BestHub
Sign in
Operations 17 min read

Mastering Linux TCP Settings: Key /proc/sys/net Parameters Explained

This guide explains the Linux kernel TCP parameters located under /proc/sys/net/ipv4/ and /proc/sys/net/core/, shows how to tune them with sysctl, and provides practical examples and recommended values for improving network performance and security.

MaGe Linux Operations
MaGe Linux Operations
MaGe Linux Operations
Mastering Linux TCP Settings: Key /proc/sys/net Parameters Explained

Linux Kernel TCP Parameters

/proc/sys/net/ipv4/

The directory /proc/sys/net/ipv4/ contains files that control TCP behavior. Adjusting these settings can improve security, routing, and performance.

The tcp_syn_retries parameter defines how many SYN retransmissions the client will perform before giving up.

Example modification: sysctl net.ipv4.tcp_syn_retries=2 Verification can be done by attempting an SSH connection to a non‑existent host and observing the retransmissions with Wireshark.

Other Important IPv4 TCP Settings

Name

Default

Recommended

Description tcp_syn_retries 5

1‑2

Number of SYN packets sent before abandoning a new connection (max 255). tcp_synack_retries 5

1‑2

Number of SYN+ACK packets sent before giving up on an incoming connection. tcp_keepalive_time 7200

600

Interval (seconds) between keepalive probes. tcp_keepalive_probes 9

3

Number of keepalive probes before declaring the connection dead. tcp_keepalive_intvl 74

15

Interval (seconds) between successive keepalive probes when no response is received. tcp_retries1 3

3

Retries before giving up on an unacknowledged SYN‑ACK (minimum RFC value). tcp_retries2 15

5

Retries before aborting an established connection (depends on RTO, typically 13‑30 min). tcp_orphan_retries 7

3

Retries before discarding an orphaned socket (50 s‑16 min). tcp_fin_timeout 60

2

Time (seconds) a socket stays in FIN‑WAIT‑2 state. tcp_max_tw_buckets 180000

36000

Maximum number of TIME‑WAIT sockets; raising helps under heavy load. tcp_tw_recycle 0

1

Enable fast recycling of TIME‑WAIT sockets (use with caution). tcp_tw_reuse 0

1

Allow reuse of TIME‑WAIT sockets for new connections. tcp_max_orphans 8192

32768

Maximum number of orphaned TCP sockets; increase on memory‑rich systems. tcp_abort_on_overflow 0

0

Send RST when the daemon is too busy to accept new connections. tcp_syncookies 0

1

Enable SYN‑cookies to mitigate SYN‑flood attacks (requires kernel config). tcp_window_scaling 1

1

Enable variable TCP window scaling (important for high‑speed links). tcp_timestamps 1

1

Enable RFC 1323 timestamps for better RTT calculation and protection against old sequence numbers. tcp_sack 1

1

Enable Selective Acknowledgement to improve loss recovery on WAN links. tcp_fack 1

1

Enable Forward Acknowledgement for faster congestion avoidance. tcp_ecn 0

0

Enable Explicit Congestion Notification. tcp_reordering 3

6

Maximum number of out‑of‑order packets before triggering fast‑retransmit. tcp_low_latency 0

0

Allow the stack to favor low latency over throughput (usually disabled). ip_forward 0

1

Enable IP forwarding for NAT. ip_local_port_range 32768 61000

1024 65000

Range of ports used for outgoing connections. ip_conntrack_max 65535

65535

Maximum number of tracked IPv4 connections.

/proc/sys/net/core/

This directory holds parameters that control how the kernel interacts with the network layer.

Name

Default

Recommended

Description netdev_max_backlog 1024

16384

Maximum packets queued per NIC when arrival rate exceeds processing rate. somaxconn 128

16384

Maximum size of the listen backlog queue for server sockets. wmem_default 129024

129024

Default send buffer size (bytes). rmem_default 129024

129024

Default receive buffer size (bytes). rmem_max 129024

873200

Maximum TCP receive buffer (bytes). wmem_max 129024

873200

Maximum TCP send buffer (bytes).

How to Modify Kernel Parameters

Directly echo a value into the file (temporary, lost after reboot): echo "1" > /proc/sys/net/ipv4/tcp_syn_retries Add the setting to /etc/sysctl.conf and apply with sysctl -p (persistent).

Use the sysctl command directly, e.g. sysctl net.ipv4.tcp_syn_retries=2.

Viewing Linux Network Statistics

Network interface statistics can be read from /sys/class/net/eth0/statistics/ (replace eth0 with the desired interface):

sys/class/net/eth0/statistics/rx_packets   # packets received
sys/class/net/eth0/statistics/tx_packets   # packets transmitted
sys/class/net/eth0/statistics/rx_bytes     # bytes received
sys/class/net/eth0/statistics/tx_bytes     # bytes transmitted
sys/class/net/eth0/statistics/rx_dropped   # packets dropped on receive
sys/class/net/eth0/statistics/tx_dropped   # packets dropped on transmit

Additional NIC details (MAC, speed, MTU, etc.) are available under /sys/class/net/ for each interface.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

performanceKernelTCPNetworkingSysadminsysctl
MaGe Linux Operations
Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment