[PATCH v2 2/2] docs: net: clarify sysctl value constraints

From: Abdelrahman Fekry
Date: Sat Jun 14 2025 - 18:54:54 EST

Next message: linux: "[PATCH net-next] net: liquidio: Remove unused validate_cn23xx_pf_config_info()"
Previous message: Abdelrahman Fekry: "[PATCH v2 1/2] docs: net: sysctl documentation cleanup"
In reply to: Abdelrahman Fekry: "[PATCH v2 1/2] docs: net: sysctl documentation cleanup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

So, i also noticed that some of the parameters represented
as boolean have no value constrain checks and accept integer
values due to u8 implementation, so i wrote a note for every
boolean parameter that have no constrain checks in code. and
fixed a typo in fmwark instead of fwmark.

Added notes for 19 confirmed parameters,
Verified by code inspection and runtime testing.

- No changes for v2 in this patch , still waiting to be reviewed.
Signed-off-by: Abdelrahman Fekry <abdelrahmanfekry375@xxxxxxxxx>
---
v2:
- No change.
v1:
- Added notes for booleans that accept 0-255 not only 0/1.
Documentation/networking/ip-sysctl.rst | 70 ++++++++++++++++++++------
1 file changed, 55 insertions(+), 15 deletions(-)

diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
index 68778532faa5..38f2981290d6 100644
--- a/Documentation/networking/ip-sysctl.rst
+++ b/Documentation/networking/ip-sysctl.rst
@@ -70,6 +70,8 @@ ip_forward_use_pmtu - BOOLEAN

- 0 - disabled
- 1 - enabled
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

fwmark_reflect - BOOLEAN
Controls the fwmark of kernel-generated IPv4 reply packets that are not
@@ -91,6 +93,8 @@ fib_multipath_use_neigh - BOOLEAN

- 0 - disabled
- 1 - enabled
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

fib_multipath_hash_policy - INTEGER
Controls which hash policy to use for multipath routes. Only valid
@@ -490,7 +494,9 @@ tcp_fwmark_accept - BOOLEAN
have a fwmark set via setsockopt(SOL_SOCKET, SO_MARK, ...) are
unaffected.

- Default: 0
+ Default: 0 (disabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_invalid_ratelimit - INTEGER
Limit the maximal rate for sending duplicate acknowledgments
@@ -605,6 +611,8 @@ tcp_moderate_rcvbuf - BOOLEAN
automatically size the buffer (no greater than tcp_rmem[2]) to
match the size required by the path for full throughput. Enabled by
default.
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_mtu_probing - INTEGER
Controls TCP Packetization-Layer Path MTU Discovery. Takes three
@@ -638,6 +646,8 @@ tcp_no_ssthresh_metrics_save - BOOLEAN
Controls whether TCP saves ssthresh metrics in the route cache.

Default is 1, which disables ssthresh metrics.
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_orphan_retries - INTEGER
This value influences the timeout of a locally closed TCP connection,
@@ -705,7 +715,9 @@ tcp_retries1 - INTEGER

RFC 1122 recommends at least 3 retransmissions, which is the
default.
-
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+
tcp_retries2 - INTEGER
This value influences the timeout of an alive TCP connection,
when RTO retransmissions remain unacknowledged.
@@ -728,7 +740,7 @@ tcp_rfc1337 - BOOLEAN
we are not conforming to RFC, but prevent TCP TIME_WAIT
assassination.

- Default: 0
+ Default: 0 (disabled)

tcp_rmem - vector of 3 INTEGERs: min, default, max
min: Minimal size of receive buffer used by TCP sockets.
@@ -753,6 +765,8 @@ tcp_sack - BOOLEAN
Enable select acknowledgments (SACKS).

Default: 1 (enabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_comp_sack_delay_ns - LONG INTEGER
TCP tries to reduce number of SACK sent, using a timer
@@ -788,7 +802,9 @@ tcp_slow_start_after_idle - BOOLEAN
the current RTO. If unset, the congestion window will not
be timed out after an idle period.

- Default: 1
+ Default: 1 (enabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_stdurg - BOOLEAN
Use the Host requirements interpretation of the TCP urgent pointer field.
@@ -796,6 +812,8 @@ tcp_stdurg - BOOLEAN
Linux might not communicate correctly with them.

Default: 0 (disabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_synack_retries - INTEGER
Number of times SYNACKs for a passive TCP connection attempt will
@@ -852,7 +870,7 @@ tcp_migrate_req - BOOLEAN
migration by returning SK_DROP in the type of eBPF program, or
disable this option.

- Default: 0
+ Default: 0 (disabled)

tcp_fastopen - INTEGER
Enable TCP Fast Open (RFC7413) to send and accept data in the opening
@@ -1036,6 +1054,8 @@ tcp_window_scaling - BOOLEAN
- 1 - Enabled.

Default: 1 (enabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_shrink_window - BOOLEAN
This changes how the TCP receive window is calculated.
@@ -1050,7 +1070,9 @@ tcp_shrink_window - BOOLEAN
This only occurs if a non-zero receive window
scaling factor is also in effect.

- Default: 0
+ Default: 0 (disabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.

tcp_wmem - vector of 3 INTEGERs: min, default, max
min: Amount of memory reserved for send buffers for TCP sockets.
@@ -1092,7 +1114,7 @@ tcp_workaround_signed_windows - BOOLEAN
If unset, assume the remote TCP is not broken even if we do
not receive a window scaling option from them.

- Default: 0
+ Default: 0 (disabled)

tcp_thin_linear_timeouts - BOOLEAN
Enable dynamic triggering of linear timeouts for thin streams.
@@ -1105,8 +1127,10 @@ tcp_thin_linear_timeouts - BOOLEAN
For more information on thin streams, see
Documentation/networking/tcp-thin.rst

- Default: 0
-
+ Default: 0 (disabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+
tcp_limit_output_bytes - INTEGER
Controls TCP Small Queue limit per tcp socket.
TCP bulk sender tends to increase packets in flight until it
@@ -1350,7 +1374,7 @@ cipso_cache_enable - BOOLEAN
invalidated when required when means you can safely toggle this on and
off and the cache will always be "safe".

- Default: 1
+ Default: 1 (enabled)

cipso_cache_bucket_size - INTEGER
The CIPSO label cache consists of a fixed size hash table with each
@@ -1368,7 +1392,10 @@ cipso_rbm_optfmt - BOOLEAN
This means that when set the CIPSO tag will be padded with empty
categories in order to make the packet data 32-bit aligned.

- Default: 0
+ Default: 0 (disabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+

cipso_rbm_strictvalid - BOOLEAN
If set, do a very strict check of the CIPSO option when
@@ -1378,7 +1405,10 @@ cipso_rbm_strictvalid - BOOLEAN
result in less work (i.e. it should be faster) but could cause problems
with other implementations that require strict checking.

- Default: 0
+ Default: 0 (disabled)
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+

IP Variables
============
@@ -1439,6 +1469,9 @@ ip_nonlocal_bind - BOOLEAN
which can be quite useful - but may break some applications.

Default: 0
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+

ip_autobind_reuse - BOOLEAN
By default, bind() does not select the ports automatically even if
@@ -1449,6 +1482,8 @@ ip_autobind_reuse - BOOLEAN
option should only be set by experts.
Default: 0

+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+
ip_dynaddr - INTEGER
If set non-zero, enables support for dynamic addresses.
If set to a non-zero value larger than 1, a kernel log
@@ -1478,13 +1513,16 @@ tcp_early_demux - BOOLEAN
Enable early demux for established TCP sockets.

Default: 1
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+

udp_early_demux - BOOLEAN
Enable early demux for connected UDP sockets. Disable this if
your system could experience more unconnected load.

Default: 1
-
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+
icmp_echo_ignore_all - BOOLEAN
If set non-zero, then the kernel will ignore all ICMP ECHO
requests sent to it.
@@ -1817,7 +1855,7 @@ src_valid_mark - BOOLEAN
lookup. This permits rp_filter to function when the fwmark is
used for routing traffic in both directions.

- This setting also affects the utilization of fmwark when
+ This setting also affects the utilization of fwmark when
performing source address selection for ICMP replies, or
determining addresses stored for the IPOPT_TS_TSANDADDR and
IPOPT_RR IP options.
@@ -2326,7 +2364,9 @@ fwmark_reflect - BOOLEAN
fwmark of the packet they are replying to.

Default: 0
-
+
+ note: Accepts integer values (0-255) but only 0/1 have defined behaviour.
+
``conf/interface/*``:
Change special settings per interface.

--
2.25.1

Next message: linux: "[PATCH net-next] net: liquidio: Remove unused validate_cn23xx_pf_config_info()"
Previous message: Abdelrahman Fekry: "[PATCH v2 1/2] docs: net: sysctl documentation cleanup"
In reply to: Abdelrahman Fekry: "[PATCH v2 1/2] docs: net: sysctl documentation cleanup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]