/etc/sysctl.conf

The /etc/sysctl.conf file in Linux is used to configure kernel parameters at boot time. This file allows you to set system-wide parameters that control kernel behavior, such as networking settings, virtual memory management, and various other system options. These parameters are read and applied by the sysctl command during system boot.

Overview of /etc/sysctl.conf

Purpose

The /etc/sysctl.conf file provides a way to:

  • Persistently set kernel parameters.

  • Automatically apply these settings at boot time.

  • Ensure system-wide configuration consistency.

Basic Format

The general format of the /etc/sysctl.conf file is:

# Comment
kernel.parameter = value

Each line in the file specifies a kernel parameter and its value. Comments can be added using the # character.

Example Entries

Here are some common kernel parameters and their descriptions:

  1. Networking Parameters

    • Enable IP forwarding:

      net.ipv4.ip_forward = 1

    • Enable TCP SYN cookies (protection against SYN flood attacks):

      net.ipv4.tcp_syncookies = 1

    • Disable IPv6:

      net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

  2. Virtual Memory Parameters

    • Set the kernel’s swappiness value (tendency to swap out memory):

      vm.swappiness = 10

    • Set the maximum amount of system memory that can be filled with dirty pages before they are written to disk:

      vm.dirty_ratio = 20

  3. File System Parameters

    • Set the maximum number of open file descriptors:

      fs.file-max = 100000

    • Set the maximum number of inotify watches per user:

      fs.inotify.max_user_watches = 524288

Applying Changes

To apply changes made to the /etc/sysctl.conf file without rebooting, use the following command:

sudo sysctl -p

This command reloads the /etc/sysctl.conf file and applies the new settings.

Using /etc/sysctl.d/

For more granular control and to avoid modifying the main /etc/sysctl.conf file, you can place configuration files in the /etc/sysctl.d/ directory. These files have the same format as /etc/sysctl.conf and are read by sysctl at boot time.

Example:

Create a file /etc/sysctl.d/99-custom.conf with the following content:

# Custom sysctl settings
net.ipv4.ip_forward = 1
fs.file-max = 100000

Apply the changes using:

sudo sysctl --system

This command reloads all settings from /etc/sysctl.conf and files in /etc/sysctl.d/.

Example Configuration

Here is an example of a complete /etc/sysctl.conf file:

# Enable IP forwarding
net.ipv4.ip_forward = 1

# Enable TCP SYN cookies
net.ipv4.tcp_syncookies = 1

# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

# Set swappiness
vm.swappiness = 10

# Set dirty ratio
vm.dirty_ratio = 20

# Set maximum number of open file descriptors
fs.file-max = 100000

# Set maximum number of inotify watches
fs.inotify.max_user_watches = 524288

Conclusion

The /etc/sysctl.conf file is a crucial component for managing kernel parameters and tuning system performance in Linux. By properly configuring this file, you can ensure that your system runs optimally and securely based on your specific requirements.

Previous/etc/swanctl/swanctl.confNext/etc/usbguard/rules.conf

Last updated