1 .\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
3 .\" %%%LICENSE_START(VERBATIM_ONE_PARA)
4 .\" Permission is granted to distribute possibly modified copies
5 .\" of this page provided the header is included verbatim,
6 .\" and in case of nontrivial modification author and date
7 .\" of the modification is added to the header.
10 .\" 2.4 Updates by Nivedita Singhvi 4/20/02 <nivedita@us.ibm.com>.
11 .\" Modified, 2004-11-11, Michael Kerrisk and Andries Brouwer
12 .\" Updated details of interaction of TCP_CORK and TCP_NODELAY.
14 .\" 2008-11-21, mtk, many, many updates.
15 .\" The descriptions of /proc files and socket options should now
16 .\" be more or less up to date and complete as at Linux 2.6.27
17 .\" (other than the remaining FIXMEs in the page source below).
19 .\" FIXME The following need to be documented
20 .\" TCP_CONGESTION (new in 2.6.13)
21 .\" commit 5f8ef48d240963093451bcf83df89f1a1364f51d
22 .\" Author: Stephen Hemminger <shemminger@osdl.org>
23 .\" TCP_MD5SIG (2.6.20)
24 .\" commit cfb6eeb4c860592edd123fdea908d23c6ad1c7dc
25 .\" Author was yoshfuji@linux-ipv6.org
26 .\" Needs CONFIG_TCP_MD5SIG
27 .\" From net/inet/Kconfig
28 .\" bool "TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL)"
29 .\" RFC2385 specifies a method of giving MD5 protection to TCP sessions.
30 .\" Its main (only?) use is to protect BGP sessions between core routers
33 .\" There is a TCP_MD5SIG option documented in FreeBSD's tcp(4),
34 .\" but probably many details are different on Linux
35 .\" http://thread.gmane.org/gmane.linux.network/47490
36 .\" http://www.daemon-systems.org/man/tcp.4.html
37 .\" http://article.gmane.org/gmane.os.netbsd.devel.network/3767/match=tcp_md5sig+freebsd
38 .\" TCP_COOKIE_TRANSACTIONS (2.6.33)
39 .\" commit 519855c508b9a17878c0977a3cdefc09b59b30df
40 .\" Author: William Allen Simpson <william.allen.simpson@gmail.com>
41 .\" commit e56fb50f2b7958b931c8a2fc0966061b3f3c8f3a
42 .\" Author: William Allen Simpson <william.allen.simpson@gmail.com>
43 .\" TCP_THIN_LINEAR_TIMEOUTS (2.6.34)
44 .\" commit 36e31b0af58728071e8023cf8e20c5166b700717
45 .\" Author: Andreas Petlund <apetlund@simula.no>
46 .\" TCP_THIN_DUPACK (2..6.34)
47 .\" commit 7e38017557bc0b87434d184f8804cadb102bb903
48 .\" Author: Andreas Petlund <apetlund@simula.no>
49 .\" TCP_USER_TIMEOUT (new in 2.6.37)
50 .\" Author: Jerry Chu <hkchu@google.com>
51 .\" commit dca43c75e7e545694a9dd6288553f55c53e2a3a3
53 .\" commit ee9952831cfd0bbe834f4a26489d7dce74582e37
54 .\" Author: Pavel Emelyanov <xemul@parallels.com>
55 .\" TCP_REPAIR_QUEUE (3.5)
56 .\" commit ee9952831cfd0bbe834f4a26489d7dce74582e37
57 .\" Author: Pavel Emelyanov <xemul@parallels.com>
58 .\" TCP_QUEUE_SEQ (3.5)
59 .\" commit ee9952831cfd0bbe834f4a26489d7dce74582e37
60 .\" Author: Pavel Emelyanov <xemul@parallels.com>
61 .\" TCP_REPAIR_OPTIONS (3.5)
62 .\" commit b139ba4e90dccbf4cd4efb112af96a5c9e0b098c
63 .\" Author: Pavel Emelyanov <xemul@parallels.com>
65 .TH TCP 7 2012-04-23 "Linux" "Linux Programmer's Manual"
69 .B #include <sys/socket.h>
71 .B #include <netinet/in.h>
73 .B #include <netinet/tcp.h>
75 .B tcp_socket = socket(AF_INET, SOCK_STREAM, 0);
77 This is an implementation of the TCP protocol defined in
78 RFC\ 793, RFC\ 1122 and RFC\ 2001 with the NewReno and SACK
80 It provides a reliable, stream-oriented,
81 full-duplex connection between two sockets on top of
83 for both v4 and v6 versions.
84 TCP guarantees that the data arrives in order and
85 retransmits lost packets.
86 It generates and checks a per-packet checksum to catch
88 TCP does not preserve record boundaries.
90 A newly created TCP socket has no remote or local address and is not
92 To create an outgoing TCP connection use
94 to establish a connection to another TCP socket.
95 To receive new incoming connections, first
97 the socket to a local address and port and then call
99 to put the socket into the listening state.
100 After that a new socket for each incoming connection can be accepted using
102 A socket which has had
106 successfully called on it is fully specified and may transmit data.
107 Data cannot be transmitted on listening or not yet connected sockets.
109 Linux supports RFC\ 1323 TCP high performance
111 These include Protection Against Wrapped
112 Sequence Numbers (PAWS), Window Scaling and Timestamps.
113 Window scaling allows the use
114 of large (> 64K) TCP windows in order to support links with high
115 latency or bandwidth.
116 To make use of them, the send and receive buffer sizes must be increased.
117 They can be set globally with the
118 .I /proc/sys/net/ipv4/tcp_wmem
120 .I /proc/sys/net/ipv4/tcp_rmem
121 files, or on individual sockets by using the
125 socket options with the
129 The maximum sizes for socket buffers declared via the
133 mechanisms are limited by the values in the
134 .I /proc/sys/net/core/rmem_max
136 .I /proc/sys/net/core/wmem_max
138 Note that TCP actually allocates twice the size of
139 the buffer requested in the
141 call, and so a succeeding
143 call will not return the same size of buffer as requested in the
146 TCP uses the extra space for administrative purposes and internal
147 kernel structures, and the
149 file values reflect the
150 larger sizes compared to the actual TCP windows.
151 On individual connections, the socket buffer size must be set prior to the
155 calls in order to have it take effect.
158 for more information.
160 TCP supports urgent data.
161 Urgent data is used to signal the
162 receiver that some important message is part of the data
163 stream and that it should be processed as soon as possible.
164 To send urgent data specify the
168 When urgent data is received, the kernel sends a
170 signal to the process or process group that has been set as the
171 socket "owner" using the
175 ioctls (or the POSIX.1-2001-specified
181 socket option is enabled, urgent data is put into the normal
182 data stream (a program can test for its location using the
184 ioctl described below),
185 otherwise it can be received only when the
192 Linux 2.4 introduced a number of changes for improved
193 throughput and scaling, as well as enhanced functionality.
194 Some of these features include support for zero-copy
196 Explicit Congestion Notification, new
197 management of TIME_WAIT sockets, keep-alive socket options
198 and support for Duplicate SACK extensions.
200 TCP is built on top of IP (see
202 The address formats defined by
205 TCP supports point-to-point communication only;
206 broadcasting and multicasting are not
209 System-wide TCP parameter settings can be accessed by files in the directory
210 .IR /proc/sys/net/ipv4/ .
213 interfaces also apply to TCP; see
215 Variables described as
217 take an integer value, with a nonzero value ("true") meaning that
218 the corresponding option is enabled, and a zero value ("false")
219 meaning that the option is disabled.
221 .IR tcp_abc " (Integer; default: 0; since Linux 2.6.15)"
222 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
223 Control the Appropriate Byte Count (ABC), defined in RFC 3465.
224 ABC is a way of increasing the congestion window
226 more slowly in response to partial acknowledgments.
232 once per acknowledgment (no ABC)
236 once per acknowledgment of full sized segment
240 by two if acknowledgment is
241 of two segments to compensate for delayed acknowledgments.
244 .IR tcp_abort_on_overflow " (Boolean; default: disabled; since Linux 2.4)"
246 Enable resetting connections if the listening service is too
247 slow and unable to keep up and accept them.
248 It means that if overflow occurred due
249 to a burst, the connection will recover.
252 if you are really sure that the listening daemon
253 cannot be tuned to accept connections faster.
254 Enabling this option can harm the clients of your server.
256 .IR tcp_adv_win_scale " (integer; default: 2; since Linux 2.4)"
257 .\" Since 2.4.0-test7
258 Count buffering overhead as
259 .IR "bytes/2^tcp_adv_win_scale" ,
262 is greater than 0; or
263 .IR "bytes-bytes/2^(\-tcp_adv_win_scale)" ,
266 is less than or equal to zero.
268 The socket receive buffer space is shared between the
269 application and kernel.
270 TCP maintains part of the buffer as
271 the TCP window, this is the size of the receive window
272 advertised to the other end.
273 The rest of the space is used
274 as the "application" buffer, used to isolate the network
275 from scheduling and application latencies.
278 default value of 2 implies that the space
279 used for the application buffer is one fourth that of the total.
281 .IR tcp_allowed_congestion_control " (String; default: see text; since Linux 2.4.20)"
282 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
283 Show/set the congestion control algorithm choices available to unprivileged
284 processes (see the description of the
287 The list is a subset of those listed in
288 .IR tcp_available_congestion_control .
289 .\" FIXME How are the items in this delimited? Null bytes, spaces, commas?
290 The default value for this list is "reno" plus the default setting of
291 .IR tcp_congestion_control .
293 .IR tcp_available_congestion_control " (String; read-only; since Linux 2.4.20)"
294 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
295 Show a list of the congestion-control algorithms
297 .\" FIXME How are the items in this delimited? Null bytes, spaces, commas?
298 This list is a limiting set for the list in
299 .IR tcp_allowed_congestion_control .
300 More congestion-control algorithms may be available as modules,
303 .IR tcp_app_win " (integer; default: 31; since Linux 2.4)"
304 .\" Since 2.4.0-test7
305 This variable defines how many
306 bytes of the TCP window are reserved for buffering overhead.
308 A maximum of (\fIwindow/2^tcp_app_win\fP, mss) bytes in the window
309 are reserved for the application buffer.
310 A value of 0 implies that no amount is reserved.
312 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
314 .IR tcp_base_mss " (Integer; default: 512; since Linux 2.6.17)
317 to be used by the packetization layer Path MTU discovery (MTU probing).
318 If MTU probing is enabled,
319 this is the initial MSS used by the connection.
321 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
323 .IR tcp_bic " (Boolean; default: disabled; Linux 2.4.27/2.6.6 to 2.6.13)"
324 Enable BIC TCP congestion control algorithm.
325 BIC-TCP is a sender-side only change that ensures a linear RTT
326 fairness under large windows while offering both scalability and
327 bounded TCP-friendliness.
328 The protocol combines two schemes
329 called additive increase and binary search increase.
330 When the congestion window is large, additive increase with a large
331 increment ensures linear RTT fairness as well as good scalability.
332 Under small congestion windows, binary search
333 increase provides TCP friendliness.
335 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
337 .IR tcp_bic_low_window " (integer; default: 14; Linux 2.4.27/2.6.6 to 2.6.13)"
338 Set the threshold window (in packets) where BIC TCP starts to
339 adjust the congestion window.
340 Below this threshold BIC TCP behaves the same as the default TCP Reno.
342 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
344 .IR tcp_bic_fast_convergence " (Boolean; default: enabled; Linux 2.4.27/2.6.6 to 2.6.13)"
345 Force BIC TCP to more quickly respond to changes in congestion window.
346 Allows two flows sharing the same connection to converge more rapidly.
348 .IR tcp_congestion_control " (String; default: see text; since Linux 2.4.13)"
349 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
350 Set the default congestion-control algorithm to be used for new connections.
351 The algorithm "reno" is always available,
352 but additional choices may be available depending on kernel configuration.
353 The default value for this file is set as part of kernel configuration.
355 .IR tcp_dma_copybreak " (integer; default: 4096; since Linux 2.6.24)"
356 Lower limit, in bytes, of the size of socket reads that will be
357 offloaded to a DMA copy engine, if one is present in the system
358 and the kernel was configured with the
362 .IR tcp_dsack " (Boolean; default: enabled; since Linux 2.4)"
363 .\" Since 2.4.0-test7
364 Enable RFC\ 2883 TCP Duplicate SACK support.
366 .IR tcp_ecn " (Boolean; default: disabled; since Linux 2.4)"
367 .\" Since 2.4.0-test7
368 Enable RFC\ 2884 Explicit Congestion Notification.
369 When enabled, connectivity to some
370 destinations could be affected due to older, misbehaving
371 routers along the path causing connections to be dropped.
373 .IR tcp_fack " (Boolean; default: enabled; since Linux 2.2)"
375 Enable TCP Forward Acknowledgement support.
377 .IR tcp_fin_timeout " (integer; default: 60; since Linux 2.2)"
379 This specifies how many seconds to wait for a final FIN packet before the
380 socket is forcibly closed.
381 This is strictly a violation of the TCP specification,
382 but required to prevent denial-of-service attacks.
383 In Linux 2.2, the default value was 180.
385 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
387 .IR tcp_frto " (integer; default: 0; since Linux 2.4.21/2.6)"
388 .\" Since 2.4.21/2.5.43
389 Enable F-RTO, an enhanced recovery algorithm for TCP retransmission
391 It is particularly beneficial in wireless environments
392 where packet loss is typically due to random radio interference
393 rather than intermediate router congestion.
394 See RFC 4138 for more details.
396 This file can have one of the following values:
401 The basic version F-RTO algorithm is enabled.
403 Enable SACK-enhanced F-RTO if flow uses SACK.
404 The basic version can be used also when
405 SACK is in use though in that case scenario(s) exists where F-RTO
406 interacts badly with the packet counting of the SACK-enabled TCP flow.
409 Before Linux 2.6.22, this parameter was a Boolean value,
410 supporting just values 0 and 1 above.
412 .IR tcp_frto_response " (integer; default: 0; since Linux 2.6.22)"
413 When F-RTO has detected that a TCP retransmission timeout was spurious
414 (i.e, the timeout would have been avoided had TCP set a
415 longer retransmission timeout),
416 TCP has several options concerning what to do next.
420 Rate halving based; a smooth and conservative response,
421 results in halved congestion window
423 and slow-start threshold
427 Very conservative response; not recommended because even
428 though being valid, it interacts poorly with the rest of Linux TCP; halves
434 Aggressive response; undoes congestion-control measures
435 that are now known to be unnecessary
436 (ignoring the possibility of a lost retransmission that would require
437 TCP to be more cautious);
441 are restored to the values prior to timeout.
444 .IR tcp_keepalive_intvl " (integer; default: 75; since Linux 2.4)"
446 The number of seconds between TCP keep-alive probes.
448 .IR tcp_keepalive_probes " (integer; default: 9; since Linux 2.2)"
450 The maximum number of TCP keep-alive probes to send
451 before giving up and killing the connection if
452 no response is obtained from the other end.
454 .IR tcp_keepalive_time " (integer; default: 7200; since Linux 2.2)"
456 The number of seconds a connection needs to be idle
457 before TCP begins sending out keep-alive probes.
458 Keep-alives are sent only when the
460 socket option is enabled.
461 The default value is 7200 seconds (2 hours).
462 An idle connection is terminated after
463 approximately an additional 11 minutes (9 probes an interval
464 of 75 seconds apart) when keep-alive is enabled.
466 Note that underlying connection tracking mechanisms and
467 application timeouts may be much shorter.
469 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
471 .IR tcp_low_latency " (Boolean; default: disabled; since Linux 2.4.21/2.6)"
472 .\" Since 2.4.21/2.5.60
473 If enabled, the TCP stack makes decisions that prefer lower
474 latency as opposed to higher throughput.
475 It this option is disabled, then higher throughput is preferred.
476 An example of an application where this default should be
477 changed would be a Beowulf compute cluster.
479 .IR tcp_max_orphans " (integer; default: see below; since Linux 2.4)"
481 The maximum number of orphaned (not attached to any user file
482 handle) TCP sockets allowed in the system.
483 When this number is exceeded,
484 the orphaned connection is reset and a warning is printed.
485 This limit exists only to prevent simple denial-of-service attacks.
486 Lowering this limit is not recommended.
487 Network conditions might require you to increase the number of
488 orphans allowed, but note that each orphan can eat up to ~64K
489 of unswappable memory.
490 The default initial value is set equal to the kernel parameter NR_FILE.
491 This initial default is adjusted depending on the memory in the system.
493 .IR tcp_max_syn_backlog " (integer; default: see below; since Linux 2.2)"
495 The maximum number of queued connection requests which have
496 still not received an acknowledgement from the connecting client.
497 If this number is exceeded, the kernel will begin
499 The default value of 256 is increased to
500 1024 when the memory present in the system is adequate or
501 greater (>= 128Mb), and reduced to 128 for those systems with
502 very low memory (<= 32Mb).
503 It is recommended that if this
504 needs to be increased above 1024, TCP_SYNQ_HSIZE in
507 TCP_SYNQ_HSIZE*16<=tcp_max_syn_backlog, and the kernel be
510 .IR tcp_max_tw_buckets " (integer; default: see below; since Linux 2.4)"
512 The maximum number of sockets in TIME_WAIT state allowed in
514 This limit exists only to prevent simple denial-of-service attacks.
515 The default value of NR_FILE*2 is adjusted
516 depending on the memory in the system.
518 exceeded, the socket is closed and a warning is printed.
520 .IR tcp_moderate_rcvbuf " (Boolean; default: enabled; since Linux 2.4.17/2.6.7)"
521 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
522 If enabled, TCP performs receive buffer auto-tuning,
523 attempting to automatically size the buffer (no greater than
525 to match the size required by the path for full throughput.
527 .IR tcp_mem " (since Linux 2.4)
528 .\" Since 2.4.0-test7
529 This is a vector of 3 integers: [low, pressure, high].
530 These bounds, measured in units of the system page size,
531 are used by TCP to track its memory usage.
532 The defaults are calculated at boot time from the amount of
536 for this, which is limited to around 900 megabytes on 32-bit systems.
537 64-bit systems do not suffer this limitation.)
541 TCP doesn't regulate its memory allocation when the number
542 of pages it has allocated globally is below this number.
545 When the amount of memory allocated by TCP
546 exceeds this number of pages, TCP moderates its memory consumption.
547 This memory pressure state is exited
548 once the number of pages allocated falls below
554 The maximum number of pages, globally, that TCP will allocate.
555 This value overrides any other limits imposed by the kernel.
558 .IR tcp_mtu_probing " (integer; default: 0; since Linux 2.6.17)"
559 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
560 This parameter controls TCP Packetization-Layer Path MTU Discovery.
561 The following values may be assigned to the file:
566 Disabled by default, enabled when an ICMP black hole detected
568 Always enabled, use initial MSS of
572 .IR tcp_no_metrics_save " (Boolean; default: disabled; since Linux 2.6.6)"
573 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
574 By default, TCP saves various connection metrics in the route cache
575 when the connection closes, so that connections established in the
576 near future can use these to set initial conditions.
577 Usually, this increases overall performance,
578 but it may sometimes cause performance degradation.
580 .I tcp_no_metrics_save
581 is enabled, TCP will not cache metrics on closing connections.
583 .IR tcp_orphan_retries " (integer; default: 8; since Linux 2.4)"
585 The maximum number of attempts made to probe the other
586 end of a connection which has been closed by our end.
588 .IR tcp_reordering " (integer; default: 3; since Linux 2.4)"
589 .\" Since 2.4.0-test7
590 The maximum a packet can be reordered in a TCP packet stream
591 without TCP assuming packet loss and going into slow start.
592 It is not advisable to change this number.
593 This is a packet reordering detection metric designed to
594 minimize unnecessary back off and retransmits provoked by
595 reordering of packets on a connection.
597 .IR tcp_retrans_collapse " (Boolean; default: enabled; since Linux 2.2)"
599 Try to send full-sized packets during retransmit.
601 .IR tcp_retries1 " (integer; default: 3; since Linux 2.2)"
603 The number of times TCP will attempt to retransmit a
604 packet on an established connection normally,
605 without the extra effort of getting the network layers involved.
606 Once we exceed this number of
607 retransmits, we first have the network layer
608 update the route if possible before each new retransmit.
609 The default is the RFC specified minimum of 3.
611 .IR tcp_retries2 " (integer; default: 15; since Linux 2.2)"
613 The maximum number of times a TCP packet is retransmitted
614 in established state before giving up.
615 The default value is 15, which corresponds to a duration of
616 approximately between 13 to 30 minutes, depending
617 on the retransmission timeout.
618 The RFC\ 1122 specified
619 minimum limit of 100 seconds is typically deemed too short.
621 .IR tcp_rfc1337 " (Boolean; default: disabled; since Linux 2.2)"
623 Enable TCP behavior conformant with RFC\ 1337.
625 if a RST is received in TIME_WAIT state, we close
626 the socket immediately without waiting for the end
627 of the TIME_WAIT period.
629 .IR tcp_rmem " (since Linux 2.4)"
630 .\" Since 2.4.0-test7
631 This is a vector of 3 integers: [min, default, max].
632 These parameters are used by TCP to regulate receive buffer sizes.
633 TCP dynamically adjusts the size of the
634 receive buffer from the defaults listed below, in the range
635 of these values, depending on memory available in the system.
639 minimum size of the receive buffer used by each TCP socket.
640 The default value is the system page size.
641 (On Linux 2.4, the default value is 4K, lowered to
643 bytes in low-memory systems.)
645 is used to ensure that in memory pressure mode,
646 allocations below this size will still succeed.
648 used to bound the size of the receive buffer declared
654 the default size of the receive buffer for a TCP socket.
655 This value overwrites the initial default buffer size from
657 .I net.core.rmem_default
658 defined for all protocols.
659 The default value is 87380 bytes.
660 (On Linux 2.4, this will be lowered to 43689 in low-memory systems.)
661 If larger receive buffer sizes are desired, this value should
662 be increased (to affect all sockets).
663 To employ large TCP windows, the
664 .I net.ipv4.tcp_window_scaling
665 must be enabled (default).
668 the maximum size of the receive buffer used by each TCP socket.
669 This value does not override the global
670 .IR net.core.rmem_max .
671 This is not used to limit the size of the receive buffer declared using
674 The default value is calculated using the formula
676 max(87380, min(4MB, \fItcp_mem\fP[1]*PAGE_SIZE/128))
678 (On Linux 2.4, the default is 87380*2 bytes,
679 lowered to 87380 in low-memory systems).
682 .IR tcp_sack " (Boolean; default: enabled; since Linux 2.2)"
684 Enable RFC\ 2018 TCP Selective Acknowledgements.
686 .IR tcp_slow_start_after_idle " (Boolean; default: enabled; since Linux 2.6.18)"
687 .\" The following is from 2.6.28-rc4: Documentation/networking/ip-sysctl.txt
688 If enabled, provide RFC 2861 behavior and time out the congestion
689 window after an idle period.
690 An idle period is defined as the current RTO (retransmission timeout).
691 If disabled, the congestion window will not
692 be timed out after an idle period.
694 .IR tcp_stdurg " (Boolean; default: disabled; since Linux 2.2)"
696 If this option is enabled, then use the RFC\ 1122 interpretation
697 of the TCP urgent-pointer field.
698 .\" RFC 793 was ambiguous in its specification of the meaning of the
699 .\" urgent pointer. RFC 1122 (and RFC 961) fixed on a particular
700 .\" resolution of this ambiguity (unfortunately the "wrong" one).
701 According to this interpretation, the urgent pointer points
702 to the last byte of urgent data.
703 If this option is disabled, then use the BSD-compatible interpretation of
705 the urgent pointer points to the first byte after the urgent data.
706 Enabling this option may lead to interoperability problems.
708 .IR tcp_syn_retries " (integer; default: 5; since Linux 2.2)"
710 The maximum number of times initial SYNs for an active TCP
711 connection attempt will be retransmitted.
712 This value should not be higher than 255.
713 The default value is 5, which corresponds to approximately 180 seconds.
715 .IR tcp_synack_retries " (integer; default: 5; since Linux 2.2)"
717 The maximum number of times a SYN/ACK segment
718 for a passive TCP connection will be retransmitted.
719 This number should not be higher than 255.
721 .IR tcp_syncookies " (Boolean; since Linux 2.2)"
723 Enable TCP syncookies.
724 The kernel must be compiled with
725 .BR CONFIG_SYN_COOKIES .
726 Send out syncookies when the syn backlog queue of a socket overflows.
727 The syncookies feature attempts to protect a
728 socket from a SYN flood attack.
729 This should be used as a last resort, if at all.
730 This is a violation of the TCP protocol,
731 and conflicts with other areas of TCP such as TCP extensions.
732 It can cause problems for clients and relays.
733 It is not recommended as a tuning mechanism for heavily
734 loaded servers to help with overloaded or misconfigured conditions.
735 For recommended alternatives see
736 .IR tcp_max_syn_backlog ,
737 .IR tcp_synack_retries ,
739 .IR tcp_abort_on_overflow .
741 .IR tcp_timestamps " (Boolean; default: enabled; since Linux 2.2)"
743 Enable RFC\ 1323 TCP timestamps.
745 .IR tcp_tso_win_divisor " (integer; default: 3; since Linux 2.6.9)"
746 This parameter controls what percentage of the congestion window
747 can be consumed by a single TCP Segmentation Offload (TSO) frame.
748 The setting of this parameter is a tradeoff between burstiness and
749 building larger TSO frames.
751 .IR tcp_tw_recycle " (Boolean; default: disabled; since Linux 2.4)"
753 Enable fast recycling of TIME_WAIT sockets.
754 Enabling this option is not
755 recommended since this causes problems when working
756 with NAT (Network Address Translation).
758 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
760 .IR tcp_tw_reuse " (Boolean; default: disabled; since Linux 2.4.19/2.6)"
761 .\" Since 2.4.19/2.5.43
762 Allow to reuse TIME_WAIT sockets for new connections when it is
763 safe from protocol viewpoint.
764 It should not be changed without advice/request of technical experts.
766 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
768 .IR tcp_vegas_cong_avoid " (Boolean; default: disabled; Linux 2.2 to 2.6.13)"
769 .\" Since 2.1.8; removed in 2.6.13
770 Enable TCP Vegas congestion avoidance algorithm.
771 TCP Vegas is a sender-side only change to TCP that anticipates
772 the onset of congestion by estimating the bandwidth.
773 TCP Vegas adjusts the sending rate by modifying the congestion window.
774 TCP Vegas should provide less packet loss, but it is
775 not as aggressive as TCP Reno.
777 .\" The following is from 2.6.12: Documentation/networking/ip-sysctl.txt
779 .IR tcp_westwood " (Boolean; default: disabled; Linux 2.4.26/2.6.3 to 2.6.13)"
780 Enable TCP Westwood+ congestion control algorithm.
781 TCP Westwood+ is a sender-side only modification of the TCP Reno
782 protocol stack that optimizes the performance of TCP congestion control.
783 It is based on end-to-end bandwidth estimation to set
784 congestion window and slow start threshold after a congestion episode.
785 Using this estimation, TCP Westwood+ adaptively sets a
786 slow start threshold and a congestion window which takes into
787 account the bandwidth used at the time congestion is experienced.
788 TCP Westwood+ significantly increases fairness with respect to
789 TCP Reno in wired networks and throughput over wireless links.
791 .IR tcp_window_scaling " (Boolean; default: enabled; since Linux 2.2)"
793 Enable RFC\ 1323 TCP window scaling.
794 This feature allows the use of a large window
795 (> 64K) on a TCP connection, should the other end support it.
796 Normally, the 16 bit window length field in the TCP header
797 limits the window size to less than 64K bytes.
798 If larger windows are desired, applications can increase the size of
799 their socket buffers and the window scaling option will be employed.
801 .I tcp_window_scaling
802 is disabled, TCP will not negotiate the use of window
803 scaling with the other end during connection setup.
805 .IR tcp_wmem " (since Linux 2.4)"
806 .\" Since 2.4.0-test7
807 This is a vector of 3 integers: [min, default, max].
808 These parameters are used by TCP to regulate send buffer sizes.
809 TCP dynamically adjusts the size of the send buffer from the
810 default values listed below, in the range of these values,
811 depending on memory available.
815 Minimum size of the send buffer used by each TCP socket.
816 The default value is the system page size.
817 (On Linux 2.4, the default value is 4K bytes.)
818 This value is used to ensure that in memory pressure mode,
819 allocations below this size will still succeed.
820 This is not used to bound the size of the send buffer declared using
825 The default size of the send buffer for a TCP socket.
826 This value overwrites the initial default buffer size from
828 .I /proc/sys/net/core/wmem_default
829 defined for all protocols.
830 The default value is 16K bytes.
831 .\" True in Linux 2.4 and 2.6
832 If larger send buffer sizes are desired, this value
833 should be increased (to affect all sockets).
834 To employ large TCP windows, the
835 .I /proc/sys/net/ipv4/tcp_window_scaling
836 must be set to a nonzero value (default).
839 The maximum size of the send buffer used by each TCP socket.
840 This value does not override the value in
841 .IR /proc/sys/net/core/wmem_max .
842 This is not used to limit the size of the send buffer declared using
845 The default value is calculated using the formula
847 max(65536, min(4MB, \fItcp_mem\fP[1]*PAGE_SIZE/128))
849 (On Linux 2.4, the default value is 128K bytes,
850 lowered 64K depending on low-memory systems.)
853 .IR tcp_workaround_signed_windows " (Boolean; default: disabled; since Linux 2.6.26)"
854 If enabled, assume that no receipt of a window-scaling option means that the
855 remote TCP is broken and treats the window as a signed quantity.
856 If disabled, assume that the remote TCP is not broken even if we do
857 not receive a window scaling option from it.
859 To set or get a TCP socket option, call
863 to write the option with the option level argument set to
865 .\" or SOL_TCP on Linux
869 socket options are valid on TCP sockets.
870 For more information see
873 .BR TCP_CORK " (since Linux 2.2)"
874 .\" precisely: since 2.1.127
875 If set, don't send out partial frames.
876 All queued partial frames are sent when the option is cleared again.
877 This is useful for prepending headers before calling
879 or for throughput optimization.
880 As currently implemented, there is a 200 millisecond ceiling on the time
881 for which output is corked by
883 If this ceiling is reached, then queued data is automatically transmitted.
884 This option can be combined with
886 only since Linux 2.5.71.
887 This option should not be used in code intended to be portable.
889 .BR TCP_DEFER_ACCEPT " (since Linux 2.4)"
890 .\" Precisely: since 2.3.38
891 Allow a listener to be awakened only when data arrives on the socket.
892 Takes an integer value (seconds), this can
893 bound the maximum number of attempts TCP will make to
894 complete the connection.
895 This option should not be used in code intended to be portable.
897 .BR TCP_INFO " (since Linux 2.4)"
898 Used to collect information about this socket.
899 The kernel returns a \fIstruct tcp_info\fP as defined in the file
900 .IR /usr/include/linux/tcp.h .
901 This option should not be used in code intended to be portable.
903 .BR TCP_KEEPCNT " (since Linux 2.4)"
904 .\" Precisely: since 2.3.18
905 The maximum number of keepalive probes TCP should send
906 before dropping the connection.
907 This option should not be
908 used in code intended to be portable.
910 .BR TCP_KEEPIDLE " (since Linux 2.4)"
911 .\" Precisely: since 2.3.18
912 The time (in seconds) the connection needs to remain idle
913 before TCP starts sending keepalive probes, if the socket
916 has been set on this socket.
917 This option should not be used in code intended to be portable.
919 .BR TCP_KEEPINTVL " (since Linux 2.4)"
920 .\" Precisely: since 2.3.18
921 The time (in seconds) between individual keepalive probes.
922 This option should not be used in code intended to be portable.
924 .BR TCP_LINGER2 " (since Linux 2.4)"
925 .\" Precisely: since 2.3.41
926 The lifetime of orphaned FIN_WAIT2 state sockets.
927 This option can be used to override the system-wide setting in the file
928 .I /proc/sys/net/ipv4/tcp_fin_timeout
930 This is not to be confused with the
934 This option should not be used in code intended to be portable.
937 .\" Present in Linux 1.0
938 The maximum segment size for outgoing TCP packets.
939 In Linux 2.2 and earlier, and in Linux 2.6.28 and later,
940 if this option is set before connection establishment, it also
941 changes the MSS value announced to the other end in the initial packet.
942 Values greater than the (eventual) interface MTU have no effect.
944 its minimum and maximum bounds over the value provided.
947 .\" Present in Linux 1.0
948 If set, disable the Nagle algorithm.
949 This means that segments
950 are always sent as soon as possible, even if there is only a
951 small amount of data.
952 When not set, data is buffered until there
953 is a sufficient amount to send out, thereby avoiding the
954 frequent sending of small packets, which results in poor
955 utilization of the network.
956 This option is overridden by
958 however, setting this option forces an explicit flush of
959 pending output, even if
963 .BR TCP_QUICKACK " (since Linux 2.4.4)"
964 Enable quickack mode if set or disable quickack
966 In quickack mode, acks are sent
967 immediately, rather than delayed if needed in accordance
968 to normal TCP operation.
969 This flag is not permanent,
970 it only enables a switch to or from quickack mode.
971 Subsequent operation of the TCP protocol will
972 once again enter/leave quickack mode depending on
973 internal protocol processing and factors such as
974 delayed ack timeouts occurring and data transfer.
975 This option should not be used in code intended to be
978 .BR TCP_SYNCNT " (since Linux 2.4)"
979 .\" Precisely: since 2.3.18
980 Set the number of SYN retransmits that TCP should send before
981 aborting the attempt to connect.
982 It cannot exceed 255.
983 This option should not be used in code intended to be portable.
985 .BR TCP_WINDOW_CLAMP " (since Linux 2.4)"
986 .\" Precisely: since 2.3.41
987 Bound the size of the advertised window to this value.
988 The kernel imposes a minimum size of SOCK_MIN_RCVBUF/2.
989 This option should not be used in code intended to be
992 TCP provides limited support for out-of-band data,
993 in the form of (a single byte of) urgent data.
994 In Linux this means if the other end sends newer out-of-band
995 data the older urgent data is inserted as normal data into
996 the stream (even when
999 This differs from BSD-based stacks.
1001 Linux uses the BSD compatible interpretation of the urgent
1002 pointer field by default.
1003 This violates RFC\ 1122, but is
1004 required for interoperability with other stacks.
1005 It can be changed via
1006 .IR /proc/sys/net/ipv4/tcp_stdurg .
1008 It is possible to peek at out-of-band data using the
1013 Since version 2.4, Linux supports the use of
1021 This flag causes the received bytes of data to be discarded,
1022 rather than passed back in a caller-supplied buffer.
1025 also has this effect when used in conjunction with
1027 to receive out-of-band data.
1031 calls return information in
1033 The correct syntax is:
1038 .IB error " = ioctl(" tcp_socket ", " ioctl_type ", &" value ");"
1043 is one of the following:
1046 Returns the amount of queued unread data in the receive buffer.
1047 The socket must not be in LISTEN state, otherwise an error
1052 .IR <linux/sockios.h> .
1053 .\" FIXME http://sources.redhat.com/bugzilla/show_bug.cgi?id=12002,
1054 .\" filed 2010-09-10, may cause SIOCINQ to be defined in glibc headers
1056 you can use the synonymous
1064 is nonzero) if the inbound data stream is at the urgent mark.
1068 socket option is set, and
1070 returns true, then the
1071 next read from the socket will return the urgent data.
1074 socket option is not set, and
1076 returns true, then the
1077 next read from the socket will return the bytes following
1078 the urgent data (to actually read the urgent data requires the
1082 Note that a read never reads across the urgent mark.
1083 If an application is informed of the presence of urgent data via
1087 argument) or through delivery of a
1090 then it can advance up to the mark using a loop which repeatedly tests
1092 and performs a read (requesting any number of bytes) as long as
1097 Returns the amount of unsent data in the socket send queue.
1098 The socket must not be in LISTEN state, otherwise an error
1103 .IR <linux/sockios.h> .
1104 .\" FIXME http://sources.redhat.com/bugzilla/show_bug.cgi?id=12002,
1105 .\" filed 2010-09-10, may cause SIOCOUTQ to be defined in glibc headers
1107 you can use the synonymous
1112 When a network error occurs, TCP tries to resend the packet.
1113 If it doesn't succeed after some time, either
1115 or the last received error on this connection is reported.
1117 Some applications require a quicker error notification.
1118 This can be enabled with the
1123 When this option is enabled, all incoming
1124 errors are immediately passed to the user program.
1125 Use this option with care \(em it makes TCP less tolerant to routing
1126 changes and other normal network conditions.
1130 Passed socket address type in
1136 The other end closed the socket unexpectedly or a read is
1137 executed on a shut down socket.
1140 The other end didn't acknowledge retransmitted data after some time.
1142 Any errors defined for
1144 or the generic socket layer may also be returned for TCP.
1146 Support for Explicit Congestion Notification, zero-copy
1148 reordering support and some SACK extensions
1149 (DSACK) were introduced in 2.4.
1150 Support for forward acknowledgement (FACK), TIME_WAIT recycling,
1151 and per-connection keepalive socket options were introduced in 2.3.
1153 Not all errors are documented.
1155 IPv6 is not described.
1156 .\" Only a single Linux kernel version is described
1157 .\" Info for 2.2 was lost. Should be added again,
1158 .\" or put into a separate page.
1160 .\" This man page was originally written by Andi Kleen.
1161 .\" It was updated for 2.4 by Nivedita Singhvi with input from
1162 .\" Alexey Kuznetsov's Documentation/networking/ip-sysctl.txt
1177 RFC\ 793 for the TCP specification.
1179 RFC\ 1122 for the TCP requirements and a description of the Nagle algorithm.
1181 RFC\ 1323 for TCP timestamp and window scaling options.
1183 RFC\ 1337 for a description of TIME_WAIT assassination hazards.
1185 RFC\ 3168 for a description of Explicit Congestion Notification.
1187 RFC\ 2581 for TCP congestion control algorithms.
1189 RFC\ 2018 and RFC\ 2883 for SACK and extensions to SACK.