Today most kernels work out of the box with most hardware. But there are times when you could squeeze out a bit more performance or even lighten your kernel on the fly. You can do that with the sysctl command.
sysctl is an interface that allows you to make changes to a running Linux kernel. With /etc/sysctl.conf you can configure various Linux networking and system settings such as:
1.Limit network-transmitted configuration for IPv4 and IPv6
2.Turn on execshield protection
3.Prevent against the common 'syn flood attack'
4.Turn on source IP address verification
5.Prevents a cracker from using a spoofing attack against the IP address of the server.
6.Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.
Caution: Never attempt to tweak your kernel's settings on a production system using the various files in the /proc/sys directory. Occasionally, changing a setting may render the kernel unstable, requiring a reboot of the system. As this would obviously disrupt any users currently using the system, use a similar development system to try out changes before utilizing them on any production machines.
Before attempting to change a value in /proc/sys, be sure you know the valid options for that file and the expected outcome.
Use at your own risk. Check the settings in a testing environment before deploying into production server.
The sysctl command can make viewing, setting, and automating special kernel settings very easy.
To get a quick overview of all settings configurable in the /proc/sys directory, type the sysctl -a command as root. This will create a large, comprehensive list.
# sysctl -a
kernel.sched_child_runs_first = 0
kernel.sched_min_granularity_ns = 1000000
kernel.sched_latency_ns = 5000000
kernel.sched_wakeup_granularity_ns = 1000000
-----------------------------------------------------
output truncated.
To watch a single entry you can run either
# sysctrl kernel.ctrl-alt-del
or
# cat /proc/sys/kernel/ctrl-alt-del
Both command would produce the same output.
This is the same basic information you would see if you viewed each of the files individually. The only difference is the file location. The /proc/sys/kernel/ctrl-alt-del is signified by kernel.ctrl-alt-del, with the directory slashes replaced by dots and the proc.sys portion assumed.
To determine if a particular file can configured or is only designed to provide information is to list it. If the file is writable, you may use it to configure the kernel in a certain way. For example, a partial listing of /proc/sys/fs looks like this:
# ls -l /proc/sys/fs
total 0
-rw-r--r-- 1 root root 0 2010-09-22 13:10 aio-max-nr
-r--r--r-- 1 root root 0 2010-09-22 13:10 aio-nr
-r--r--r-- 1 root root 0 2010-09-22 13:10 dentry-state
-rw-r--r-- 1 root root 0 2010-09-22 13:10 dir-notify-enable
-----------------------------------------------------
output truncated.
In this listing, the files aio-max-nr and dir-notify-enable can be written to and, therefore, can be used to configure the kernel. The other files only provide feedback on the kernel's current settings.
While quickly setting single values like this in /proc/sys is helpful during testing, it does not work as well on a production system, as all /proc/sys special settings are lost when the machine is rebooted. To preserve the settings that you like to make permanently to your kernel, add them to the /etc/sysctl.conf file.
It's interesting, also, to note that, while sysctl will work just fine with an /etc/sysctl.conf file that includes nothing but comments (or is completely non-existent), your /proc filesystem "must" be of the type "procfs" in order for it to function correctly. You'd have to go out of your way to build your Linux box to use (for instance) ext3 for the /proc filesystem, but a bit of information that's good to know (maybe... at some point in the future ;) /proc/sys is the base directory for sysctl. In fact, if you wanted to emulate "sysctl -a", you could just do an ls in that directory.
The sysctl command
The basic usage of the command is sysctl OPTIONS PARAMETER VARIABLE. The variable for a parameter will be in the form of either boolean, string, or numbers. You must run this command as either the root user or with the help of sudo. One of the first things you might want to do is to issue the command sudo sysctl -a. This command will display all of the tunable variables on your machine i.e. you will see all the possible parameters sysctl can modify.
# sysctl -a
If you want to get the value of just a single variable, use something like
# sysctl vm.swappiness
or just
# sysctl -a | grep vm
to list all variables that start with "vm".
When looking for a single variable add the -n option to output just the variable values, without the names; -N has the opposite effect, and produces the names but not the values.
# sysctl -n kernel.hostname
russell-desktop
# sysctl -N kernel.hostname
kernel.hostname
Changing a value within a /proc/sys file is done by two ways. One way is to echoing the new value into the file. For example, to enable the System Request Key on a running kernel, type the command:
# echo "1" > /proc/sys/kernel/sysrq
A few /proc/sys configuration files contain more than one value. In order to correctly send new values to them, place a space character between each value passed with the echo command, such as is done in this example:
# echo "4 2 45" > /proc/sys/kernel/acct
The other way is to use the sysctl command which is able to do the same thing by typing the sysctl -w
# sysctl -w kernel.sysrq="1"
Do some experimenting on your own.
The meaning of sysctl boolean values are -
0 = equals "no" or "false" or "disable"
1 = means "yes" or "true" or "enable"
For more information, run man sysctl to display the standard documentation.
sysctl values are loaded at boot time from the /etc/sysctl.conf file. This file can have blank lines, comments (lines starting either with a "#" character or a semicolon), and lines in the "variable=value" format. For example. If you want to apply it at any time, you can do so with the command
# sysctl -p
# sysctl -p /etc/mytestsysctl.conf <-- this will read in and enact all the kernel changes specified in your special /etc/mytestsysctl.conf file. It's a good idea to use a different filename when testing out new sysctl.conf settings, especially if you're making broad changes, since, if you completely screw the pooch and your machine reboots, it will come back up looking for the default /etc/sysctl.conf which will still be good to go).
Whats Next?
With so many tunable parameters, how do you decide what to do? This is a sore point with sysctl: most of the relevant documentation is hidden in the many source files of the Linux kernel, and isn't easily available, and it doesn't help that the explanations given are sometime arcane and difficult to understand.
sysctl -a to learn the available parameters, then Google around for extra help. You may find, say, an example of changing the shared memory allocation to solve a video program problem, or an explanation on vm.swappiness, or even more suggestions for optimizing IP4 network traffic.sysctl shows yet another aspect of the great flexibility of Linux systems. While documentation for it is not widely available, learning its features and capabilities on your own can help you get even more performance out of your box. That's system administration at its highest (or lowest?) level.
Reference
For additional information on kernel variables, look at the documentation included with your kernel source, typically in some location such as /usr/src/linux-
Kernel tuning with sysctl
The official Linux kernel sysctl tuning help. It can also be found here.
Documentation/ip-sysctl.txt
Predefined Tuning
BSD
BSD System Manager's ManualMAC OSX
No comments:
Post a Comment