Logfile on changes in the Solaris 2.x tuning document set

I'm afraid you have to read German date formats: DD.MM.YY. On popular demand I created this changelog file for your convenience. With the help of this changelog file, you can determine recent changes at one glance. If a file changed without an entry here, only spelling and other minor mistakes were corrected.

24.05.2002

• Sean O'Neill made me (consciously) aware of the tcp_mss_min parameter.

01.02.2002

• Changed several typographical errors on the index page, kindly pointed out by Joel dot Shandelman at optionable dot com Joel Shandelman.

13.01.2002

• Added recommendation not to lower tcp_ip_abort_interval, as this might result in Veritas backup failures amongst other things: socket write error. Pointed out by tanvir at mail dot orgTanvir Hassan, thanks.
• tcp:tcp_conn_hash_size defaults to 512 in Solaris 8, pointed out by jauderho plus soltune at carumba dot com Jauder Ho (KPMG Consulting), thanks.
• Added mentioning of the Solaris Operating Environment Network Settings for Security, pointed out by several readers.

26.10.2001

• Added tcp_ip_abort_linterval

20.07.2001

• Spelling: seminfo_semopm is the correct technical term.

10.04.2001

• Updated/added ip_icmp_err_burst and ip_icmp_err_interval.
• Fixed spelling from ip6_respond_to_echo_broadcast to ip6_respond_to_echo_multicast.
• Added explanations for ip6_icmp_return_data_bytes and ip_icmp_return_data_bytes.
• Added ip6_ignore_redirect, ip_ignore_redirect, ip_addrs_per_if, ip6_send_redirects and ip_send_redirect.
• Updated/added ip6_forwarding, ip_forwarding, and if:ip_forwarding.
• Added ip6_strict_dst_multihoming and ip_strict_dst_multihoming with a very short explanations of multihomed hosts.

06.04.2001

• Bracing most paragraphs into <P> .. </P> pairs.
• Adding legible reference labels to almost all items.
• Starting an index page.

04.04.2001

• Some restructuring: Adding chapter how to read, split hme from other material into its own chapter, adjusted numbering.
• Mentioned SUN's Solaris Tunable Reference Manual again and again.
• Adjusted maxusers, max_nprocs, and maxuprc.
• Added maxphys, pidmax, reserved_nprocs, physmem, and lwp_default_stacksize.
• Changed your-tune scripts to nettune script to maintain compatibility with YaSSP.

March 2001

• Moving to my own domain sean.de.

17.01.2001

• Yermilov Sergey provided me with the URI of the SUN Tunable Parameters Reference Manual.

05.12.2000

• Added a section to the ethernet problems which describes how to enable the distinct ethernet MAC address for each interface.

13.09.2000

• dave at srce dot hrDrazen Kacar pointed out the new Solaris 8 6/00 features concerning the DNLC: dnlc_dir_max_size, dnlc_dir_min_size and dnlc_dir_enable.

12.09.2000

• Solaris 8 has a default soft limit of 256, pointed out by dave at srce dot hrDrazen Kacar. Also fixed some of the wording for the soft- and hard limits.
• The 64 bit ABI stacks do not include the execute bit by default. The fixes to noexec_user_stack were pointed out bydave at srce dot hrDrazen Kacar.

07.09.2000

• Added nfssrv:nfs_portmon to the descriptions of /etc/system variables, kindly pointed out by Mr. Amos (HK Hosting Ltd.).

02.08.2000

• Added more emphasize to the fact that TCP watermarks will be rounded up to the nearest MTU. jason at pattosoft dot com dot au Jason Patterson pointed out that using a maximum of 65535 will be rounded up to 66608, thus silently turning on the window scaling which is incompatible with IP-Filter.
• Removed some outdated Squid-1 remarks. Nobody should use a Squid-1 these days!

19.07.2000

• Corrected some naive assumptions in the archaic section on tcp_conn_req_max, brought up by Demian Hanks.

18.07.2000

• Updated the information for pt_cnt according to the Solaris 8 Admin Answerbook. Pointed out by dave at srce dot hr Drazen Kacar.
• Fixed yet another typo in nettune.

11.07.2000

• Updated the nettune script in synch. with chouanard at parc dot xerox dot com Jean Chouanard's secure Solaris installation instructions SECclean.

19.06.2000

• priority_paging should not be set starting with Solaris 8.
• Updates for Solaris 8: tcp_slow_start_after_idle, tcp_deferred_ack_interval, tcp_slow_start_initial, tcp_rexmit_interval_max, tcp_rexmit_interval_min, tcp_mss_def.
• There is a minimum of 10 seconds with the tcp_keepalive_interval parameter. There was a minimum for a long time, but I never recorded it.
• Added the ip6 prefix values to the common parameters section.
• Added tcp_smallest_nonpriv_port and tcp_extra_priv_ports to the common parameters section for completeness sake.
• Split "5.3 Common TCP/IP parameters" into two new sections 5.3 Common IP parameters and 5.4 TCP and UDP port related parameters.

26.05.2000

• Appended a little test program to help you checkt that indeed, you can have more than 256 FDs with stdio starting at Solaris 7, in 64bit mode only.
• Tried to make tcp_(close|time)_wait_interval a little clearer. Both refer to the TIME_WAIT state of TCP.

24.01.2000

• Reworked the RFC section.
• Markus dot Storm at mediaways dot net Markus Storm made me aware of a few new features concerning:
  • The ufs_ninode and ncsize section, which were reworked accordingly.
  • The tcp:tcp_conn_hash_size allows tuning for busy servers.
• Update the structure to include Solaris 8 at a later time.
• Removed some broken links in the Literature section.
• Updated the literature links to kohala with the passing of W. Richard Stevens.

12.11.99

• Joy Chakraborty found a bug with the tcp_deferred_ack_interval. Of course, in interactive traffic every segment is ACKed.

18.06.99

• Reworked the sections for ufs_ninode, ncsize and bufhwm according to the Solaris 7 documentation.
• Move the priority paging into the system tuning section.
• Removed duplicate reference to the Solaris FAQ.

11.06.99

• Added tcp_slow_start_after_idle just to have it there.
• Added more insights to tcp_rtt_updates.
• Modified recommendations for tcp_deferred_ack_interval.

10.06.99

• Added rudimentary information on the parameters tcp_rtt_updates and ip_ire_cleanup_interval as were seen on the tcp-impl mailing list (pointed out by mbennett at netcom dot com Mike Bennett).
• Clarified the difference between the new Solaris 7 parameter tcp_time_wait_interval and the old tcp_close_wait_interval.
• Added a link to docs.sun.com to the literature section.

11.02.99

• Added a pointer to the Solaris FAQ to the literature section.

27.01.99

• Blair Zajac (author of ORCA, a webserver monitor) provided corrections for over fifty misspellings, or over hundred, if you count AE and BE differences as mistakes. Which makes me think, should I fashion my style more to AE or more to BE?

16.12.98

• Added a little documentation about tcp_rexmit_interval_extra to the retransmission page.

17.11.98

• Michael Fromme forwarded an email from the multimedia conference list, stating that early ethernet interfaces on low versions of Solaris were only capable of participating in 64 multicast groups simultaneously.

12.11.98

• Inserted a new chapter What's new containing a few of the most exciting new features in Solaris 7.
• Added a note to tcp_deferred_ack_interval which mentions its influence on slow bulk data transfer. Shobana Narayanasw (MIL3) had me look into the matter.

11.11.98

• Jens Elkner again: Fixed rlim_fd_* notions about breaking the license server and RPC. Both services only look at the softlimit; the hardlimit may be increased without harm.
• Shobana Narayanasw (MIL3) made me aware of the fact that my tcp_deferred_acks_max documentation was mistaken. Actually, the ACKs max parameter does influence bulk data transfer, and thus limits the number of segments for which an ACK may be outstanding.

10.11.98

• Changes and bugfixes initiated by Jens Elkner:
  • Fixed missing backslash in the ndd.pl script; now works fine with Perl 5.005.
  • There doesn't exist any tcp_recv_lowat, though a socket option exists. tcp_sth_rcv_lowat and tcp_snd_lowat_fraction are still in need of some explanations.
  • Rearranged equation (2).
  • Mentioned tcp_slow_start_initial in the LFN section as worthwile diversion.

26.10.98

• Reworked the literature links and the literature section.
• Changes and bugfixes initiated by Jens Elkner:
  • Fixed a few spelling errors, some in URLs.
  • tcp_sth_rcv_lowat as new undocumented parameter to the uncovered material.
  • Now recommending 256 FDs for the soft limit rlim_fd_cur due to expected trouble with stdio and the license manager.
  • Added a link to the Solaris2 FAQ archive maintained by Casper Dik to the Internet resources section.

25.09.98

• Bertold Kolics pointed out that the Cockroft, 2nd edition changed its homepage. This is important.

20.09.98

• What started as fixes on the design actually enhanced the meta tags, fixed dangling and missing end-tags. The general appearance was reworked to be more consistent.
• The framed version was scratched due to the frame-inherent difficulties with the title bar and the overhead for superflous design gimmicks.
• One CSS1 conforming stylesheet was introduced, but only for visual enhancements, as even Netscape 4.x does not print what is declared in the stylesheet. And a printed document with all structuring tags removed is virtually worthless.
• Have a guess... I love motorbikes ;-) Click it in a spare minute.

18.09.98

• Many minor changes, partially in sequence of paragraphs, partially in layout.
• Reworked externally pointing hyperlinks to be shown in one frame of their own.

17.09.98

• reworked the introductive section to contain more information on the use of ndd. Also moved the table of contents to the very beginning, and the introductory words into the introduction.
• Changed the ndd.pl script for examining values to contain a help, and fixed the tabular values.
• Moved the 100 Mbps section again to provide a more logical reading flow.
• Added SUN Platform Notes: The hme Fast Ethernet Driver to the 100 Mbit ethernet section, and the literature section.
• Updated patch section and added the hme patch recommendation for 2.5.1
• Completely reworked the 100 Mbps section.

15.09.98

• Refreshed links to the HTTP/1.1 protocol from 3rd to 4th revision.
• Added noexec_user_stack and noexec_user_stack_log to the /etc/system section, in accordance with CA-98.06. Be warned to try out this option thoroughly before using it on a production system.
• Exchanged section 7.3 and 7.4, since readers told me about "using ndd to display hme values", even though I mentioned it someplace later. Now I want to point directly (in the next section) to ndd for extracting current information from network driver loadable kernel modules.
• Added a shell script to displays some /etc/system tunable kernel parameters to the scripts section. The script was kindly supplied by andre at online dot ee Andres Kroonmaa.
• Added the 10 Mbps downgrade hme_adv_10fdx_cap and hme_adv_10hdx_cap options to the fast ethernet section, as several readers mentioned them, Mr. Kannemann among them.
• Reworked some of the fast ethernet section, expect more soon.
• Added tcp_wscale_always, tcp_tstamp_always, tcp_tstamp_if_wscale and tcp_host_param to the windows, buffers and watermarks section.
• With the addition of tcp_host_param, I had to mention tcp_xmit_hiwat and tcp_recv_hiwat in their respective sections.

27.08.98

• Amended some thoughts to bufhwm.
• Added autoup with the implication for caches like squid, as kindly provided by Steward Forster.

29.07.98

• Quick fix to startup script (missing quotes in test).

24.07.98

• Spent days investigating the special semantics of the slow start behaviour. The result is a new page with all experiments and results on the slow start patch/bug/feature. Likun from AsiaInfo triggered that particular research.

13.07.98

• Fixed a few quite severe bugs with the first startup script, pointed out and fixes suggested by chouanard at parc dot xerox dot com Jean Chouanard (Xerox PARC).
• Added ip_forward_directed_broadcasts, ip_forwarding, and ip_respond_to_echo_broadcast to the common parameters section, also pointed out by Jean Chouanard.
• Worked on tcp_slow_start_initial relevant sections, initiated by mbennett at netcom dot com Mike Bennett.
• Updated ip_icmp_err_interval.
• Found and added the explaination for *_max_buf.

24.06.98

• Just added Sun's public TCP/IP and Data Communications Administration Guide to the literature section, kindly pointed out by Richard Murphy (SwRI). Especially the high-speed TCP stuff needs some more work in my document.

19.06.98

• Added reasons for the recommended buffer sizes.
• Added TODO item to look into possible NAGLEing of HTTP requests.
• Added the Pittsburgh Supercomputing Center to the list of references.

01.06.98

• Extensively reworked the buffers, windows and watermarks section. Now contains a picture which should make things much clearer. Also reworked the recommenations.
• Changed the startup script to work with the new recommendations. Also improved on the $osver variable.
• Cleared up misleading paths in the connection queue section, made aware of by p at patrick dot netPatrick Killelea.
• Minor changes at various places.

25.05.98

• Added HTTP RFC's and drafts to the literature section.
• Added tcp_rexmit_interval_extra to the "who knows, speak up" section.
• Second chapter in the sidetrack document on TCP retransmissions.
• Fixed mispelled maxusers, caught by jw at wede dot de Jan Wedekind (UUNET Germany).

22.05.98

• Updated the startup script not to assume that /var is mounted at the time the script is called. Now will work on more Solari than before, and does verbose output. Solaris < 2.5.1 will need to modify the patch-finder part of the script.
• Corrected my statements to the Solaris 2.6 parameter tcp_deferred_acks_max due to experimentations with this parameter. The information is still not definitive.
• Reworked the scripts section.
• New ideas for tcp_rexmit_interval_initial and tcp_rexmit_interval_min.
• First chapter in the sidetrack document on TCP retransmissions.

20.05.98

• Added comments and insights to tcp_deferred_ack_interval, changed recommendation.
• Added ndd value check script by andre at online dot ee Andres Kroonmaa to the end of the introduction.
• Added new section of of things in need to be done (TODO list). The section is a meta-section covering material I intend to dig into. Thus you get ample warning about things which might change in the foreseeable future.

06.04.98

• Added the use_mxcc_prefetch parameter.
• Removed advice to fiddle with maxusers.

04.04.98

• sfx at unix-ag dot org Lars Eilebrecht made me aware of a the formula concerning ufs_ninode and ncsize.
• He also pointed out the default behaviour of bufhwm and maxusers.
• Adrian Cockroft reported that his new book which is due to appear on 10th of April 98 clarifies some of my open issues. Added to the literature section. I expect it will correct many errors I made along the way, too.
• Changed example startup script: Moved sections around a little and added tcp_slow_start_initial.
• Completely reworked and updated SYSV IPC parameters from the SunWorld articles What are the tunable kernel parameters for Solaris 2? by Adrian Cockroft and Demangling message queues, Setting our sights on semaphores, and Shared memory uncovered by Jim Mauro.

31.03.98

• Added hints for hash mapped cache VFS to ncsize, ufs_ninode, and bufhwm.
• Hinted at the implications of improving algorithms rather than fiddling at the end of system tweaking.
• compacted patch section by removing the non-essential SUN recommended patches (just commented out, look at the HTML source, if interested).
• nm is preferable for obtaining symbol from a compiled file, including kernel modules.

30.03.98

• Added information from SUN slow start to tcp_deferred_ack_interval. Added link to literature.
• Added tcp_slow_start_initial, kindly pointed out by Mr. Jesper, and in the above mentioned SUN page.
• Moved tcp_dupack_fast_retransmit into secion 3.

02.02.98

• Changed tcp_cwnd_size to tcp_cwnd_max. The typo was pointed out by Alvaro Fdez. Lago.
• tcp_conn_req_min was introduced in Solaris 2.6.
• A few spellings corrections and extended thoughts in the watermark section.

29.01.98

• added explanations of the fa0 interface, kindly incented by Roel JT Jonkman.
• added a note about situations where pMTU discovery will not work, kindly discussed with cesards at erols dot com Patrick O.Cesard.
• a few more hints to Squid with buffers and watermarks.
• Moved tcp_conn_req_min into the section about connection initialization and listening queues.

22.01.98

• Extensively reworked the section about TCP connection establishment
  • Now containing the Stevens' informations about the incomplete connection queue and the completed connection queue.
  • Added two new pictures, now totalling four pictures in the file.
  • Moved the various TCP timers into the section about miscellaneous items.
• Devided the misc. section into several subsections.
• Added the mentioned RFCs as links to the literature list.
• Changed tcp_conn_req_min estimated meaning.

21.01.98

• Changed my recommondations for path MTU discovery to use RFC conformant discovery.
• Included and updated informations relating to informations from the Pittsburgh Supercomputing Center. I was made aware to the link by Mr. Nebel. The parts include tcp_conn_req_max_q and tcp_conn_req_max_q0.
• Added the common practice of (not) combining SYN, FIN and ACK with TCP data to the transaction page.
• Documented tcp_xmit_lowat and udp_xmit_lowat for the purpose of rouding the picture.
• Corrected tcp_max_buf and udp_max_buf.

15.01.98

• Update on the literature, now includes Stevens Unix Network Programming, second edition.
• The formerly mentioned book helped me to completely revise the chapter about buffers, windows and watermarks. I went as far as to add another picture in order to clarify a few things.
• a few odd correction, concerning transactions.
• Reworked the page on TCP transactions, clarified the pictures.
• moved the previously uncommented parameters tcp_deferred_ack_interval and tcp_deferred_acks_max into the section about retransmission. These parameters might be of interest for HTTP/1.0 users.

07.01.98

• Update the relation between tcp_recv_hiwat, udp_recv_hiwat, tcp_xmit_hiwat and tcp_xmit_hiwat on one hand with the Squid configuration checks on the other hand.
• Updated the TCP transaction document. Now the figure contains also the HTTP transaction and accounts for ten exchanged segments. The text is also updated.

15.12.97

• Updated the information relating to tcp_conn_req_max_q and tcp_conn_req_max_q0 as kindly supplied by Mr. Pifke.
• Added the cited SunWorld article on 2.6 to the literature section.

21.10.97

• Corrected default values for rlim_fd_cur and rlim_fd_max. The defaults are much smaller than expected - and measured the last time I looked. Relevant to Squid is the hardlimit rlim_fd_max.
• Also, the filedescriptor tweaks set the hard- and softlimits, not, as I previously thought to have detected, a per-user and per-system limit.
• Cosmetic changes to the section layout, now with numbering. Section seven got partitioned into several subsections.

10.10.97

• Documented new parameters for /etc/system.

09.10.97

• Documented changes shipping with Solaris 2.6.
• Added a list of in this document previously undocumented features with minimum documentation. Maybe you got a good idea concerning one or the other.

07.10.97

• New results concerning tweaking FD_SETSIZE.
• Call for participation at start of page.

02.10.97

• translated everything into English.
• fixed many bugs along the way, especially on the SYSV IPC page.
• updated the patchlist.

03.09.97

• updated hints to the TCP patchlist.
• Documented new parameters tcp_conn_req_max_q and tcp_conn_req_max_q0. They seem to spring into existence after applying patch 103582 > pl13. The new parameters replace the extensive description of tcp_conn_req_max.

19.08.97

• Corrected spelling of tcp_ip_abort_cinterval.
• Corrected semantical errors in the documentation of tcp_ip_abort_cinterval and tcp_ip_abort_interval, referenced SYN flood attacks.
• Got the first indication of a kernel patch (yes, this is still possible with Solaris) increasing the hard limit of tcp_conn_req_max above 1024.

06.08.97

• Documented parameter hme:hme_adv_autoneg_cap as seen with Mr. Hüsemann (RRZN).

31.07.97

• Improvements on the SYSV IPC parameters. Added a small program to dynaload the necessary streams modules into the kernel.
• Clarifications on the maximum number of possible file descriptors.
• Test programs for processes and file descriptors. Yes, there are other ways to find out about those, but why not just do the very same thing your server do when they die unexpectedly.

29.07.97

• Added more documentation for /etc/system:
  • link to VJ with regard to up-date-ness.
  • 100 MBit ethernet tunings kindly supplied by Mr. Nebel (IS).
  • Moved SYSV IPC documentation into a document of its own.
• Added Steven's APUE to the list of books.

22.07.97

• Made all RFC references real hyperlinks.
• Re-Introduction of my change log.

21.07.97

• Documented small changes on the default values.
• Verification of all defaults with Solaris 2.5 and 2.5.1 (Sparc only).
• Reworked the section about windows and buffers, now with more in depth knowledge, still threading deep waters without ground under my feet.

xx.07.97

• Reworked all pages for my new employer.
• Added extra page about transactions via TCP from my thesis paper.
• Verification of some data, improvement on up-to-dateness.
• Reworking the literature section.

20.01.97

• Update of the patch links.
• Small cosmetics on the windows section.

17.10.96

• New section about windows and buffers, made aware by Mr. Sauerteig (CCN) on a local mailing list. He also pointed out the resource with documentation for
  • tcp_cwnd_size
  • tcp_recv_size
  • tcp_xmit_size
• Added recommended patches for Solaris.

15.08.96

• Some personal remarks concerning tcp_close_wait_interval with an interval of 30 seconds instead of the original suggestion of 1 second (too low).
• Added a few links to other documents.

13.08.96

• Added in-page hyperlinks to reference sections and important parameters.
• Added new knowlegde concerning the connection between udp_largest_anon_port and traceroute.

Sun, Sun Microsystems, the Sun Logo and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.

Last Modified: Tuesday, 02-Mar-2004 18:30:59 MET