Home » General » Support » network issue
| Re: network issue [message #22469 is a reply to message #22459] |
Mon, 29 October 2007 17:05   |
soptom
Messages: 34
Registered: October 2007
Location: Greece
|
Member |
|
|
[root@master2 ~]# ip r s
91.194.90.126 dev venet0 scope link
91.194.90.0/25 dev eth0 proto kernel scope link src 91.194.90.25
169.254.0.0/16 dev eth0 scope link
default via 91.194.90.1 dev eth0
[root@master2 ~]# ip a s
2: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:b3:b7:29:75 brd ff:ff:ff:ff:ff:ff
inet 91.194.90.25/25 brd 91.194.90.127 scope global eth0
inet6 fe80::202:b3ff:feb7:2975/64 scope link
valid_lft forever preferred_lft forever
6: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
1: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/void
[root@master2 ~]# cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl( and
# sysctl.conf(5) for more details.
# Disables packet forwarding
net.ipv4.ip_forward=1
# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.proxy_arp = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
# Disables the magic-sysrq key
kernel.sysrq = 1
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1
# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1
# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1
# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024
# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000
# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536
|
|
|
|
 |
|
network issue
By: soptom on Mon, 29 October 2007 13:35 |
|
|
Re: network issue
By: Valmont on Mon, 29 October 2007 14:31 |
|
|
Re: network issue
By: soptom on Mon, 29 October 2007 17:05 |
|
|
Re: network issue
By: Valmont on Mon, 29 October 2007 17:36 |
|
|
Re: network issue
By: soptom on Mon, 29 October 2007 18:13 |
|
|
Re: network issue
By: Valmont on Mon, 29 October 2007 20:48 |
|
|
Re: network issue
By: soptom on Mon, 29 October 2007 21:43 |
|
|
Re: network issue
By: Valmont on Mon, 29 October 2007 22:50 |
|
|
Re: network issue
By: soptom on Mon, 29 October 2007 23:22 |
|
|
Re: network issue
By: Valmont on Mon, 29 October 2007 23:33 |
|
|
Re: network issue
By: soptom on Mon, 29 October 2007 23:57 |
|
|
Re: network issue
By: Valmont on Tue, 30 October 2007 00:24 |
|
|
Re: network issue
By: soptom on Tue, 30 October 2007 00:35 |
|
|
Re: network issue
By: Valmont on Tue, 30 October 2007 00:37 |
|
|
Re: network issue
By: soptom on Thu, 01 November 2007 02:23 |
|
|
Re: network issue
By: Valmont on Thu, 01 November 2007 07:28 |
|
|
Re: network issue
By: soptom on Thu, 01 November 2007 11:16 |
|
|
Re: network issue
By: Valmont on Thu, 01 November 2007 11:42 |
|
|
Re: network issue
By: soptom on Thu, 01 November 2007 11:54 |
|
|
Re: network issue
By: Valmont on Thu, 01 November 2007 12:14 |
|
|
Re: network issue
By: soptom on Thu, 01 November 2007 12:52 |
|
|
Re: network issue
By: Valmont on Thu, 01 November 2007 13:21 |
|
|
Re: network issue
By: soptom on Thu, 01 November 2007 16:03 |
Goto Forum:
Current Time: Sun Sep 15 22:22:45 GMT 2024
Total time taken to generate the page: 0.03665 seconds
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
