From f3936f14c5639f137a08866ea0e41155c447b621 Mon Sep 17 00:00:00 2001
From: Sunderland93 <samoilov.lex@gmail.com>
Date: Tue, 28 Nov 2023 19:34:45 +0400
Subject: [PATCH] Add net tweaks

---
 etc/sysctl.d/tileos.conf | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/etc/sysctl.d/tileos.conf b/etc/sysctl.d/tileos.conf
index 7c720eb..d366f54 100644
--- a/etc/sysctl.d/tileos.conf
+++ b/etc/sysctl.d/tileos.conf
@@ -18,3 +18,39 @@ vm.max_map_count = 2147483642
 # This action will speed up your boot and shutdown, because one less module is loaded. Additionally disabling watchdog timers increases performance and lowers power consumption
 # Disable NMI watchdog
 kernel.nmi_watchdog = 0
+
+# Increase the maximum connections
+# The upper limit on how many connections the kernel will accept (default 4096 since kernel version 5.6):
+net.core.somaxconn = 8192
+
+# Enable TCP Fast Open
+# TCP Fast Open is an extension to the transmission control protocol (TCP) that helps reduce network latency
+# by enabling data to be exchanged during the sender’s initial TCP SYN [3].
+# Using the value 3 instead of the default 1 allows TCP Fast Open for both incoming and outgoing connections:
+net.ipv4.tcp_fastopen = 3
+
+# Enable BBR3
+# The BBR3 congestion control algorithm can help achieve higher bandwidths and lower latencies for internet traffic
+net.ipv4.tcp_congestion_control = bbr
+
+# TCP SYN cookie protection
+# Helps protect against SYN flood attacks. Only kicks in when net.ipv4.tcp_max_syn_backlog is reached:
+net.ipv4.tcp_syncookies = 1
+
+# TCP Enable ECN Negotiation by default
+net.ipv4.tcp_ecn = 1
+
+# TCP Reduce performance spikes
+# Refer https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
+net.ipv4.tcp_timestamps = 0
+
+# Increase netdev receive queue
+# May help prevent losing packets
+net.core.netdev_max_backlog = 16384
+
+# Disable TCP slow start after idle
+# Helps kill persistent single connection performance
+net.ipv4.tcp_slow_start_after_idle = 0
+
+# Protect against tcp time-wait assassination hazards, drop RST packets for sockets in the time-wait state. Not widely supported outside of Linux, but conforms to RFC:
+net.ipv4.tcp_rfc1337 = 1