| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 |
- #
- # This file is managed by ansible. Do not edit by hand!
- #
- # Reboot 1 second after kernel panic, oops or BUG (usually in batman-adv.ko)
- kernel.panic = 1
- kernel.panic_on_oops = 1
- # throw kernel panic on softlockup
- kernel.softlockup_panic=1
- ## Networking
- # See https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
- # Don't pass bridged traffic to iptables/arptables
- net.bridge.bridge-nf-call-arptables = 0
- net.bridge.bridge-nf-call-iptables = 0
- net.bridge.bridge-nf-call-ip6tables = 0
- ## IPv4 tuning
- # Reset all configuration parameters to RFC1812
- net.ipv4.ip_forward = 1
- # Disable routing to eth0
- net.ipv4.conf.eth0.forwarding = 0
- # Accept ICMP redirect messages; default = 0
- net.ipv4.conf.default.accept_redirects = 1
- net.ipv4.conf.all.accept_redirects = 1
- # Use larger ARP cache
- net.ipv4.neigh.default.gc_thresh1 = 2048
- net.ipv4.neigh.default.gc_thresh2 = 4096
- net.ipv4.neigh.default.gc_thresh3 = 8192
- # Maximum number of routes allowed in the kernel
- net.ipv4.route.max_size = 8388608
- ## IPv6 tuning
- # Configure router behaviour
- net.ipv6.conf.all.forwarding = 1
- # Disable routing to eth0
- net.ipv6.conf.eth0.forwarding = 0
- net.ipv6.conf.eth0.accept_ra = 0
- # Accept Redirects; default = 0
- net.ipv6.conf.default.accept_redirects = 1
- net.ipv6.conf.all.accept_redirects = 1
- # Accept Duplicate Address Detection; default = 1
- net.ipv6.conf.default.accept_dad = 0
- net.ipv6.conf.all.accept_dad = 0
- # Use larger neighbor table
- net.ipv6.neigh.default.gc_thresh1 = 2048
- net.ipv6.neigh.default.gc_thresh2 = 4096
- net.ipv6.neigh.default.gc_thresh3 = 8192
- # Maximum number of routes allowed in the kernel
- net.ipv6.route.max_size = 8388608
|
