/proc isn't
just for getting information out of
the system and into convenient text form. You can also use it to put
information into the
system, and thereby change it. The sys/ directory,
which is where kernel variable information is kept, is where most of the things
you might want to alter live. Changes made here will take effect immediately; no
need to reboot
Networking changes
/proc/sys/net/ipv4/ contains a bunch of
networking values to try playing around with.
/proc/sys/net/ipv4/tcp_keepalive_time sets
how long (in seconds) it takes the TCP keepalive routines to send the first
keepalive probe. A keepalive message simply detects whether the other side of
the connection is still there; if not, it drops the connection. However, the
default is 7200 seconds (2 hours), which is probably after your session would
have timed out itself. If you want something quicker than that, you can change
this value to send a keepalive sooner (and thus drop the session sooner if the
other side has gone away). Setting it to 120 seconds would start sending
keepalives after two minutes.
echo 120 > /proc/sys/net/ipv4/tcp_keepalive_time
After the first probe, the default time between
keepalives is 75 seconds. To change this, you can
alter/proc/sys/net/ipv4/tcp_keepalive_intvl. (Bear in mind that
shortening the interval will increase network traffic, although keepalives are
small packets, so not by much.)
Another useful value
is /proc/sys/net/ipv4/tcp_keepalive_probes, which defines how many
dropped keepalives it takes before the connection is marked inactive. By
default, this value is 9, which may be worth increasing if you have a flaky
network (or if your network is temporarily flaky):
echo 15 > /proc/sys/net/ipv4/tcp_keepalive_probes
When changing settings via /proc, you
should use echo, as shown above, rather than a text editor. If you open
the file in a text editor, the kernel value might conceivably change while
you're editing it. Bear in mind that these files don't "really" exist, but are
just a pretend file getting values into and out of the kernel. To avoid this
problem, use echo to edit files, and cat (piped
through less if necessary) to look at files.
Another useful
file, /proc/sys/net/ipv4/ip_forward, allows you to enable IP
forwarding. Most people don't need IP forwarding, but in some networking
situations, such as setting up a VPN and/or dial-in server, it can be useful.
(Be careful, as unlimited IP forwarding is a security risk!) Change the value to
1 to enable, or 0 to disable:
echo 1 > /proc/sys/net/ipv4/ip_forward
Here are a few more interesting variables to
experiment with:
- Changing /proc/sys/fs/file-max will change the number of filehandles that are available – this will get rid of error messages stating the maximum number of open files has been reached, and no more files can be opened. The default is 4096, but you can use any number. (It's probably best to change this only if you actually run into this limit.) You can do the same thing for inodes with /proc/sys/fs/inode-max. However, the total number of inodes available overall on the system can't be changed in this way.
- /proc/sys/kernel/ctrl-alt-del allows you to set the response to the Ctrl+Alt+Del key combination. 1 will set this to be a graceful shutdown (like typing shutdown -h now; 0 will be an immediate shutdown (like turning the power off). 1 is probably a safer value (after all, if you really have to do an immediate non-clean shutdown you can always physically turn the power off).
- You can use /proc/sys/kernel/hostname to configure your network hostname -- be careful doing this if you have DHCP as you might create a conflict.
- If experiencing load problems on an NFS server, you can increase the server memory queue limits by changing the value in the rmem_default, rmem_max, wmem_default, and wmem_maxfiles in /proc/sys/net/core/. Try 262144 (256K) as a starting point. I've found this very useful with NFS servers in the past.
If you poke around in /proc/sys/,
there's plenty of other files you can play around with. Basically, if a file has
the write attribute set, then you can change it – but do course be aware that
you could potentially screw up your system by doing this! The good news is that
changes made in this way will only last until the next boot; to make changes
permanent, use sysctl and /etc/sysctl.confinstead.
Type sysctl -a | less to look at a list of parameters. Working directly
with the/proc/sys/ settings is a useful way to experiment before making
permanent changes with sysctl or other tools.
More information
As with the process directories, there's a lot
of information in /proc/ and I haven't covered all of it here. Spend
some time having a poke through /proc with the man page to find out
what else is there and what you might be able to change. Unfortunately the proc
documentation can be a bit lacking in some cases. If the man page is unhelpful,
try the docs in /usr/src/linux/Documentation/ (you may need to install
kernel source packages), or at kernel.org. Alternatively, go take a look
through /procand then Google for whatever file or directory names you
find.
No comments:
Post a Comment