Master Linux TCP Settings: Tuning /proc/sys/net/ipv4 for Better Performance

Linux Kernel TCP Parameters

/proc/sys/net/ipv4/

/proc/sys/net/ipv4/

stores files that control TCP behavior. Adjusting these settings can improve security, routing, and overall network performance.

tcp_syn_retries

defines how many SYN retransmissions the client will perform before giving up. Example: sysctl net.ipv4.tcp_syn_retries=2 sets the value to 2.

Using ssh to a non‑existent host demonstrates the retransmission behavior because SSH relies on TCP.

Wireshark captures confirm that two packets are retransmitted when the SYN retry count is set to 2.

Other notable parameters: net.ipv4.tcp_window_scaling – enable/disable window scaling. net.ipv4.tcp_sack – enable Selective Acknowledgement (SACK). net.ipv4.tcp_keepalive_time – interval (seconds) between keepalive probes. net.ipv4.tcp_keepalive_probes – number of keepalive probes before giving up. net.ipv4.tcp_keepalive_intvl – interval (seconds) between successive keepalive probes. net.ipv4.tcp_retries1 – retries before abandoning a connection request (RFC minimum 3). net.ipv4.tcp_retries2 – retries before dropping an established connection (default 15, often reduced to 5). net.ipv4.tcp_fin_timeout – time (seconds) a socket stays in FIN‑WAIT‑2. net.ipv4.tcp_max_tw_buckets – maximum number of TIME‑WAIT sockets. net.ipv4.tcp_tw_reuse – allow reuse of TIME‑WAIT sockets for new connections. net.ipv4.tcp_tw_recycle – fast recycling of TIME‑WAIT sockets (use with caution). net.ipv4.tcp_synack_retries – retries for SYN+ACK packets. net.ipv4.tcp_orphan_retries – retries before discarding an orphaned connection. net.ipv4.tcp_abort_on_overflow – send RST when the daemon is overloaded. net.ipv4.tcp_synookies – enable SYN‑cookies to mitigate SYN flood attacks. net.ipv4.tcp_stdurg – use the TCP urgent pointer (generally left disabled). net.ipv4.tcp_max_syn_backlog – maximum pending SYN queue size. net.ipv4.tcp_window_scaling – enable variable TCP window size (default 1). net.ipv4.tcp_timestamps – enable timestamps for better RTT calculation.

/proc/sys/net/core/

This directory contains settings that control how the Linux kernel interacts with the network layer.

netdev_max_backlog

– max packets queued when NIC receives faster than kernel can process. somaxconn – max pending connections for listening sockets. wmem_default – default send buffer size (bytes). rmem_default – default receive buffer size (bytes). rmem_max – maximum receive buffer size. wmem_max – maximum send buffer size.

/proc/sys/net/netfilter/

Contains netfilter parameters; refer to Linux kernel documentation for details.

How to Modify Kernel Parameters

Use echo value > /proc/sys/.../parameter for immediate change (not persistent across reboots).

Add the setting to /etc/sysctl.conf and run sysctl -p for a permanent change.

Use the sysctl command directly, e.g., sysctl net.ipv4.tcp_syn_retries=3.

Viewing Linux System Statistics

Network interface statistics can be read from /sys/class/net/<iface>/statistics/:

sys/class/net/eth0/statistics/rx_packets   # received packets
sys/class/net/eth0/statistics/tx_packets   # transmitted packets
sys/class/net/eth0/statistics/rx_bytes     # received bytes
sys/class/net/eth0/statistics/tx_bytes     # transmitted bytes
sys/class/net/eth0/statistics/rx_dropped   # dropped inbound packets
sys/class/net/eth0/statistics/tx_dropped   # dropped outbound packets

Additional NIC parameters (MAC address, speed, MTU, etc.) are available under /sys/class/net/<iface>/.