. 

  39. net.ipv6.neigh.default.gc_thresh3 = 8192
    40. 

  40. 

  41. # Maximum number of routes allowed in the kernel
    42. 

  42. net.ipv6.route.max_size = 8388608
    43.