1 .\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
2 .\" and Copyright (C) 2008 Michael Kerrisk <mtk.manpages@gmail.com>
3 .\" Note also that many pieces are drawn from the kernel source file
4 .\" Documentation/networking/ip-sysctl.txt.
6 .\" %%%LICENSE_START(VERBATIM_ONE_PARA)
7 .\" Permission is granted to distribute possibly modified copies
8 .\" of this page provided the header is included verbatim,
9 .\" and in case of nontrivial modification author and date
10 .\" of the modification is added to the header.
13 .\" 2.4 Updates by Nivedita Singhvi 4/20/02 <nivedita@us.ibm.com>.
14 .\" Modified, 2004-11-11, Michael Kerrisk and Andries Brouwer
15 .\" Updated details of interaction of TCP_CORK and TCP_NODELAY.
17 .\" 2008-11-21, mtk, many, many updates.
18 .\" The descriptions of /proc files and socket options should now
19 .\" be more or less up to date and complete as at Linux 2.6.27
20 .\" (other than the remaining FIXMEs in the page source below).
22 .\" FIXME The following need to be documented
23 .\" TCP_MD5SIG (2.6.20)
24 .\" commit cfb6eeb4c860592edd123fdea908d23c6ad1c7dc
25 .\" Author was yoshfuji@linux-ipv6.org
26 .\" Needs CONFIG_TCP_MD5SIG
27 .\" From net/inet/Kconfig
28 .\" bool "TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL)"
29 .\" RFC2385 specifies a method of giving MD5 protection to TCP sessions.
30 .\" Its main (only?) use is to protect BGP sessions between core routers
33 .\" There is a TCP_MD5SIG option documented in FreeBSD's tcp(4),
34 .\" but probably many details are different on Linux
35 .\" http://thread.gmane.org/gmane.linux.network/47490
36 .\" http://www.daemon-systems.org/man/tcp.4.html
37 .\" http://article.gmane.org/gmane.os.netbsd.devel.network/3767/match=tcp_md5sig+freebsd
38 .\" TCP_COOKIE_TRANSACTIONS (2.6.33)
39 .\" commit 519855c508b9a17878c0977a3cdefc09b59b30df
40 .\" Author: William Allen Simpson <william.allen.simpson@gmail.com>
41 .\" commit e56fb50f2b7958b931c8a2fc0966061b3f3c8f3a
42 .\" Author: William Allen Simpson <william.allen.simpson@gmail.com>
44 .\" REMOVED in Linux 3.10
45 .\" commit 1a2c6181c4a1922021b4d7df373bba612c3e5f04
46 .\" Author: Christoph Paasch <christoph.paasch@uclouvain.be>
48 .\" TCP_THIN_LINEAR_TIMEOUTS (2.6.34)
49 .\" commit 36e31b0af58728071e8023cf8e20c5166b700717
50 .\" Author: Andreas Petlund <apetlund@simula.no>
51 .\" TCP_THIN_DUPACK (2.6.34)
52 .\" commit 7e38017557bc0b87434d184f8804cadb102bb903
53 .\" Author: Andreas Petlund <apetlund@simula.no>
55 .\" commit ee9952831cfd0bbe834f4a26489d7dce74582e37
56 .\" Author: Pavel Emelyanov <xemul@parallels.com>
57 .\" TCP_REPAIR_QUEUE (3.5)
58 .\" commit ee9952831cfd0bbe834f4a26489d7dce74582e37
59 .\" Author: Pavel Emelyanov <xemul@parallels.com>
60 .\" TCP_QUEUE_SEQ (3.5)
61 .\" commit ee9952831cfd0bbe834f4a26489d7dce74582e37
62 .\" Author: Pavel Emelyanov <xemul@parallels.com>
63 .\" TCP_REPAIR_OPTIONS (3.5)
64 .\" commit b139ba4e90dccbf4cd4efb112af96a5c9e0b098c
65 .\" Author: Pavel Emelyanov <xemul@parallels.com>
66 .\" TCP_FASTOPEN (3.6)
67 .\" (Fast Open server side implementation completed in 3.7)
68 .\" http://lwn.net/Articles/508865/
69 .\" TCP_TIMESTAMP (3.9)
70 .\" commit 93be6ce0e91b6a94783e012b1857a347a5e6e9f2
71 .\" Author: Andrey Vagin <avagin@openvz.org>
72 .\" TCP_NOTSENT_LOWAT (3.12)
73 .\" commit c9bee3b7fdecb0c1d070c7b54113b3bdfb9a3d36
74 .\" Author: Eric Dumazet <edumazet@google.com>
76 .TH TCP 7 2015-01-10 "Linux" "Linux Programmer's Manual"
80 .B #include <sys/socket.h>
82 .B #include <netinet/in.h>
84 .B #include <netinet/tcp.h>
86 .B tcp_socket = socket(AF_INET, SOCK_STREAM, 0);
88 This is an implementation of the TCP protocol defined in
89 RFC\ 793, RFC\ 1122 and RFC\ 2001 with the NewReno and SACK
91 It provides a reliable, stream-oriented,
92 full-duplex connection between two sockets on top of
94 for both v4 and v6 versions.
95 TCP guarantees that the data arrives in order and
96 retransmits lost packets.
97 It generates and checks a per-packet checksum to catch
99 TCP does not preserve record boundaries.
101 A newly created TCP socket has no remote or local address and is not
103 To create an outgoing TCP connection use
105 to establish a connection to another TCP socket.
106 To receive new incoming connections, first
108 the socket to a local address and port and then call
110 to put the socket into the listening state.
111 After that a new socket for each incoming connection can be accepted using
113 A socket which has had
117 successfully called on it is fully specified and may transmit data.
118 Data cannot be transmitted on listening or not yet connected sockets.
120 Linux supports RFC\ 1323 TCP high performance
122 These include Protection Against Wrapped
123 Sequence Numbers (PAWS), Window Scaling and Timestamps.
124 Window scaling allows the use
125 of large (> 64K) TCP windows in order to support links with high
126 latency or bandwidth.
127 To make use of them, the send and receive buffer sizes must be increased.
128 They can be set globally with the
129 .I /proc/sys/net/ipv4/tcp_wmem
131 .I /proc/sys/net/ipv4/tcp_rmem
132 files, or on individual sockets by using the
136 socket options with the
140 The maximum sizes for socket buffers declared via the
144 mechanisms are limited by the values in the
145 .I /proc/sys/net/core/rmem_max
147 .I /proc/sys/net/core/wmem_max
149 Note that TCP actually allocates twice the size of
150 the buffer requested in the
152 call, and so a succeeding
154 call will not return the same size of buffer as requested in the
157 TCP uses the extra space for administrative purposes and internal
158 kernel structures, and the
160 file values reflect the
161 larger sizes compared to the actual TCP windows.
162 On individual connections, the socket buffer size must be set prior to the
166 calls in order to have it take effect.
169 for more information.
171 TCP supports urgent data.
172 Urgent data is used to signal the
173 receiver that some important message is part of the data
174 stream and that it should be processed as soon as possible.
175 To send urgent data specify the
179 When urgent data is received, the kernel sends a
181 signal to the process or process group that has been set as the
182 socket "owner" using the
186 ioctls (or the POSIX.1-2001-specified
192 socket option is enabled, urgent data is put into the normal
193 data stream (a program can test for its location using the
195 ioctl described below),
196 otherwise it can be received only when the
203 Linux 2.4 introduced a number of changes for improved
204 throughput and scaling, as well as enhanced functionality.
205 Some of these features include support for zero-copy
207 Explicit Congestion Notification, new
208 management of TIME_WAIT sockets, keep-alive socket options
209 and support for Duplicate SACK extensions.
211 TCP is built on top of IP (see
213 The address formats defined by
216 TCP supports point-to-point communication only;
217 broadcasting and multicasting are not
220 System-wide TCP parameter settings can be accessed by files in the directory
221 .IR /proc/sys/net/ipv4/ .
224 interfaces also apply to TCP; see
226 Variables described as
228 take an integer value, with a nonzero value ("true") meaning that
229 the corresponding option is enabled, and a zero value ("false")
230 meaning that the option is disabled.
232 .IR tcp_abc " (Integer; default: 0; since Linux 2.6.15)"
233 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
234 Control the Appropriate Byte Count (ABC), defined in RFC 3465.
235 ABC is a way of increasing the congestion window
237 more slowly in response to partial acknowledgments.
243 once per acknowledgment (no ABC)
247 once per acknowledgment of full sized segment
251 by two if acknowledgment is
252 of two segments to compensate for delayed acknowledgments.
255 .IR tcp_abort_on_overflow " (Boolean; default: disabled; since Linux 2.4)"
257 Enable resetting connections if the listening service is too
258 slow and unable to keep up and accept them.
259 It means that if overflow occurred due
260 to a burst, the connection will recover.
263 if you are really sure that the listening daemon
264 cannot be tuned to accept connections faster.
265 Enabling this option can harm the clients of your server.
267 .IR tcp_adv_win_scale " (integer; default: 2; since Linux 2.4)"
268 .\" Since 2.4.0-test7
269 Count buffering overhead as
270 .IR "bytes/2^tcp_adv_win_scale" ,
273 is greater than 0; or
274 .IR "bytes-bytes/2^(\-tcp_adv_win_scale)" ,
277 is less than or equal to zero.
279 The socket receive buffer space is shared between the
280 application and kernel.
281 TCP maintains part of the buffer as
282 the TCP window, this is the size of the receive window
283 advertised to the other end.
284 The rest of the space is used
285 as the "application" buffer, used to isolate the network
286 from scheduling and application latencies.
289 default value of 2 implies that the space
290 used for the application buffer is one fourth that of the total.
292 .IR tcp_allowed_congestion_control " (String; default: see text; since Linux 2.4.20)"
293 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
294 Show/set the congestion control algorithm choices available to unprivileged
295 processes (see the description of the
298 The items in the list are separated by white space and
299 terminated by a newline character.
300 The list is a subset of those listed in
301 .IR tcp_available_congestion_control .
302 The default value for this list is "reno" plus the default setting of
303 .IR tcp_congestion_control .
305 .IR tcp_autocorking " (Boolean; default: enabled; since Linux 3.14)"
306 .\" commit f54b311142a92ea2e42598e347b84e1655caf8e3
307 .\" Text heavily based on Documentation/networking/ip-sysctl.txt
308 If this option is enabled, the kernel tries to coalesce small writes
313 calls) as much as possible,
314 in order to decrease the total number of sent packets.
315 Coalescing is done if at least one prior packet for the flow
316 is waiting in Qdisc queues or device transmit queue.
317 Applications can still use the
319 socket option to obtain optimal behavior
320 when they know how/when to uncork their sockets.
322 .IR tcp_available_congestion_control " (String; read-only; since Linux 2.4.20)"
323 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
324 Show a list of the congestion-control algorithms
326 The items in the list are separated by white space and
327 terminated by a newline character.
328 This list is a limiting set for the list in
329 .IR tcp_allowed_congestion_control .
330 More congestion-control algorithms may be available as modules,
333 .IR tcp_app_win " (integer; default: 31; since Linux 2.4)"
334 .\" Since 2.4.0-test7
335 This variable defines how many
336 bytes of the TCP window are reserved for buffering overhead.
338 A maximum of (\fIwindow/2^tcp_app_win\fP, mss) bytes in the window
339 are reserved for the application buffer.
340 A value of 0 implies that no amount is reserved.
342 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
344 .IR tcp_base_mss " (Integer; default: 512; since Linux 2.6.17)
347 to be used by the packetization layer Path MTU discovery (MTU probing).
348 If MTU probing is enabled,
349 this is the initial MSS used by the connection.
351 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
353 .IR tcp_bic " (Boolean; default: disabled; Linux 2.4.27/2.6.6 to 2.6.13)"
354 Enable BIC TCP congestion control algorithm.
355 BIC-TCP is a sender-side-only change that ensures a linear RTT
356 fairness under large windows while offering both scalability and
357 bounded TCP-friendliness.
358 The protocol combines two schemes
359 called additive increase and binary search increase.
360 When the congestion window is large, additive increase with a large
361 increment ensures linear RTT fairness as well as good scalability.
362 Under small congestion windows, binary search
363 increase provides TCP friendliness.
365 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
367 .IR tcp_bic_low_window " (integer; default: 14; Linux 2.4.27/2.6.6 to 2.6.13)"
368 Set the threshold window (in packets) where BIC TCP starts to
369 adjust the congestion window.
370 Below this threshold BIC TCP behaves the same as the default TCP Reno.
372 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
374 .IR tcp_bic_fast_convergence " (Boolean; default: enabled; Linux 2.4.27/2.6.6 to 2.6.13)"
375 Force BIC TCP to more quickly respond to changes in congestion window.
376 Allows two flows sharing the same connection to converge more rapidly.
378 .IR tcp_congestion_control " (String; default: see text; since Linux 2.4.13)"
379 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
380 Set the default congestion-control algorithm to be used for new connections.
381 The algorithm "reno" is always available,
382 but additional choices may be available depending on kernel configuration.
383 The default value for this file is set as part of kernel configuration.
385 .IR tcp_dma_copybreak " (integer; default: 4096; since Linux 2.6.24)"
386 Lower limit, in bytes, of the size of socket reads that will be
387 offloaded to a DMA copy engine, if one is present in the system
388 and the kernel was configured with the
392 .IR tcp_dsack " (Boolean; default: enabled; since Linux 2.4)"
393 .\" Since 2.4.0-test7
394 Enable RFC\ 2883 TCP Duplicate SACK support.
396 .IR tcp_ecn " (Boolean; default: disabled; since Linux 2.4)"
397 .\" Since 2.4.0-test7
398 Enable RFC\ 2884 Explicit Congestion Notification.
399 When enabled, connectivity to some
400 destinations could be affected due to older, misbehaving
401 routers along the path causing connections to be dropped.
403 .IR tcp_fack " (Boolean; default: enabled; since Linux 2.2)"
405 Enable TCP Forward Acknowledgement support.
407 .IR tcp_fin_timeout " (integer; default: 60; since Linux 2.2)"
409 This specifies how many seconds to wait for a final FIN packet before the
410 socket is forcibly closed.
411 This is strictly a violation of the TCP specification,
412 but required to prevent denial-of-service attacks.
413 In Linux 2.2, the default value was 180.
415 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
417 .IR tcp_frto " (integer; default: 0; since Linux 2.4.21/2.6)"
418 .\" Since 2.4.21/2.5.43
419 Enable F-RTO, an enhanced recovery algorithm for TCP retransmission
421 It is particularly beneficial in wireless environments
422 where packet loss is typically due to random radio interference
423 rather than intermediate router congestion.
424 See RFC 4138 for more details.
426 This file can have one of the following values:
431 The basic version F-RTO algorithm is enabled.
433 Enable SACK-enhanced F-RTO if flow uses SACK.
434 The basic version can be used also when
435 SACK is in use though in that case scenario(s) exists where F-RTO
436 interacts badly with the packet counting of the SACK-enabled TCP flow.
439 Before Linux 2.6.22, this parameter was a Boolean value,
440 supporting just values 0 and 1 above.
442 .IR tcp_frto_response " (integer; default: 0; since Linux 2.6.22)"
443 When F-RTO has detected that a TCP retransmission timeout was spurious
444 (i.e, the timeout would have been avoided had TCP set a
445 longer retransmission timeout),
446 TCP has several options concerning what to do next.
450 Rate halving based; a smooth and conservative response,
451 results in halved congestion window
453 and slow-start threshold
457 Very conservative response; not recommended because even
458 though being valid, it interacts poorly with the rest of Linux TCP; halves
464 Aggressive response; undoes congestion-control measures
465 that are now known to be unnecessary
466 (ignoring the possibility of a lost retransmission that would require
467 TCP to be more cautious);
471 are restored to the values prior to timeout.
474 .IR tcp_keepalive_intvl " (integer; default: 75; since Linux 2.4)"
476 The number of seconds between TCP keep-alive probes.
478 .IR tcp_keepalive_probes " (integer; default: 9; since Linux 2.2)"
480 The maximum number of TCP keep-alive probes to send
481 before giving up and killing the connection if
482 no response is obtained from the other end.
484 .IR tcp_keepalive_time " (integer; default: 7200; since Linux 2.2)"
486 The number of seconds a connection needs to be idle
487 before TCP begins sending out keep-alive probes.
488 Keep-alives are sent only when the
490 socket option is enabled.
491 The default value is 7200 seconds (2 hours).
492 An idle connection is terminated after
493 approximately an additional 11 minutes (9 probes an interval
494 of 75 seconds apart) when keep-alive is enabled.
496 Note that underlying connection tracking mechanisms and
497 application timeouts may be much shorter.
499 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
501 .IR tcp_low_latency " (Boolean; default: disabled; since Linux 2.4.21/2.6)"
502 .\" Since 2.4.21/2.5.60
503 If enabled, the TCP stack makes decisions that prefer lower
504 latency as opposed to higher throughput.
505 It this option is disabled, then higher throughput is preferred.
506 An example of an application where this default should be
507 changed would be a Beowulf compute cluster.
509 .IR tcp_max_orphans " (integer; default: see below; since Linux 2.4)"
511 The maximum number of orphaned (not attached to any user file
512 handle) TCP sockets allowed in the system.
513 When this number is exceeded,
514 the orphaned connection is reset and a warning is printed.
515 This limit exists only to prevent simple denial-of-service attacks.
516 Lowering this limit is not recommended.
517 Network conditions might require you to increase the number of
518 orphans allowed, but note that each orphan can eat up to ~64K
519 of unswappable memory.
520 The default initial value is set equal to the kernel parameter NR_FILE.
521 This initial default is adjusted depending on the memory in the system.
523 .IR tcp_max_syn_backlog " (integer; default: see below; since Linux 2.2)"
525 The maximum number of queued connection requests which have
526 still not received an acknowledgement from the connecting client.
527 If this number is exceeded, the kernel will begin
529 The default value of 256 is increased to
530 1024 when the memory present in the system is adequate or
531 greater (>= 128Mb), and reduced to 128 for those systems with
532 very low memory (<= 32Mb).
533 It is recommended that if this
534 needs to be increased above 1024, TCP_SYNQ_HSIZE in
537 TCP_SYNQ_HSIZE*16<=tcp_max_syn_backlog, and the kernel be
540 .IR tcp_max_tw_buckets " (integer; default: see below; since Linux 2.4)"
542 The maximum number of sockets in TIME_WAIT state allowed in
544 This limit exists only to prevent simple denial-of-service attacks.
545 The default value of NR_FILE*2 is adjusted
546 depending on the memory in the system.
548 exceeded, the socket is closed and a warning is printed.
550 .IR tcp_moderate_rcvbuf " (Boolean; default: enabled; since Linux 2.4.17/2.6.7)"
551 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
552 If enabled, TCP performs receive buffer auto-tuning,
553 attempting to automatically size the buffer (no greater than
555 to match the size required by the path for full throughput.
557 .IR tcp_mem " (since Linux 2.4)
558 .\" Since 2.4.0-test7
559 This is a vector of 3 integers: [low, pressure, high].
560 These bounds, measured in units of the system page size,
561 are used by TCP to track its memory usage.
562 The defaults are calculated at boot time from the amount of
566 for this, which is limited to around 900 megabytes on 32-bit systems.
567 64-bit systems do not suffer this limitation.)
571 TCP doesn't regulate its memory allocation when the number
572 of pages it has allocated globally is below this number.
575 When the amount of memory allocated by TCP
576 exceeds this number of pages, TCP moderates its memory consumption.
577 This memory pressure state is exited
578 once the number of pages allocated falls below
584 The maximum number of pages, globally, that TCP will allocate.
585 This value overrides any other limits imposed by the kernel.
588 .IR tcp_mtu_probing " (integer; default: 0; since Linux 2.6.17)"
589 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
590 This parameter controls TCP Packetization-Layer Path MTU Discovery.
591 The following values may be assigned to the file:
596 Disabled by default, enabled when an ICMP black hole detected
598 Always enabled, use initial MSS of
602 .IR tcp_no_metrics_save " (Boolean; default: disabled; since Linux 2.6.6)"
603 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
604 By default, TCP saves various connection metrics in the route cache
605 when the connection closes, so that connections established in the
606 near future can use these to set initial conditions.
607 Usually, this increases overall performance,
608 but it may sometimes cause performance degradation.
610 .I tcp_no_metrics_save
611 is enabled, TCP will not cache metrics on closing connections.
613 .IR tcp_orphan_retries " (integer; default: 8; since Linux 2.4)"
615 The maximum number of attempts made to probe the other
616 end of a connection which has been closed by our end.
618 .IR tcp_reordering " (integer; default: 3; since Linux 2.4)"
619 .\" Since 2.4.0-test7
620 The maximum a packet can be reordered in a TCP packet stream
621 without TCP assuming packet loss and going into slow start.
622 It is not advisable to change this number.
623 This is a packet reordering detection metric designed to
624 minimize unnecessary back off and retransmits provoked by
625 reordering of packets on a connection.
627 .IR tcp_retrans_collapse " (Boolean; default: enabled; since Linux 2.2)"
629 Try to send full-sized packets during retransmit.
631 .IR tcp_retries1 " (integer; default: 3; since Linux 2.2)"
633 The number of times TCP will attempt to retransmit a
634 packet on an established connection normally,
635 without the extra effort of getting the network layers involved.
636 Once we exceed this number of
637 retransmits, we first have the network layer
638 update the route if possible before each new retransmit.
639 The default is the RFC specified minimum of 3.
641 .IR tcp_retries2 " (integer; default: 15; since Linux 2.2)"
643 The maximum number of times a TCP packet is retransmitted
644 in established state before giving up.
645 The default value is 15, which corresponds to a duration of
646 approximately between 13 to 30 minutes, depending
647 on the retransmission timeout.
648 The RFC\ 1122 specified
649 minimum limit of 100 seconds is typically deemed too short.
651 .IR tcp_rfc1337 " (Boolean; default: disabled; since Linux 2.2)"
653 Enable TCP behavior conformant with RFC\ 1337.
655 if a RST is received in TIME_WAIT state, we close
656 the socket immediately without waiting for the end
657 of the TIME_WAIT period.
659 .IR tcp_rmem " (since Linux 2.4)"
660 .\" Since 2.4.0-test7
661 This is a vector of 3 integers: [min, default, max].
662 These parameters are used by TCP to regulate receive buffer sizes.
663 TCP dynamically adjusts the size of the
664 receive buffer from the defaults listed below, in the range
665 of these values, depending on memory available in the system.
669 minimum size of the receive buffer used by each TCP socket.
670 The default value is the system page size.
671 (On Linux 2.4, the default value is 4K, lowered to
673 bytes in low-memory systems.)
675 is used to ensure that in memory pressure mode,
676 allocations below this size will still succeed.
678 used to bound the size of the receive buffer declared
684 the default size of the receive buffer for a TCP socket.
685 This value overwrites the initial default buffer size from
687 .I net.core.rmem_default
688 defined for all protocols.
689 The default value is 87380 bytes.
690 (On Linux 2.4, this will be lowered to 43689 in low-memory systems.)
691 If larger receive buffer sizes are desired, this value should
692 be increased (to affect all sockets).
693 To employ large TCP windows, the
694 .I net.ipv4.tcp_window_scaling
695 must be enabled (default).
698 the maximum size of the receive buffer used by each TCP socket.
699 This value does not override the global
700 .IR net.core.rmem_max .
701 This is not used to limit the size of the receive buffer declared using
704 The default value is calculated using the formula
706 max(87380, min(4MB, \fItcp_mem\fP[1]*PAGE_SIZE/128))
708 (On Linux 2.4, the default is 87380*2 bytes,
709 lowered to 87380 in low-memory systems).
712 .IR tcp_sack " (Boolean; default: enabled; since Linux 2.2)"
714 Enable RFC\ 2018 TCP Selective Acknowledgements.
716 .IR tcp_slow_start_after_idle " (Boolean; default: enabled; since Linux 2.6.18)"
717 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
718 If enabled, provide RFC 2861 behavior and time out the congestion
719 window after an idle period.
720 An idle period is defined as the current RTO (retransmission timeout).
721 If disabled, the congestion window will not
722 be timed out after an idle period.
724 .IR tcp_stdurg " (Boolean; default: disabled; since Linux 2.2)"
726 If this option is enabled, then use the RFC\ 1122 interpretation
727 of the TCP urgent-pointer field.
728 .\" RFC 793 was ambiguous in its specification of the meaning of the
729 .\" urgent pointer. RFC 1122 (and RFC 961) fixed on a particular
730 .\" resolution of this ambiguity (unfortunately the "wrong" one).
731 According to this interpretation, the urgent pointer points
732 to the last byte of urgent data.
733 If this option is disabled, then use the BSD-compatible interpretation of
735 the urgent pointer points to the first byte after the urgent data.
736 Enabling this option may lead to interoperability problems.
738 .IR tcp_syn_retries " (integer; default: 5; since Linux 2.2)"
740 The maximum number of times initial SYNs for an active TCP
741 connection attempt will be retransmitted.
742 This value should not be higher than 255.
743 The default value is 5, which corresponds to approximately 180 seconds.
745 .IR tcp_synack_retries " (integer; default: 5; since Linux 2.2)"
747 The maximum number of times a SYN/ACK segment
748 for a passive TCP connection will be retransmitted.
749 This number should not be higher than 255.
751 .IR tcp_syncookies " (Boolean; since Linux 2.2)"
753 Enable TCP syncookies.
754 The kernel must be compiled with
755 .BR CONFIG_SYN_COOKIES .
756 Send out syncookies when the syn backlog queue of a socket overflows.
757 The syncookies feature attempts to protect a
758 socket from a SYN flood attack.
759 This should be used as a last resort, if at all.
760 This is a violation of the TCP protocol,
761 and conflicts with other areas of TCP such as TCP extensions.
762 It can cause problems for clients and relays.
763 It is not recommended as a tuning mechanism for heavily
764 loaded servers to help with overloaded or misconfigured conditions.
765 For recommended alternatives see
766 .IR tcp_max_syn_backlog ,
767 .IR tcp_synack_retries ,
769 .IR tcp_abort_on_overflow .
771 .IR tcp_timestamps " (Boolean; default: enabled; since Linux 2.2)"
773 Enable RFC\ 1323 TCP timestamps.
775 .IR tcp_tso_win_divisor " (integer; default: 3; since Linux 2.6.9)"
776 This parameter controls what percentage of the congestion window
777 can be consumed by a single TCP Segmentation Offload (TSO) frame.
778 The setting of this parameter is a tradeoff between burstiness and
779 building larger TSO frames.
781 .IR tcp_tw_recycle " (Boolean; default: disabled; since Linux 2.4)"
783 Enable fast recycling of TIME_WAIT sockets. Enabling this option is
784 not recommended for devices communicating with the general Internet
785 or using NAT (Network Address Translation). Since some NAT gateways
786 pass through IP timestamp values, one IP can appear to have
787 non-increasing timestamps. See RFC 1323 (PAWS), RFC 6191.
789 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
791 .IR tcp_tw_reuse " (Boolean; default: disabled; since Linux 2.4.19/2.6)"
792 .\" Since 2.4.19/2.5.43
793 Allow to reuse TIME_WAIT sockets for new connections when it is
794 safe from protocol viewpoint.
795 It should not be changed without advice/request of technical experts.
797 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
799 .IR tcp_vegas_cong_avoid " (Boolean; default: disabled; Linux 2.2 to 2.6.13)"
800 .\" Since 2.1.8; removed in 2.6.13
801 Enable TCP Vegas congestion avoidance algorithm.
802 TCP Vegas is a sender-side-only change to TCP that anticipates
803 the onset of congestion by estimating the bandwidth.
804 TCP Vegas adjusts the sending rate by modifying the congestion window.
805 TCP Vegas should provide less packet loss, but it is
806 not as aggressive as TCP Reno.
808 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
810 .IR tcp_westwood " (Boolean; default: disabled; Linux 2.4.26/2.6.3 to 2.6.13)"
811 Enable TCP Westwood+ congestion control algorithm.
812 TCP Westwood+ is a sender-side-only modification of the TCP Reno
813 protocol stack that optimizes the performance of TCP congestion control.
814 It is based on end-to-end bandwidth estimation to set
815 congestion window and slow start threshold after a congestion episode.
816 Using this estimation, TCP Westwood+ adaptively sets a
817 slow start threshold and a congestion window which takes into
818 account the bandwidth used at the time congestion is experienced.
819 TCP Westwood+ significantly increases fairness with respect to
820 TCP Reno in wired networks and throughput over wireless links.
822 .IR tcp_window_scaling " (Boolean; default: enabled; since Linux 2.2)"
824 Enable RFC\ 1323 TCP window scaling.
825 This feature allows the use of a large window
826 (> 64K) on a TCP connection, should the other end support it.
827 Normally, the 16 bit window length field in the TCP header
828 limits the window size to less than 64K bytes.
829 If larger windows are desired, applications can increase the size of
830 their socket buffers and the window scaling option will be employed.
832 .I tcp_window_scaling
833 is disabled, TCP will not negotiate the use of window
834 scaling with the other end during connection setup.
836 .IR tcp_wmem " (since Linux 2.4)"
837 .\" Since 2.4.0-test7
838 This is a vector of 3 integers: [min, default, max].
839 These parameters are used by TCP to regulate send buffer sizes.
840 TCP dynamically adjusts the size of the send buffer from the
841 default values listed below, in the range of these values,
842 depending on memory available.
846 Minimum size of the send buffer used by each TCP socket.
847 The default value is the system page size.
848 (On Linux 2.4, the default value is 4K bytes.)
849 This value is used to ensure that in memory pressure mode,
850 allocations below this size will still succeed.
851 This is not used to bound the size of the send buffer declared using
856 The default size of the send buffer for a TCP socket.
857 This value overwrites the initial default buffer size from
859 .I /proc/sys/net/core/wmem_default
860 defined for all protocols.
861 The default value is 16K bytes.
862 .\" True in Linux 2.4 and 2.6
863 If larger send buffer sizes are desired, this value
864 should be increased (to affect all sockets).
865 To employ large TCP windows, the
866 .I /proc/sys/net/ipv4/tcp_window_scaling
867 must be set to a nonzero value (default).
870 The maximum size of the send buffer used by each TCP socket.
871 This value does not override the value in
872 .IR /proc/sys/net/core/wmem_max .
873 This is not used to limit the size of the send buffer declared using
876 The default value is calculated using the formula
878 max(65536, min(4MB, \fItcp_mem\fP[1]*PAGE_SIZE/128))
880 (On Linux 2.4, the default value is 128K bytes,
881 lowered 64K depending on low-memory systems.)
884 .IR tcp_workaround_signed_windows " (Boolean; default: disabled; since Linux 2.6.26)"
885 If enabled, assume that no receipt of a window-scaling option means that the
886 remote TCP is broken and treats the window as a signed quantity.
887 If disabled, assume that the remote TCP is not broken even if we do
888 not receive a window scaling option from it.
890 To set or get a TCP socket option, call
894 to write the option with the option level argument set to
896 Unless otherwise noted,
900 .\" or SOL_TCP on Linux
904 socket options are valid on TCP sockets.
905 For more information see
908 .BR TCP_CONGESTION " (since Linux 2.6.13)"
909 .\" commit 5f8ef48d240963093451bcf83df89f1a1364f51d
910 .\" Author: Stephen Hemminger <shemminger@osdl.org>
911 The argument for this option is a string.
912 This option allows the caller to set the TCP congestion control
913 algorithm to be used, on a per-socket basis.
914 Unprivileged processes are restricted to choosing one of the algorithms in
915 .IR tcp_allowed_congestion_control
918 .RB ( CAP_NET_ADMIN )
919 can choose from any of the available congestion-control algorithms
920 (see the description of
921 .IR tcp_available_congestion_control
924 .BR TCP_CORK " (since Linux 2.2)"
925 .\" precisely: since 2.1.127
926 If set, don't send out partial frames.
927 All queued partial frames are sent when the option is cleared again.
928 This is useful for prepending headers before calling
930 or for throughput optimization.
931 As currently implemented, there is a 200 millisecond ceiling on the time
932 for which output is corked by
934 If this ceiling is reached, then queued data is automatically transmitted.
935 This option can be combined with
937 only since Linux 2.5.71.
938 This option should not be used in code intended to be portable.
940 .BR TCP_DEFER_ACCEPT " (since Linux 2.4)"
941 .\" Precisely: since 2.3.38
942 .\" Useful references:
943 .\" http://www.techrepublic.com/article/take-advantage-of-tcp-ip-options-to-optimize-data-transmission/
944 .\" http://unix.stackexchange.com/questions/94104/real-world-use-of-tcp-defer-accept
945 Allow a listener to be awakened only when data arrives on the socket.
946 Takes an integer value (seconds), this can
947 bound the maximum number of attempts TCP will make to
948 complete the connection.
949 This option should not be used in code intended to be portable.
951 .BR TCP_INFO " (since Linux 2.4)"
952 Used to collect information about this socket.
953 The kernel returns a \fIstruct tcp_info\fP as defined in the file
954 .IR /usr/include/linux/tcp.h .
955 This option should not be used in code intended to be portable.
957 .BR TCP_KEEPCNT " (since Linux 2.4)"
958 .\" Precisely: since 2.3.18
959 The maximum number of keepalive probes TCP should send
960 before dropping the connection.
961 This option should not be
962 used in code intended to be portable.
964 .BR TCP_KEEPIDLE " (since Linux 2.4)"
965 .\" Precisely: since 2.3.18
966 The time (in seconds) the connection needs to remain idle
967 before TCP starts sending keepalive probes, if the socket
970 has been set on this socket.
971 This option should not be used in code intended to be portable.
973 .BR TCP_KEEPINTVL " (since Linux 2.4)"
974 .\" Precisely: since 2.3.18
975 The time (in seconds) between individual keepalive probes.
976 This option should not be used in code intended to be portable.
978 .BR TCP_LINGER2 " (since Linux 2.4)"
979 .\" Precisely: since 2.3.41
980 The lifetime of orphaned FIN_WAIT2 state sockets.
981 This option can be used to override the system-wide setting in the file
982 .I /proc/sys/net/ipv4/tcp_fin_timeout
984 This is not to be confused with the
988 This option should not be used in code intended to be portable.
991 .\" Present in Linux 1.0
992 The maximum segment size for outgoing TCP packets.
993 In Linux 2.2 and earlier, and in Linux 2.6.28 and later,
994 if this option is set before connection establishment, it also
995 changes the MSS value announced to the other end in the initial packet.
996 Values greater than the (eventual) interface MTU have no effect.
998 its minimum and maximum bounds over the value provided.
1001 .\" Present in Linux 1.0
1002 If set, disable the Nagle algorithm.
1003 This means that segments
1004 are always sent as soon as possible, even if there is only a
1005 small amount of data.
1006 When not set, data is buffered until there
1007 is a sufficient amount to send out, thereby avoiding the
1008 frequent sending of small packets, which results in poor
1009 utilization of the network.
1010 This option is overridden by
1012 however, setting this option forces an explicit flush of
1013 pending output, even if
1017 .BR TCP_QUICKACK " (since Linux 2.4.4)"
1018 Enable quickack mode if set or disable quickack
1020 In quickack mode, acks are sent
1021 immediately, rather than delayed if needed in accordance
1022 to normal TCP operation.
1023 This flag is not permanent,
1024 it only enables a switch to or from quickack mode.
1025 Subsequent operation of the TCP protocol will
1026 once again enter/leave quickack mode depending on
1027 internal protocol processing and factors such as
1028 delayed ack timeouts occurring and data transfer.
1029 This option should not be used in code intended to be
1032 .BR TCP_SYNCNT " (since Linux 2.4)"
1033 .\" Precisely: since 2.3.18
1034 Set the number of SYN retransmits that TCP should send before
1035 aborting the attempt to connect.
1036 It cannot exceed 255.
1037 This option should not be used in code intended to be portable.
1039 .BR TCP_USER_TIMEOUT " (since Linux 2.6.37)"
1040 .\" commit dca43c75e7e545694a9dd6288553f55c53e2a3a3
1041 .\" Author: Jerry Chu <hkchu@google.com>
1042 .\" The following text taken nearly verbatim from Jerry Chu's (excellent)
1045 This option takes an
1048 When the value is greater than 0,
1049 it specifies the maximum amount of time in milliseconds that transmitted
1050 data may remain unacknowledged before TCP will forcibly close the
1051 corresponding connection and return
1054 If the option value is specified as 0,
1055 TCP will to use the system default.
1057 Increasing user timeouts allows a TCP connection to survive extended
1058 periods without end-to-end connectivity.
1059 Decreasing user timeouts
1060 allows applications to "fail fast", if so desired.
1061 Otherwise, failure may take up to 20 minutes with
1062 the current system defaults in a normal WAN environment.
1064 This option can be set during any state of a TCP connection,
1065 but is effective only during the synchronized states of a connection
1066 (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, and LAST-ACK).
1067 Moreover, when used with the TCP keepalive
1068 .RB ( SO_KEEPALIVE )
1071 will override keepalive to determine when to close a
1072 connection due to keepalive failure.
1074 The option has no effect on when TCP retransmits a packet,
1075 nor when a keepalive probe is sent.
1077 This option, like many others, will be inherited by the socket returned by
1079 if it was set on the listening socket.
1081 Further details on the user timeout feature can be found in
1082 RFC\ 793 and RFC\ 5482 ("TCP User Timeout Option").
1084 .BR TCP_WINDOW_CLAMP " (since Linux 2.4)"
1085 .\" Precisely: since 2.3.41
1086 Bound the size of the advertised window to this value.
1087 The kernel imposes a minimum size of SOCK_MIN_RCVBUF/2.
1088 This option should not be used in code intended to be
1091 TCP provides limited support for out-of-band data,
1092 in the form of (a single byte of) urgent data.
1093 In Linux this means if the other end sends newer out-of-band
1094 data the older urgent data is inserted as normal data into
1095 the stream (even when
1098 This differs from BSD-based stacks.
1100 Linux uses the BSD compatible interpretation of the urgent
1101 pointer field by default.
1102 This violates RFC\ 1122, but is
1103 required for interoperability with other stacks.
1104 It can be changed via
1105 .IR /proc/sys/net/ipv4/tcp_stdurg .
1107 It is possible to peek at out-of-band data using the
1112 Since version 2.4, Linux supports the use of
1120 This flag causes the received bytes of data to be discarded,
1121 rather than passed back in a caller-supplied buffer.
1124 also has this effect when used in conjunction with
1126 to receive out-of-band data.
1130 calls return information in
1132 The correct syntax is:
1137 .IB error " = ioctl(" tcp_socket ", " ioctl_type ", &" value ");"
1142 is one of the following:
1145 Returns the amount of queued unread data in the receive buffer.
1146 The socket must not be in LISTEN state, otherwise an error
1151 .IR <linux/sockios.h> .
1152 .\" FIXME http://sources.redhat.com/bugzilla/show_bug.cgi?id=12002,
1153 .\" filed 2010-09-10, may cause SIOCINQ to be defined in glibc headers
1155 you can use the synonymous
1163 is nonzero) if the inbound data stream is at the urgent mark.
1167 socket option is set, and
1169 returns true, then the
1170 next read from the socket will return the urgent data.
1173 socket option is not set, and
1175 returns true, then the
1176 next read from the socket will return the bytes following
1177 the urgent data (to actually read the urgent data requires the
1181 Note that a read never reads across the urgent mark.
1182 If an application is informed of the presence of urgent data via
1186 argument) or through delivery of a
1189 then it can advance up to the mark using a loop which repeatedly tests
1191 and performs a read (requesting any number of bytes) as long as
1196 Returns the amount of unsent data in the socket send queue.
1197 The socket must not be in LISTEN state, otherwise an error
1202 .IR <linux/sockios.h> .
1203 .\" FIXME . http://sources.redhat.com/bugzilla/show_bug.cgi?id=12002,
1204 .\" filed 2010-09-10, may cause SIOCOUTQ to be defined in glibc headers
1206 you can use the synonymous
1211 When a network error occurs, TCP tries to resend the packet.
1212 If it doesn't succeed after some time, either
1214 or the last received error on this connection is reported.
1216 Some applications require a quicker error notification.
1217 This can be enabled with the
1222 When this option is enabled, all incoming
1223 errors are immediately passed to the user program.
1224 Use this option with care \(em it makes TCP less tolerant to routing
1225 changes and other normal network conditions.
1229 Passed socket address type in
1235 The other end closed the socket unexpectedly or a read is
1236 executed on a shut down socket.
1239 The other end didn't acknowledge retransmitted data after some time.
1241 Any errors defined for
1243 or the generic socket layer may also be returned for TCP.
1245 Support for Explicit Congestion Notification, zero-copy
1247 reordering support and some SACK extensions
1248 (DSACK) were introduced in 2.4.
1249 Support for forward acknowledgement (FACK), TIME_WAIT recycling,
1250 and per-connection keepalive socket options were introduced in 2.3.
1252 Not all errors are documented.
1254 IPv6 is not described.
1255 .\" Only a single Linux kernel version is described
1256 .\" Info for 2.2 was lost. Should be added again,
1257 .\" or put into a separate page.
1259 .\" This man page was originally written by Andi Kleen.
1260 .\" It was updated for 2.4 by Nivedita Singhvi with input from
1261 .\" Alexey Kuznetsov's Documentation/networking/ip-sysctl.txt
1276 RFC\ 793 for the TCP specification.
1278 RFC\ 1122 for the TCP requirements and a description of the Nagle algorithm.
1280 RFC\ 1323 for TCP timestamp and window scaling options.
1282 RFC\ 1337 for a description of TIME_WAIT assassination hazards.
1284 RFC\ 3168 for a description of Explicit Congestion Notification.
1286 RFC\ 2581 for TCP congestion control algorithms.
1288 RFC\ 2018 and RFC\ 2883 for SACK and extensions to SACK.
1290 This page is part of release 3.79 of the Linux
1293 A description of the project,
1294 information about reporting bugs,
1295 and the latest version of this page,
1297 \%http://www.kernel.org/doc/man\-pages/.