Manualshelf

HP-UX TCP/IP Performance White Paper, March 2008

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
71727374757677787980
76
It is very unlikely that a value of zero (0) would ever be indicated. One unlikely case would be when one
knows that severely bandwidth constrained links are in use and the additional bytes of the SACK option
would limit effective bandwidth.
tcp_sth_rcv_hiwat:
If nonzero, sets the Stream-head flow control high water mark.
[0,128000] Default: 0
The stream head flow control high water mark is set to larger of tcp_sth_rcv_hiwat or the receive
window of the connection. The default value of 0 means that the high water mark will be set to the receive
window of the connection.
tcp_sth_rcv_lowat:
If nonzero, sets the Stream-head flow control low water mark.
[0,128000] Default: 0
tcp_syn_rcvd_max:
Controls the SYN attack defense of TCP. The value specifies
the maximum number of suspect connections that will be allowed
to persist in SYN_RCVD state. For SYN attack defense to work,
this number must be large enough so that a legitimate connection
will not age out of the list before an ACK is received from the
remote host. This number is a function of the speed at which
bogus SYNs are being received and the maximum round trip time
for a valid remote host. This is very difficult to estimate
dynamically, but the default value of 500 has proven to be highly
effective. [1,10000] Default: 500 connections
tcp_status:
Obtains a complete report similar to "netstat -an" on all TCP
instances. Requests for this report through concurrent execution
of ndd instances are serialized through semaphore. Hence tcp_status
report invocation through ndd may appear to hang incase there is
an ndd instance generating tcp_status/udp_status report already
running on the system.
tcp_time_wait_interval:
Amount of time TCP endpoints persist in TCPS_TIME_WAIT state.
[1000,600000] Default: 60000 (60 seconds)
The TIME_WAIT interval is an integral part of TCP's correctness algorithms. TCP connections are "named"
(uniquely identified) by the four-tuple of local and remote IP address, and local and remote TCP port
number. There is no concept of "this is the N'th connection by this name." So to prevent TCP segments from
an old connection being accepted on a new connection, TCP uses the TIME_WAIT state. This preserves TCP
information long enough to be statistically certain that all the segments of the old TCP connection by that
name are gone.