#!/sbin/sh
#
# /etc/rcS.d/S31your-tune -> /etc/init.d/your-tune
#
PATH=/usr/bin:/usr/sbin
/usr/ucb/echo -n "Tweaking Solaris TPC/IP: "

# determine, if Solaris 2.6 or above is installed (care w/ 2.5.1!)
osver=`uname -r | sed s/\\.// | awk '{ print $1*10 }'`

# determine, if patch 10358[123]-12 or above is installed (2.5.1: x86+Sparc)
# if you are using Solaris < 2.5.1, you must modify this to suit your needs.
# since /var is usually not yet mounted, we must look into the kernel module.
patch=`(strings -a /kernel/drv/tcp | egrep '10358[123]' | \
    awk '{ print $4 }' || echo 0-0) | awk -F- '{ print $2*1 }'`

# report your findings (for Solari < 2.6 only)
if [ $osver -lt 260 ]; then
    if [ $patch -gt 0 ]; then
	/usr/ucb/echo -n "TCP patch pl-$patch found "
	if [ $patch -ge 12 ]; then
	    echo "(good)"
	else 
	    echo "(too low)"
	fi
    else
	echo "TCP patch missing (bad)"
    fi
else
    echo "Solaris 2.6 or above (good)"
fi

# connection Q: *INCREASE* if you suffer from SYN floods, or many drops...
if [ $osver -ge 260 -o $patch -ge 12 ]; then
    # Solaris 2.6 *OR* patch 103582-12 or above applied
    echo "   tweaking separate connection queues"
    ndd -set /dev/tcp tcp_conn_req_max_q 512   # 128 for restrictions
    ndd -set /dev/tcp tcp_conn_req_max_q0 1024 # 10240 for SYN floods
else
    # Solaris 2.5.1 or below, no patch
    echo "   tweaking single connection queue"
    ndd -set /dev/tcp tcp_conn_req_max 512     # Hmmm, how about 1024
fi

# retransmission timeouts
echo "   tweaking timeouts"
ndd -set /dev/tcp tcp_rexmit_interval_initial 3000 # 500 for laboratories
ndd -set /dev/tcp tcp_rexmit_interval_min 2000     # 200 for laboratories
ndd -set /dev/tcp tcp_ip_abort_interval 600000     # 10 minutes before drop
ndd -set /dev/tcp tcp_ip_abort_cinterval 60000     # 60 seconds to estab. conn.
ndd -set /dev/tcp tcp_rexmit_interval_max 240000   # RFC instead of 2MSL

if [ $osver -ge 260 -o $patch -ge 15 ]; then
    # Solaris 2.6 *OR* patch 103582-15 or above applied
    echo "   tweaking slow start bug/feature"
    ndd -set /dev/tcp tcp_slow_start_initial 2
fi

# path MTU discovery, common timers
echo "   tweaking pMTU discovery interval and common timers"
ndd -set /dev/ip ip_ire_pathmtu_interval 600000
ndd -set /dev/tcp tcp_keepalive_interval 600000
ndd -set /dev/tcp tcp_close_wait_interval 60000 # 2MSL value
ndd -set /dev/tcp tcp_fin_wait_2_flush_interval 67500

# common parameters
echo "   tweaking misc. parameters"
ndd -set /dev/ip ip_forward_src_routed 0
ndd -set /dev/ip ip_icmp_err_interval 0
ndd -set /dev/tcp tcp_smallest_anon_port 8192
ndd -set /dev/udp udp_smallest_anon_port 8192

# windows
echo "   tweaking windows, buffer sizes and watermarks"
ndd -set /dev/udp udp_xmit_hiwat 16384	# max. UDP PDU size for sending
ndd -set /dev/udp udp_recv_hiwat 49152	# queue for UDP PDUs (3 * ICP)
ndd -set /dev/tcp tcp_xmit_hiwat 32768	# Cockroft's recommendations
ndd -set /dev/tcp tcp_recv_hiwat 32768	# Cockroft's recommendations

echo "done."