1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4# for debugging set net.netfilter.nf_log_all_netns=1 in init_net 5# or do not use net namespaces. 6modprobe -q nf_conntrack 7sysctl -q net.netfilter.nf_conntrack_log_invalid=6 8 9# Flush old cached data (fastopen cookies). 10ip tcp_metrics flush all > /dev/null 2>&1 11 12# TCP min, default, and max receive and send buffer sizes. 13sysctl -q net.ipv4.tcp_rmem="4096 540000 $((15*1024*1024))" 14sysctl -q net.ipv4.tcp_wmem="4096 $((256*1024)) 4194304" 15 16# TCP congestion control. 17sysctl -q net.ipv4.tcp_congestion_control=cubic 18 19# TCP slow start after idle. 20sysctl -q net.ipv4.tcp_slow_start_after_idle=0 21 22# TCP Explicit Congestion Notification (ECN) 23sysctl -q net.ipv4.tcp_ecn=0 24 25sysctl -q net.ipv4.tcp_notsent_lowat=4294967295 > /dev/null 2>&1 26 27# Override the default qdisc on the tun device. 28# Many tests fail with timing errors if the default 29# is FQ and that paces their flows. 30tc qdisc add dev tun0 root pfifo 31 32# Enable conntrack 33$xtables -A INPUT -m conntrack --ctstate NEW -p tcp --syn 34