FEDORA 30 – APACHE – SSL – BROTLI – HTTP2 – HSTS and PRELOAD

 

tovább ...

How to use Linux server with TCP BBR

 

 

Requirements kernel version 4.9 or higher.

 

List all available tcp_congestion_control

# grep TCP_CONG /boot/config-$(uname -r)
CONFIG_TCP_CONG_ADVANCED=y
CONFIG_TCP_CONG_BIC=m
CONFIG_TCP_CONG_CUBIC=y
CONFIG_TCP_CONG_WESTWOOD=m
CONFIG_TCP_CONG_HTCP=m
CONFIG_TCP_CONG_HSTCP=m
CONFIG_TCP_CONG_HYBLA=m
CONFIG_TCP_CONG_VEGAS=m
CONFIG_TCP_CONG_NV=m
CONFIG_TCP_CONG_SCALABLE=m
CONFIG_TCP_CONG_LP=m
CONFIG_TCP_CONG_VENO=m
CONFIG_TCP_CONG_YEAH=m
CONFIG_TCP_CONG_ILLINOIS=m
CONFIG_TCP_CONG_DCTCP=m
CONFIG_TCP_CONG_CDG=m
CONFIG_TCP_CONG_BBR=m
CONFIG_DEFAULT_TCP_CONG="cubic"

 

Add the options below at the end of the file.

nano /etc/sysctl.conf

net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_fin_timeout = 10
### more
net.ipv4.conf.all.arp_filter = 1
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_tw_reuse = 1

“Multiple Interfaces on Same Ethernet Broadcast Network
——————————————————
Due to the default ARP behavior on Linux, it is not possible to have one system on two IP networks in the same Ethernet broadcast domain (non-partitioned switch) behave as expected. All Ethernet interfaces will respond to IP traffic for any IP address assigned to the system. This results in unbalanced receive traffic. If you have multiple interfaces in a server, either turn on ARP filtering by entering: echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter

This only works if your kernel’s version is higher than 2.4.5. NOTE: This setting is not saved across reboots. The configuration change can be
made permanent by adding the following line to the file /etc/sysctl.conf: net.ipv4.conf.all.arp_filter = 1

Another alternative is to install the interfaces in separate broadcast domains (either in different switches or in a switch partitioned to VLANs).”


  GNU nano 4.2                   /etc/sysctl.conf                               
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_fin_timeout = 10
### more
net.ipv4.conf.all.arp_filter = 1
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_tw_reuse = 1

 

Save and rebot or sysctl –system check

# sysctl -p
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_fin_timeout = 10
net.ipv4.conf.all.arp_filter = 1
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_tw_reuse = 1

# cat /proc/sys/net/ipv4/tcp_congestion_control
bbr

 

Test on my own machine speedtest :)

tovább ...

HOWTO USE ETHERAPE ON DEBIAN 9

MONITOR YOUR NETWORK WITH EtherApe

EtherApe
[terminal user=”stretch” computer=”debian”]
$ sudo apt-get install

[/terminal]

MISSING PACKAGE

[terminal user=”stretch” computer=”debian”]
$ sudo apt-get install libcanberra-gtk-module

[/terminal]

START WITHOUT ERROR MESSAGE

[terminal user=”stretch” computer=”debian”]
$ sudo etherape

[/terminal]

tovább ...

DEBIAN 9.9 – APACHE – SSL – BROTLI – HTTP2

Install the Apache Web Server on Debian

DEFRAG and TRIM
sudo e4defrag /
fstrim -va

DEBIAN PERFORMANCE TUNING

Sample

nano /e...

tovább ...

CYBERTHREAT REAL-TIME MAP


HUNGARY – Top – Local infections IN THE LAST MONTH

tovább ...

Live Cyber Attack

tovább ...

MALWAREINT(BETA) LIVE MAP

tovább ...

Word of Tanks Blitz Update 5.5 – missing millions of worth of equipment, consumable, ammunitions, equipment

Word of Tanks Blitz Update 5.5 (2018.11.13)

  • 28 vehicles have no (missing) Apperance, Consumable, Ammunitions, (and 1-2 Equipment).
  • not correct, not fair,
  • where the credit, gold?
tovább ...

SAFARI 12 – FACEBOOK, GMAIL ERROR- SOLVED

Content Blocker Of

Enable experimental functions

tovább ...

Crash Reporter

Crash Reporter has three modes of operations:

  • Basic — The default mode. Only application crashes are reported, and the dialog does not contain any debugging information.
  • Developer — In addition to application crashes, crashes are also displayed for background and system processes.
  • Server — The default for macOS Server systems. No crash reports are shown to the user (though they are still logged).
  • None — Disables the dialog prompt. Crash reports are neither displayed nor logged.

OnyX


tovább ...

©2016 idStudio & SMThemes.com