ip_respond_to_echo_broadcast and ip6_respond_to_echo_multicast
| Description | Control whether IPv4
or IPv6 responds to broadcast ICMPv4 echo request or multicast ICMPv6 echo
request.
| | Default | 1 (enabled)
| | Range | 0 (disabled), 1 (enabled)
| | Dynamic? | Yes
| | When to Change | If you do not want
this behavior for security reasons, disable it.
| | Commitment Level | Unstable
|
ip_send_redirects and ip6_send_redirects
| Description | Control whether IPv4
or IPv6 sends out ICMPv4 or ICMPv6 redirect messages. See also ip_forwarding and ip6_forwarding.
| | Default | 1 (enabled)
| | Range | 0 (disabled), 1 (enabled)
| | Dynamic? | Yes
| | When to Change | If you do not want
this behavior for security reasons, disable it.
| | Commitment Level | Unstable
|
ip_forward_src_routed and ip6_forward_src_routed
| Description | Control whether IPv4
or IPv6 forwards packets with source IPv4 routing options or IPv6 routing
headers. See also ip_forwarding and ip6_forwarding.
| | Default | 1 (enabled)
| | Range | 0 (disabled), 1 (enabled)
| | Dynamic? | Yes
| | When to Change | If you do not want
this behavior for security reasons, disable it.
| | Commitment Level | Unstable
|
ip_addrs_per_if
| Description | The maximum number of
logical interfaces associated with a real interface.
| | Default | 256
| | Range | 1 to 8192
| | Dynamic? | Yes
| | When to Change | Do not change the
value. If more logical interfaces are required, increase the value, but recognize
that this change might have a negative impact on IP's performance.
| | Commitment Level | Unstable
|
ip_strict_dst_multihoming and ip6_strict_dst_multihoming
| Description | Determine whether a
packet arriving on a non-forwarding interface can be accepted for an IP address
that is not explicitly configured on that interface. If ip_forwarding is enabled, or xxx:ip_forwarding for the appropriate interfaces is enabled, then this parameter
is ignored, because the packet is actually forwarded.
Refer to RFC 1122 3.3.4.2.
| | Default | 0 (loose multihoming)
| | Range | 0 = Off (loose multihoming)
1 = On (strict multihoming)
| | Dynamic? | Yes
| | When to Change | If a machine has
interfaces that cross strict networking domains (for example, a firewall or
a VPN node), set this variable to 1.
| | Commitment Level | Unstable
|
ip_multidata_outbound
| Description | This parameter enables
the network stack to send more than one packet at one time to the network
device driver during transmission.
Enabling this parameter reduces the per-packet processing costs by improving
the host CPU utilization and/or network throughput.
The multidata transmit (MDT) feature is only effective for device drivers
that support this feature.
The following parameter must be enabled in the /etc/system file to use the MDT parameter:
set ip:ip_use_dl_cap = 0x1
| | Default | Disabled
| | Range | 0 (disabled), 1 (enabled)
| | Dynamic? | Yes
| | When to Change | This feature can
be enabled at any time to allow for improved system performance with the following
cautions:
Enabling this feature might change the appearance of any packets
between the IP layer and the DLPI provider. So, any third-party STREAMS module
that is dynamically inserted between the IP layer and the DLPI provider by
using ifconfig's modinsert feature,
which doesn't understand the MDT STREAMS data type, might not work.
Modules that are inserted between the IP and the DLPI provider
with the autopush(1m) mechanism might not work as well.
Keep this feature disabled when a STREAMS module is not MDT
aware. For example, the public domain utilities such as ipfilter, Checkpoint
Firewall-1, and so on, are not MDT aware.
| | Commitment Level | Unstable
|
IP Tunable Parameters With Additional Cautions
Changing the following parameters is not recommended unless there are
extenuating circumstances that are described with each parameter.
|
Previous