Need to change Network parameters

Hi All,
Sap Application team performing TPO analysis and have some recommendations for OS parameters. Can you please review the below mentioned parameters and let us know

Current Settings
net.core.somaxconn = 128
net.ipv4.tcp_max_syn_backlog = 2048
net.core.rmem_max = 229376
net.core.wmem_max = 229376
They are asking us to change the above parameters as per below
Expecting changes as per below
net.core.somaxconn = 4096
net.ipv4.tcp_max_syn_backlog = 8192
net.core.rmem_max = 6291456
net.core.wmem_max = 4194304

If these can be implemented are not/
Any impact that you see with current settings.
Other depending factors if we modify these parameters.
Process to get them updated in environment and if it requires downtime.

Comments

  • malcolmlewismalcolmlewis Knowledge Partner

    Hi
    The sysctl tool is your friend along with your own conf file in /etc/sysctl.d/
    For example, to ensure values are set at boot time, create a /etc/sysctl.d/99-sap.conf containing;

    net.core.somaxconn = 4096
    net.ipv4.tcp_max_syn_backlog = 8192
    net.core.rmem_max = 6291456
    net.core.wmem_max = 4194304
    

    Use the -a option to see, the -w option to write on the fly;
    For example;

    sysctl -n net.ipv4.tcp_max_syn_backlog
    2048
    
    sysctl -w net.ipv4.tcp_max_syn_backlog=8192
    net.ipv4.tcp_max_syn_backlog = 8192
    
    sysctl -n net.ipv4.tcp_max_syn_backlog
    8192
    
  • Thanks for the update.
    Kindly let us know if change parameters is there any impact
    Other depending factors if we modify these parameters.
    Process to get them updated in environment and if it requires downtime.

  • malcolmlewismalcolmlewis Knowledge Partner
    edited August 31

    Hi
    They should adapt on the fly if you write them with the sysctl tool, with the config file in place the parameters will be set if/when you reboot.

    If they are recommended by your Team, then you should be fine....

  • Hi ,
    Need Clarification on below
    Can we go head and update below parameters in /etc/sysctl.conf file are else as specified in above discussion we need to create a separate file /etc/sysctl.d/99-sap.conf and then need to update below parameters in to these file

    net.core.somaxconn = 4096
    net.ipv4.tcp_max_syn_backlog = 8192
    net.core.rmem_max = 6291456
    net.core.wmem_max = 4194304

  • malcolmlewismalcolmlewis Knowledge Partner

    @Vadapalli I would suggest the contents are in /etc/sysctl.d/ directory, as an update may overwrite the /etc/sysctl.conf file. Either will work, so if the contents do exist in /etc/sysctl.conf, then update there, if not use /etc/sysctl.d/ for your settings.

    See the comment in the beginning of /etc/sysctl.conf about overriding that file.

  • Hi Malcolmlewis
    After changing parameters by using command sysctl -w net.ipv4.tcp_max_syn_backlog=8192 you have suggested to create a file /etc/sysctl.d/99-sap.conf what permission and ownership we should assign to that file and any specific syntax is there to make entries to that file.

    Please let us know.

  • malcolmlewismalcolmlewis Knowledge Partner

    Hi
    The defaults, permissions should be 0644 and owned by root:root and as I quoted before;

    net.core.somaxconn = 4096
    net.ipv4.tcp_max_syn_backlog = 8192
    net.core.rmem_max = 6291456
    net.core.wmem_max = 4194304
    
  • Thanks for the update.
    No reboot required right after changing the parameters.

  • malcolmlewismalcolmlewis Knowledge Partner

    Hi
    No, they should apply fine.

  • Thanks a lot Malcomlewis.

  • Hi Malcomlewis,
    Need your help in modifying the below parameters for password configuration on SuSe linux server
    Password MinimumLength = 8
    Min Upper case chars=1
    Min lower case char=1
    Min digit chars=1
    Min special Chars=1
    Lifetime(The maximum period of time, (in days) a user's password may be in effect before the user is forced to change it.) = 90 days
    History(The number of unique new passwords that must be associated with a user account before an old password can be reused) = 24
    Minimum password age(The period (in days) that a password must be used before the user can change it)= 2 days
    Account Lockout duration(The amount of time a locked-out account remains locked out before automatically becoming unlocked.)=15
    Account Lockout threshold(The number of failed sign-in attempts that will cause a user account to be locked.)=6

    Kindly help us to set above parameters in our Suse Linux server below is the suse linux version
    Linux 4.12.14-197.37-default #1 SMP
    cat /etc/SUSE-brand
    SLE
    VERSION = 15

  • malcolmlewismalcolmlewis Knowledge Partner

    Hi
    With a new topic, please start a new thread as it will get more attention from other Forum users ;)

    I will close this thread for now.

This discussion has been closed.