diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-09-15 08:46:51 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-15 08:46:51 +0200 |
| commit | 9a38b823b8c94b03448c82a1695943f3e19b92d1 (patch) | |
| tree | e79137c9b82dd3306b7dd20fc72cf37b4d706a3b | |
| parent | 9562dd1081adc934d27d01e8fd5c8311934a6563 (diff) | |
| download | vyos-1x-9a38b823b8c94b03448c82a1695943f3e19b92d1.tar.gz vyos-1x-9a38b823b8c94b03448c82a1695943f3e19b92d1.zip | |
conntrack: T4691: lower "tcp max-retrans" upper limit
Kernel 5.15.y and newer only support an upper boundary of 255.
vyos@vyos:~$ sudo sysctl -w net.netfilter.nf_conntrack_tcp_max_retrans=255
net.netfilter.nf_conntrack_tcp_max_retrans = 255
vyos@vyos:~$ sudo sysctl -w net.netfilter.nf_conntrack_tcp_max_retrans=256
sysctl: setting key "net.netfilter.nf_conntrack_tcp_max_retrans": Invalid argument
| -rw-r--r-- | interface-definitions/system-conntrack.xml.in | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/interface-definitions/system-conntrack.xml.in b/interface-definitions/system-conntrack.xml.in index 14f12b569..5810a97c6 100644 --- a/interface-definitions/system-conntrack.xml.in +++ b/interface-definitions/system-conntrack.xml.in @@ -259,13 +259,13 @@ </leafNode> <leafNode name="max-retrans"> <properties> - <help>TCP maximum retransmit attempts</help> + <help>Maximum number of packets that can be retransmitted without received an ACK</help> <valueHelp> - <format>u32:1-2147483647</format> - <description>Generic connection timeout in seconds</description> + <format>u32:1-255</format> + <description>Number of packets to be retransmitted</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-2147483647"/> + <validator name="numeric" argument="--range 1-255"/> </constraint> </properties> <defaultValue>3</defaultValue> |