mirror of
https://github.com/apache/cloudstack.git
synced 2025-11-02 11:52:28 +01:00
50 lines
1.3 KiB
Plaintext
50 lines
1.3 KiB
Plaintext
# Kernel sysctl configuration file
|
|
#
|
|
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
|
|
# sysctl.conf(5) for more details.
|
|
# @VERSION@
|
|
|
|
# Controls IP packet forwarding
|
|
net.ipv4.ip_forward = 1
|
|
|
|
# Controls source route verification
|
|
net.ipv4.conf.default.rp_filter = 1
|
|
|
|
# Do not accept source routing
|
|
net.ipv4.conf.default.accept_source_route = 0
|
|
|
|
# Respect local interface in ARP interactions
|
|
net.ipv4.conf.default.arp_announce = 2
|
|
net.ipv4.conf.default.arp_ignore = 2
|
|
net.ipv4.conf.all.arp_announce = 2
|
|
net.ipv4.conf.all.arp_ignore = 2
|
|
|
|
# IPSec NETKEY -- avoid bogus redirects
|
|
net.ipv4.conf.all.accept_redirects = 0
|
|
net.ipv4.conf.default.accept_redirects = 0
|
|
net.ipv4.conf.all.send_redirects = 0
|
|
net.ipv4.conf.default.send_redirects = 0
|
|
|
|
|
|
# Controls the System Request debugging functionality of the kernel
|
|
kernel.sysrq = 0
|
|
|
|
# Controls whether core dumps will append the PID to the core filename.
|
|
# Useful for debugging multi-threaded applications.
|
|
kernel.core_uses_pid = 1
|
|
|
|
# Controls the use of TCP syncookies
|
|
net.ipv4.tcp_syncookies = 1
|
|
|
|
net.ipv4.netfilter.ip_conntrack_max=1000000
|
|
net.ipv4.tcp_tw_reuse=1
|
|
net.ipv4.tcp_max_tw_buckets=1000000
|
|
net.core.somaxconn=1000000
|
|
|
|
# Disable IPv6
|
|
net.ipv6.conf.all.disable_ipv6 = 1
|
|
net.ipv6.conf.all.forwarding = 0
|
|
net.ipv6.conf.all.accept_ra = 0
|
|
net.ipv6.conf.all.accept_redirects = 0
|
|
net.ipv6.conf.all.autoconf = 0
|