Provided by: manpages_6.03-1_all bug

NAME

       tcp - TCP protocol

SYNOPSIS

       #include <sys/socket.h>
       #include <netinet/in.h>
       #include <netinet/tcp.h>

       tcp_socket = socket(AF_INET, SOCK_STREAM, 0);

DESCRIPTION

       This  is  an  implementation of the TCP protocol defined in RFC 793, RFC 1122 and RFC 2001
       with the NewReno and SACK extensions.  It  provides  a  reliable,  stream-oriented,  full-
       duplex  connection  between two sockets on top of ip(7), for both v4 and v6 versions.  TCP
       guarantees that the data arrives in order and retransmits lost packets.  It generates  and
       checks  a  per-packet checksum to catch transmission errors.  TCP does not preserve record
       boundaries.

       A newly created TCP socket has no remote or local address and is not fully specified.   To
       create  an outgoing TCP connection use connect(2) to establish a connection to another TCP
       socket.  To receive new incoming connections, first bind(2) the socket to a local  address
       and port and then call listen(2) to put the socket into the listening state.  After that a
       new socket for each incoming connection can be accepted using accept(2).  A  socket  which
       has  had  accept(2)  or  connect(2)  successfully  called on it is fully specified and may
       transmit data.  Data cannot be transmitted on listening or not yet connected sockets.

       Linux supports RFC 1323 TCP high performance extensions.  These include Protection Against
       Wrapped Sequence Numbers (PAWS), Window Scaling and Timestamps.  Window scaling allows the
       use of large (> 64 kB) TCP windows  in  order  to  support  links  with  high  latency  or
       bandwidth.   To  make  use  of  them, the send and receive buffer sizes must be increased.
       They    can    be    set    globally    with    the    /proc/sys/net/ipv4/tcp_wmem     and
       /proc/sys/net/ipv4/tcp_rmem  files,  or  on  individual sockets by using the SO_SNDBUF and
       SO_RCVBUF socket options with the setsockopt(2) call.

       The maximum sizes for socket buffers declared via the SO_SNDBUF and  SO_RCVBUF  mechanisms
       are     limited     by    the    values    in    the    /proc/sys/net/core/rmem_max    and
       /proc/sys/net/core/wmem_max files.  Note that TCP actually allocates twice the size of the
       buffer  requested  in  the setsockopt(2) call, and so a succeeding getsockopt(2) call will
       not return the same size of buffer as requested in the setsockopt(2) call.  TCP  uses  the
       extra space for administrative purposes and internal kernel structures, and the /proc file
       values reflect the larger sizes  compared  to  the  actual  TCP  windows.   On  individual
       connections, the socket buffer size must be set prior to the listen(2) or connect(2) calls
       in order to have it take effect.  See socket(7) for more information.

       TCP supports urgent data.  Urgent data is used to signal the receiver that some  important
       message  is  part  of the data stream and that it should be processed as soon as possible.
       To send urgent data specify the MSG_OOB option to send(2).  When urgent data is  received,
       the  kernel sends a SIGURG signal to the process or process group that has been set as the
       socket "owner" using the SIOCSPGRP or FIOSETOWN ioctls (or the POSIX.1-specified  fcntl(2)
       F_SETOWN  operation).   When the SO_OOBINLINE socket option is enabled, urgent data is put
       into the normal data stream (a program can test for  its  location  using  the  SIOCATMARK
       ioctl described below), otherwise it can be received only when the MSG_OOB flag is set for
       recv(2) or recvmsg(2).

       When out-of-band data is present, select(2) indicates the file  descriptor  as  having  an
       exceptional condition and poll (2) indicates a POLLPRI event.

       Linux  2.4  introduced a number of changes for improved throughput and scaling, as well as
       enhanced functionality.  Some of these features include support for zero-copy sendfile(2),
       Explicit  Congestion  Notification, new management of TIME_WAIT sockets, keep-alive socket
       options and support for Duplicate SACK extensions.

   Address formats
       TCP is built on top of IP (see ip(7)).  The address formats defined by ip(7) apply to TCP.
       TCP  supports  point-to-point  communication  only;  broadcasting and multicasting are not
       supported.

   /proc interfaces
       System-wide  TCP  parameter  settings  can  be  accessed  by  files   in   the   directory
       /proc/sys/net/ipv4/.   In addition, most IP /proc interfaces also apply to TCP; see ip(7).
       Variables described as Boolean take an  integer  value,  with  a  nonzero  value  ("true")
       meaning  that the corresponding option is enabled, and a zero value ("false") meaning that
       the option is disabled.

       tcp_abc (Integer; default: 0; Linux 2.6.15 to Linux 3.8)
              Control the Appropriate Byte Count (ABC), defined in RFC 3465.  ABC  is  a  way  of
              increasing  the  congestion  window  (cwnd)  more  slowly  in  response  to partial
              acknowledgements.  Possible values are:

              0      increase cwnd once per acknowledgement (no ABC)

              1      increase cwnd once per acknowledgement of full sized segment

              2      allow increase cwnd  by  two  if  acknowledgement  is  of  two  segments  to
                     compensate for delayed acknowledgements.

       tcp_abort_on_overflow (Boolean; default: disabled; since Linux 2.4)
              Enable  resetting  connections  if  the listening service is too slow and unable to
              keep up and accept them.  It means that if overflow occurred due to  a  burst,  the
              connection  will  recover.  Enable this option only if you are really sure that the
              listening daemon cannot be tuned  to  accept  connections  faster.   Enabling  this
              option can harm the clients of your server.

       tcp_adv_win_scale (integer; default: 2; since Linux 2.4)
              Count  buffering  overhead  as  bytes/2^tcp_adv_win_scale,  if tcp_adv_win_scale is
              greater than 0; or bytes-bytes/2^(-tcp_adv_win_scale), if tcp_adv_win_scale is less
              than or equal to zero.

              The  socket receive buffer space is shared between the application and kernel.  TCP
              maintains part of the buffer as the TCP window, this is the  size  of  the  receive
              window  advertised  to  the  other  end.   The  rest  of  the  space is used as the
              "application" buffer, used to isolate the network from scheduling  and  application
              latencies.   The  tcp_adv_win_scale  default value of 2 implies that the space used
              for the application buffer is one fourth that of the total.

       tcp_allowed_congestion_control (String; default: see text; since Linux 2.4.20)
              Show/set  the  congestion  control  algorithm  choices  available  to  unprivileged
              processes  (see the description of the TCP_CONGESTION socket option).  The items in
              the list are separated by white space and terminated by a newline  character.   The
              list  is a subset of those listed in tcp_available_congestion_control.  The default
              value for this list is "reno" plus the default setting of tcp_congestion_control.

       tcp_autocorking (Boolean; default: enabled; since Linux 3.14)
              If this option is  enabled,  the  kernel  tries  to  coalesce  small  writes  (from
              consecutive  write(2)  and  sendmsg(2)  calls)  as  much  as  possible, in order to
              decrease the total number of sent packets.  Coalescing is  done  if  at  least  one
              prior  packet  for  the  flow  is waiting in Qdisc queues or device transmit queue.
              Applications can still use the TCP_CORK socket option to  obtain  optimal  behavior
              when they know how/when to uncork their sockets.

       tcp_available_congestion_control (String; read-only; since Linux 2.4.20)
              Show a list of the congestion-control algorithms that are registered.  The items in
              the list are separated by white space and terminated by a newline character.   This
              list  is  a  limiting  set  for  the  list in tcp_allowed_congestion_control.  More
              congestion-control algorithms may be available as modules, but not loaded.

       tcp_app_win (integer; default: 31; since Linux 2.4)
              This variable defines how many bytes of the TCP window are reserved  for  buffering
              overhead.

              A  maximum  of (window/2^tcp_app_win, mss) bytes in the window are reserved for the
              application buffer.  A value of 0 implies that no amount is reserved.

       tcp_base_mss (Integer; default: 512; since Linux 2.6.17)
              The initial value of search_low to be used by  the  packetization  layer  Path  MTU
              discovery  (MTU  probing).  If MTU probing is enabled, this is the initial MSS used
              by the connection.

       tcp_bic (Boolean; default: disabled; Linux 2.4.27/2.6.6 to Linux 2.6.13)
              Enable BIC TCP congestion control algorithm.  BIC-TCP is a sender-side-only  change
              that  ensures  a  linear  RTT  fairness  under  large  windows  while offering both
              scalability and bounded TCP-friendliness.  The protocol combines two schemes called
              additive increase and binary search increase.  When the congestion window is large,
              additive increase with a large increment ensures linear RTT  fairness  as  well  as
              good  scalability.  Under small congestion windows, binary search increase provides
              TCP friendliness.

       tcp_bic_low_window (integer; default: 14; Linux 2.4.27/2.6.6 to Linux 2.6.13)
              Set the threshold window (in packets) where BIC TCP starts to adjust the congestion
              window.  Below this threshold BIC TCP behaves the same as the default TCP Reno.

       tcp_bic_fast_convergence (Boolean; default: enabled; Linux 2.4.27/2.6.6 to Linux 2.6.13)
              Force  BIC TCP to more quickly respond to changes in congestion window.  Allows two
              flows sharing the same connection to converge more rapidly.

       tcp_congestion_control (String; default: see text; since Linux 2.4.13)
              Set the default congestion-control algorithm to be used for new  connections.   The
              algorithm  "reno"  is  always  available,  but  additional choices may be available
              depending on kernel configuration.  The default value for this file is set as  part
              of kernel configuration.

       tcp_dma_copybreak (integer; default: 4096; since Linux 2.6.24)
              Lower  limit, in bytes, of the size of socket reads that will be offloaded to a DMA
              copy engine, if one is present in the system and the kernel was configured with the
              CONFIG_NET_DMA option.

       tcp_dsack (Boolean; default: enabled; since Linux 2.4)
              Enable RFC 2883 TCP Duplicate SACK support.

       tcp_fastopen (Bitmask; default: 0x1; since Linux 3.7)
              Enables  RFC  7413  Fast  Open  support.   The  flag  is  used as a bitmap with the
              following values:

              0x1    Enables client side Fast Open support

              0x2    Enables server side Fast Open support

              0x4    Allows client side to transmit data in SYN without Fast Open option

              0x200  Allows server side to accept SYN data without Fast Open option

              0x400  Enables Fast Open on all listeners without TCP_FASTOPEN socket option

       tcp_fastopen_key (since Linux 3.7)
              Set server side RFC 7413 Fast Open key to generate Fast  Open  cookie  when  server
              side Fast Open support is enabled.

       tcp_ecn (Integer; default: see below; since Linux 2.4)
              Enable RFC 3168 Explicit Congestion Notification.

              This file can have one of the following values:

              0      Disable  ECN.   Neither initiate nor accept ECN.  This was the default up to
                     and including Linux 2.6.30.

              1      Enable ECN when requested by incoming connections and also  request  ECN  on
                     outgoing connection attempts.

              2      Enable ECN when requested by incoming connections, but do not request ECN on
                     outgoing connections.  This value is supported, and is  the  default,  since
                     Linux 2.6.31.

              When  enabled,  connectivity  to  some destinations could be affected due to older,
              misbehaving middle boxes  along  the  path,  causing  connections  to  be  dropped.
              However,  to  facilitate and encourage deployment with option 1, and to work around
              such buggy equipment, the tcp_ecn_fallback option has been introduced.

       tcp_ecn_fallback (Boolean; default: enabled; since Linux 4.1)
              Enable RFC 3168, Section 6.1.1.1. fallback.  When enabled, outgoing ECN-setup  SYNs
              that  time out within the normal SYN retransmission timeout will be resent with CWR
              and ECE cleared.

       tcp_fack (Boolean; default: enabled; since Linux 2.2)
              Enable TCP Forward Acknowledgement support.

       tcp_fin_timeout (integer; default: 60; since Linux 2.2)
              This specifies how many seconds to wait for a final FIN packet before the socket is
              forcibly  closed.   This  is  strictly  a  violation  of the TCP specification, but
              required to prevent denial-of-service attacks.  In Linux 2.2, the default value was
              180.

       tcp_frto (integer; default: see below; since Linux 2.4.21/2.6)
              Enable  F-RTO,  an  enhanced  recovery  algorithm  for  TCP retransmission timeouts
              (RTOs).  It is particularly beneficial in wireless environments where  packet  loss
              is  typically  due  to  random  radio  interference rather than intermediate router
              congestion.  See RFC 4138 for more details.

              This file can have one of the following values:

              0      Disabled.  This was the default up to and including Linux 2.6.23.

              1      The basic version F-RTO algorithm is enabled.

              2      Enable SACK-enhanced F-RTO if flow uses SACK.  The basic version can be used
                     also  when SACK is in use though in that case scenario(s) exists where F-RTO
                     interacts badly with the packet counting of the SACK-enabled TCP flow.  This
                     value is the default since Linux 2.6.24.

              Before  Linux  2.6.22, this parameter was a Boolean value, supporting just values 0
              and 1 above.

       tcp_frto_response (integer; default: 0; since Linux 2.6.22)
              When F-RTO has detected that a TCP retransmission timeout was spurious  (i.e.,  the
              timeout  would  have been avoided had TCP set a longer retransmission timeout), TCP
              has several options concerning what to do next.  Possible values are:

              0      Rate halving based; a smooth and conservative response,  results  in  halved
                     congestion window (cwnd) and slow-start threshold (ssthresh) after one RTT.

              1      Very conservative response; not recommended because even though being valid,
                     it interacts poorly with the rest of Linux TCP;  halves  cwnd  and  ssthresh
                     immediately.

              2      Aggressive  response;  undoes congestion-control measures that are now known
                     to be unnecessary (ignoring the possibility of a  lost  retransmission  that
                     would  require  TCP  to be more cautious); cwnd and ssthresh are restored to
                     the values prior to timeout.

       tcp_keepalive_intvl (integer; default: 75; since Linux 2.4)
              The number of seconds between TCP keep-alive probes.

       tcp_keepalive_probes (integer; default: 9; since Linux 2.2)
              The maximum number of TCP keep-alive probes to send before giving  up  and  killing
              the connection if no response is obtained from the other end.

       tcp_keepalive_time (integer; default: 7200; since Linux 2.2)
              The  number  of seconds a connection needs to be idle before TCP begins sending out
              keep-alive probes.  Keep-alives are sent only when the SO_KEEPALIVE  socket  option
              is  enabled.   The  default value is 7200 seconds (2 hours).  An idle connection is
              terminated after approximately an additional 11 minutes (9 probes an interval of 75
              seconds apart) when keep-alive is enabled.

              Note that underlying connection tracking mechanisms and application timeouts may be
              much shorter.

       tcp_low_latency (Boolean; default: disabled; since Linux 2.4.21/2.6; obsolete since  Linux
       4.14)
              If  enabled,  the TCP stack makes decisions that prefer lower latency as opposed to
              higher  throughput.   It  this  option  is  disabled,  then  higher  throughput  is
              preferred.  An example of an application where this default should be changed would
              be a Beowulf compute cluster.  Since Linux 4.14, this file still  exists,  but  its
              value is ignored.

       tcp_max_orphans (integer; default: see below; since Linux 2.4)
              The  maximum  number of orphaned (not attached to any user file handle) TCP sockets
              allowed in the system.  When this number is exceeded, the  orphaned  connection  is
              reset  and  a warning is printed.  This limit exists only to prevent simple denial-
              of-service attacks.  Lowering this limit is not  recommended.   Network  conditions
              might  require  you  to  increase the number of orphans allowed, but note that each
              orphan can eat up to ~64 kB of unswappable memory.  The default  initial  value  is
              set  equal  to  the  kernel  parameter  NR_FILE.   This initial default is adjusted
              depending on the memory in the system.

       tcp_max_syn_backlog (integer; default: see below; since Linux 2.2)
              The maximum number of queued connection requests which have still not  received  an
              acknowledgement from the connecting client.  If this number is exceeded, the kernel
              will begin dropping requests.  The default value of 256 is increased to  1024  when
              the memory present in the system is adequate or greater (>= 128 MB), and reduced to
              128 for those systems with very low memory (<= 32 MB).

              Before Linux 2.6.20, it was recommended that if this needed to be  increased  above
              1024,  the  size  of  the  SYNACK  hash table (TCP_SYNQ_HSIZE) in include/net/tcp.h
              should be modified to keep

                  TCP_SYNQ_HSIZE * 16 <= tcp_max_syn_backlog

              and  the  kernel  should  be  recompiled.   In  Linux  2.6.20,  the   fixed   sized
              TCP_SYNQ_HSIZE was removed in favor of dynamic sizing.

       tcp_max_tw_buckets (integer; default: see below; since Linux 2.4)
              The maximum number of sockets in TIME_WAIT state allowed in the system.  This limit
              exists only to prevent simple denial-of-service  attacks.   The  default  value  of
              NR_FILE*2  is  adjusted  depending  on the memory in the system.  If this number is
              exceeded, the socket is closed and a warning is printed.

       tcp_moderate_rcvbuf (Boolean; default: enabled; since Linux 2.4.17/2.6.7)
              If enabled, TCP performs receive buffer auto-tuning,  attempting  to  automatically
              size  the  buffer  (no  greater than tcp_rmem[2]) to match the size required by the
              path for full throughput.

       tcp_mem (since Linux 2.4)
              This is a vector of 3 integers: [low, pressure, high].  These bounds,  measured  in
              units  of  the  system  page  size, are used by TCP to track its memory usage.  The
              defaults are calculated at boot time from the amount of available memory.  (TCP can
              only  use  low  memory for this, which is limited to around 900 megabytes on 32-bit
              systems.  64-bit systems do not suffer this limitation.)

              low    TCP doesn't regulate its memory allocation when the number of pages  it  has
                     allocated globally is below this number.

              pressure
                     When the amount of memory allocated by TCP exceeds this number of pages, TCP
                     moderates its memory consumption.  This memory pressure state is exited once
                     the number of pages allocated falls below the low mark.

              high   The  maximum  number of pages, globally, that TCP will allocate.  This value
                     overrides any other limits imposed by the kernel.

       tcp_mtu_probing (integer; default: 0; since Linux 2.6.17)
              This parameter controls TCP Packetization-Layer Path MTU Discovery.  The  following
              values may be assigned to the file:

              0      Disabled

              1      Disabled by default, enabled when an ICMP black hole detected

              2      Always enabled, use initial MSS of tcp_base_mss.

       tcp_no_metrics_save (Boolean; default: disabled; since Linux 2.6.6)
              By  default,  TCP  saves  various  connection  metrics  in the route cache when the
              connection closes, so that connections established in the near future can use these
              to set initial conditions.  Usually, this increases overall performance, but it may
              sometimes cause performance degradation.  If tcp_no_metrics_save  is  enabled,  TCP
              will not cache metrics on closing connections.

       tcp_orphan_retries (integer; default: 8; since Linux 2.4)
              The  maximum  number  of attempts made to probe the other end of a connection which
              has been closed by our end.

       tcp_reordering (integer; default: 3; since Linux 2.4)
              The maximum a packet can be reordered in a TCP packet stream without  TCP  assuming
              packet  loss and going into slow start.  It is not advisable to change this number.
              This is a packet reordering detection metric designed to minimize unnecessary  back
              off and retransmits provoked by reordering of packets on a connection.

       tcp_retrans_collapse (Boolean; default: enabled; since Linux 2.2)
              Try to send full-sized packets during retransmit.

       tcp_retries1 (integer; default: 3; since Linux 2.2)
              The  number  of  times  TCP  will  attempt to retransmit a packet on an established
              connection normally, without  the  extra  effort  of  getting  the  network  layers
              involved.   Once  we  exceed  this number of retransmits, we first have the network
              layer update the route if possible before each new retransmit.  The default is  the
              RFC specified minimum of 3.

       tcp_retries2 (integer; default: 15; since Linux 2.2)
              The  maximum  number  of  times  a TCP packet is retransmitted in established state
              before giving up.  The default value is 15, which  corresponds  to  a  duration  of
              approximately  between  13  to 30 minutes, depending on the retransmission timeout.
              The RFC 1122 specified minimum limit of 100 seconds is typically deemed too short.

       tcp_rfc1337 (Boolean; default: disabled; since Linux 2.2)
              Enable TCP behavior conformant with RFC 1337.  When disabled, if a RST is  received
              in  TIME_WAIT state, we close the socket immediately without waiting for the end of
              the TIME_WAIT period.

       tcp_rmem (since Linux 2.4)
              This is a vector of 3 integers: [min, default, max].  These parameters are used  by
              TCP  to  regulate  receive  buffer  sizes.  TCP dynamically adjusts the size of the
              receive buffer from the defaults listed  below,  in  the  range  of  these  values,
              depending on memory available in the system.

              min    minimum  size  of  the  receive buffer used by each TCP socket.  The default
                     value is the system page size.  (On Linux 2.4, the default  value  is  4 kB,
                     lowered  to  PAGE_SIZE  bytes in low-memory systems.)  This value is used to
                     ensure that in memory pressure mode, allocations below this size will  still
                     succeed.   This is not used to bound the size of the receive buffer declared
                     using SO_RCVBUF on a socket.

              default
                     the default size of the  receive  buffer  for  a  TCP  socket.   This  value
                     overwrites   the  initial  default  buffer  size  from  the  generic  global
                     net.core.rmem_default defined for all protocols.  The default value is 87380
                     bytes.  (On Linux 2.4, this will be lowered to 43689 in low-memory systems.)
                     If larger receive buffer sizes are desired, this value should  be  increased
                     (to   affect   all   sockets).    To   employ   large   TCP   windows,   the
                     net.ipv4.tcp_window_scaling must be enabled (default).

              max    the maximum size of the receive buffer used by each TCP socket.  This  value
                     does  not  override the global net.core.rmem_max.  This is not used to limit
                     the size of the receive buffer declared using SO_RCVBUF on  a  socket.   The
                     default value is calculated using the formula

                         max(87380, min(4 MB, tcp_mem[1]*PAGE_SIZE/128))

                     (On  Linux 2.4, the default is 87380*2 bytes, lowered to 87380 in low-memory
                     systems).

       tcp_sack (Boolean; default: enabled; since Linux 2.2)
              Enable RFC 2018 TCP Selective Acknowledgements.

       tcp_slow_start_after_idle (Boolean; default: enabled; since Linux 2.6.18)
              If enabled, provide RFC 2861 behavior and time out the congestion window  after  an
              idle  period.   An  idle  period  is  defined  as  the  current RTO (retransmission
              timeout).  If disabled, the congestion window will not be timed out after  an  idle
              period.

       tcp_stdurg (Boolean; default: disabled; since Linux 2.2)
              If  this option is enabled, then use the RFC 1122 interpretation of the TCP urgent-
              pointer field.  According to this interpretation, the urgent pointer points to  the
              last  byte of urgent data.  If this option is disabled, then use the BSD-compatible
              interpretation of the urgent pointer: the urgent pointer points to the  first  byte
              after the urgent data.  Enabling this option may lead to interoperability problems.

       tcp_syn_retries (integer; default: 6; since Linux 2.2)
              The  maximum number of times initial SYNs for an active TCP connection attempt will
              be retransmitted.  This value should not be higher than 255.  The default value  is
              6, which corresponds to retrying for up to approximately 127 seconds.  Before Linux
              3.7, the default value was 5, which (in conjunction with calculation based on other
              kernel parameters) corresponded to approximately 180 seconds.

       tcp_synack_retries (integer; default: 5; since Linux 2.2)
              The  maximum number of times a SYN/ACK segment for a passive TCP connection will be
              retransmitted.  This number should not be higher than 255.

       tcp_syncookies (integer; default: 1; since Linux 2.2)
              Enable TCP syncookies.  The kernel must be compiled with  CONFIG_SYN_COOKIES.   The
              syncookies  feature  attempts  to  protect  a socket from a SYN flood attack.  This
              should be used as a last resort, if at  all.   This  is  a  violation  of  the  TCP
              protocol,  and  conflicts  with  other areas of TCP such as TCP extensions.  It can
              cause problems for clients and relays.  It is not recommended as a tuning mechanism
              for  heavily  loaded  servers  to help with overloaded or misconfigured conditions.
              For  recommended  alternatives  see  tcp_max_syn_backlog,  tcp_synack_retries,  and
              tcp_abort_on_overflow.  Set to one of the following values:

              0      Disable TCP syncookies.

              1      Send out syncookies when the syn backlog queue of a socket overflows.

              2      (since  Linux 3.12) Send out syncookies unconditionally.  This can be useful
                     for network testing.

       tcp_timestamps (integer; default: 1; since Linux 2.2)
              Set to one of the following values to enable or disable RFC 1323 TCP timestamps:

              0      Disable timestamps.

              1      Enable timestamps as defined in RFC1323  and  use  random  offset  for  each
                     connection rather than only using the current time.

              2      As  for  the value 1, but without random offsets.  Setting tcp_timestamps to
                     this value is meaningful since Linux 4.10.

       tcp_tso_win_divisor (integer; default: 3; since Linux 2.6.9)
              This parameter controls what percentage of the congestion window can be consumed by
              a  single TCP Segmentation Offload (TSO) frame.  The setting of this parameter is a
              tradeoff between burstiness and building larger TSO frames.

       tcp_tw_recycle (Boolean; default: disabled; Linux 2.4 to Linux 4.11)
              Enable  fast  recycling  of  TIME_WAIT  sockets.   Enabling  this  option  is   not
              recommended  as  the  remote  IP  may  not  use monotonically increasing timestamps
              (devices behind NAT, devices with per-connection timestamp offsets).  See RFC  1323
              (PAWS) and RFC 6191.

       tcp_tw_reuse (Boolean; default: disabled; since Linux 2.4.19/2.6)
              Allow  to reuse TIME_WAIT sockets for new connections when it is safe from protocol
              viewpoint.  It should not be changed without advice/request of technical experts.

       tcp_vegas_cong_avoid (Boolean; default: disabled; Linux 2.2 to Linux 2.6.13)
              Enable TCP Vegas congestion avoidance algorithm.  TCP Vegas is  a  sender-side-only
              change to TCP that anticipates the onset of congestion by estimating the bandwidth.
              TCP Vegas adjusts the sending rate by modifying the congestion window.   TCP  Vegas
              should provide less packet loss, but it is not as aggressive as TCP Reno.

       tcp_westwood (Boolean; default: disabled; Linux 2.4.26/2.6.3 to Linux 2.6.13)
              Enable TCP Westwood+ congestion control algorithm.  TCP Westwood+ is a sender-side-
              only modification of the TCP Reno protocol stack that optimizes the performance  of
              TCP  congestion  control.   It  is  based on end-to-end bandwidth estimation to set
              congestion window and slow start threshold after a congestion episode.  Using  this
              estimation,  TCP  Westwood+ adaptively sets a slow start threshold and a congestion
              window which takes into account the  bandwidth  used  at  the  time  congestion  is
              experienced.   TCP  Westwood+  significantly increases fairness with respect to TCP
              Reno in wired networks and throughput over wireless links.

       tcp_window_scaling (Boolean; default: enabled; since Linux 2.2)
              Enable RFC 1323 TCP window scaling.  This feature allows the use of a large  window
              (>  64 kB)  on a TCP connection, should the other end support it.  Normally, the 16
              bit window length field in the TCP header limits  the  window  size  to  less  than
              64 kB.   If larger windows are desired, applications can increase the size of their
              socket  buffers  and  the   window   scaling   option   will   be   employed.    If
              tcp_window_scaling  is  disabled,  TCP will not negotiate the use of window scaling
              with the other end during connection setup.

       tcp_wmem (since Linux 2.4)
              This is a vector of 3 integers: [min, default, max].  These parameters are used  by
              TCP  to  regulate  send buffer sizes.  TCP dynamically adjusts the size of the send
              buffer from the default  values  listed  below,  in  the  range  of  these  values,
              depending on memory available.

              min    Minimum  size of the send buffer used by each TCP socket.  The default value
                     is the system page size.  (On Linux 2.4, the default value is  4 kB.)   This
                     value is used to ensure that in memory pressure mode, allocations below this
                     size will still succeed.  This is not used to bound the  size  of  the  send
                     buffer declared using SO_SNDBUF on a socket.

              default
                     The default size of the send buffer for a TCP socket.  This value overwrites
                     the   initial   default   buffer    size    from    the    generic    global
                     /proc/sys/net/core/wmem_default  defined  for  all  protocols.   The default
                     value is 16 kB.  If larger send buffer sizes are desired, this value  should
                     be  increased  (to  affect  all  sockets).  To employ large TCP windows, the
                     /proc/sys/net/ipv4/tcp_window_scaling  must  be  set  to  a  nonzero   value
                     (default).

              max    The  maximum  size  of  the send buffer used by each TCP socket.  This value
                     does not override the value in  /proc/sys/net/core/wmem_max.   This  is  not
                     used  to  limit  the  size  of the send buffer declared using SO_SNDBUF on a
                     socket.  The default value is calculated using the formula

                         max(65536, min(4 MB, tcp_mem[1]*PAGE_SIZE/128))

                     (On Linux 2.4, the default value is 128 kB, lowered 64 kB depending on  low-
                     memory systems.)

       tcp_workaround_signed_windows (Boolean; default: disabled; since Linux 2.6.26)
              If enabled, assume that no receipt of a window-scaling option means that the remote
              TCP is broken and treats the window as a signed quantity.  If disabled, assume that
              the remote TCP is not broken even if we do not receive a window scaling option from
              it.

   Socket options
       To set or get a TCP socket option, call getsockopt(2) to read or  setsockopt(2)  to  write
       the  option  with  the  option level argument set to IPPROTO_TCP.  Unless otherwise noted,
       optval is a pointer to an int.  In addition, most IPPROTO_IP socket options are  valid  on
       TCP sockets.  For more information see ip(7).

       Following  is  a  list  of  TCP-specific socket options.  For details of some other socket
       options that are also applicable for TCP sockets, see socket(7).

       TCP_CONGESTION (since Linux 2.6.13)
              The argument for this option is a string.  This option allows the caller to set the
              TCP  congestion  control algorithm to be used, on a per-socket basis.  Unprivileged
              processes   are   restricted   to   choosing   one    of    the    algorithms    in
              tcp_allowed_congestion_control    (described    above).     Privileged    processes
              (CAP_NET_ADMIN) can choose from any of the available congestion-control  algorithms
              (see the description of tcp_available_congestion_control above).

       TCP_CORK (since Linux 2.2)
              If set, don't send out partial frames.  All queued partial frames are sent when the
              option is cleared again.  This is useful  for  prepending  headers  before  calling
              sendfile(2),  or for throughput optimization.  As currently implemented, there is a
              200 millisecond ceiling on the time for which output is  corked  by  TCP_CORK.   If
              this  ceiling  is  reached,  then  queued  data is automatically transmitted.  This
              option can be combined with TCP_NODELAY  only  since  Linux  2.5.71.   This  option
              should not be used in code intended to be portable.

       TCP_DEFER_ACCEPT (since Linux 2.4)
              Allow  a  listener  to  be awakened only when data arrives on the socket.  Takes an
              integer value (seconds), this can bound the maximum number  of  attempts  TCP  will
              make  to  complete the connection.  This option should not be used in code intended
              to be portable.

       TCP_INFO (since Linux 2.4)
              Used to collect information  about  this  socket.   The  kernel  returns  a  struct
              tcp_info  as  defined in the file /usr/include/linux/tcp.h.  This option should not
              be used in code intended to be portable.

       TCP_KEEPCNT (since Linux 2.4)
              The maximum number  of  keepalive  probes  TCP  should  send  before  dropping  the
              connection.  This option should not be used in code intended to be portable.

       TCP_KEEPIDLE (since Linux 2.4)
              The time (in seconds) the connection needs to remain idle before TCP starts sending
              keepalive probes, if the socket option SO_KEEPALIVE has been set  on  this  socket.
              This option should not be used in code intended to be portable.

       TCP_KEEPINTVL (since Linux 2.4)
              The  time (in seconds) between individual keepalive probes.  This option should not
              be used in code intended to be portable.

       TCP_LINGER2 (since Linux 2.4)
              The lifetime of orphaned FIN_WAIT2 state sockets.   This  option  can  be  used  to
              override the system-wide setting in the file /proc/sys/net/ipv4/tcp_fin_timeout for
              this socket.  This is not to be confused with the socket(7) level option SO_LINGER.
              This option should not be used in code intended to be portable.

       TCP_MAXSEG
              The  maximum  segment size for outgoing TCP packets.  In Linux 2.2 and earlier, and
              in Linux 2.6.28 and later, if this option is set before  connection  establishment,
              it  also  changes  the  MSS value announced to the other end in the initial packet.
              Values greater than the (eventual) interface MTU have no  effect.   TCP  will  also
              impose its minimum and maximum bounds over the value provided.

       TCP_NODELAY
              If  set,  disable the Nagle algorithm.  This means that segments are always sent as
              soon as possible, even if there is only a small amount of data.  When not set, data
              is  buffered  until  there is a sufficient amount to send out, thereby avoiding the
              frequent sending of small  packets,  which  results  in  poor  utilization  of  the
              network.   This  option  is  overridden  by  TCP_CORK; however, setting this option
              forces an explicit flush of pending output, even if TCP_CORK is currently set.

       TCP_QUICKACK (since Linux 2.4.4)
              Enable quickack mode if set or disable quickack mode if cleared.  In quickack mode,
              acks  are  sent  immediately, rather than delayed if needed in accordance to normal
              TCP operation.  This flag is not permanent, it only enables a  switch  to  or  from
              quickack   mode.   Subsequent  operation  of  the  TCP  protocol  will  once  again
              enter/leave quickack mode depending on internal  protocol  processing  and  factors
              such  as  delayed ack timeouts occurring and data transfer.  This option should not
              be used in code intended to be portable.

       TCP_SYNCNT (since Linux 2.4)
              Set the number of SYN retransmits that TCP should send before aborting the  attempt
              to connect.  It cannot exceed 255.  This option should not be used in code intended
              to be portable.

       TCP_USER_TIMEOUT (since Linux 2.6.37)
              This option takes an unsigned int as an argument.  When the value is  greater  than
              0,  it  specifies  the maximum amount of time in milliseconds that transmitted data
              may remain unacknowledged, or buffered data may remain untransmitted (due  to  zero
              window size) before TCP will forcibly close the corresponding connection and return
              ETIMEDOUT to the application.  If the option value is specified as 0, TCP will  use
              the system default.

              Increasing  user  timeouts  allows  a  TCP  connection  to survive extended periods
              without end-to-end connectivity.  Decreasing user timeouts allows  applications  to
              "fail  fast", if so desired.  Otherwise, failure may take up to 20 minutes with the
              current system defaults in a normal WAN environment.

              This option can be set during any state of a TCP connection, but is effective  only
              during  the  synchronized  states  of  a  connection (ESTABLISHED, FIN-WAIT-1, FIN-
              WAIT-2, CLOSE-WAIT, CLOSING, and LAST-ACK).   Moreover,  when  used  with  the  TCP
              keepalive  (SO_KEEPALIVE)  option,  TCP_USER_TIMEOUT  will  override  keepalive  to
              determine when to close a connection due to keepalive failure.

              The option has no effect on when TCP retransmits a packet,  nor  when  a  keepalive
              probe is sent.

              This  option,  like  many  others,  will  be  inherited  by  the socket returned by
              accept(2), if it was set on the listening socket.

              Further details on the user timeout feature can be found in  RFC 793  and  RFC 5482
              ("TCP User Timeout Option").

       TCP_WINDOW_CLAMP (since Linux 2.4)
              Bound  the  size  of  the  advertised  window  to this value.  The kernel imposes a
              minimum size of SOCK_MIN_RCVBUF/2.  This option should not be used in code intended
              to be portable.

       TCP_FASTOPEN (since Linux 3.6)
              This  option  enables  Fast  Open  (RFC  7413)  on  the listener socket.  The value
              specifies the maximum length of pending SYNs (similar to the  backlog  argument  in
              listen(2)).   Once  enabled, the listener socket grants the TCP Fast Open cookie on
              incoming SYN with TCP Fast Open option.

              More importantly it accepts the data in SYN with  a  valid  Fast  Open  cookie  and
              responds  SYN-ACK  acknowledging  both  the  data  and the SYN sequence.  accept(2)
              returns a socket that is available for read and write when the  handshake  has  not
              completed yet.  Thus the data exchange can commence before the handshake completes.
              This   option   requires   enabling   the    server-side    support    on    sysctl
              net.ipv4.tcp_fastopen  (see  above).   For  TCP  Fast Open client-side support, see
              send(2) MSG_FASTOPEN or TCP_FASTOPEN_CONNECT below.

       TCP_FASTOPEN_CONNECT (since Linux 4.11)
              This option enables an alternative way to perform Fast  Open  on  the  active  side
              (client).   When  this  option  is  enabled,  connect(2)  would  behave differently
              depending on if a Fast Open cookie is available for the destination.

              If a cookie is not available (i.e. first contact to  the  destination),  connect(2)
              behaves  as  usual  by  sending  a SYN immediately, except the SYN would include an
              empty Fast Open cookie option to solicit a cookie.

              If a cookie is available,  connect(2)  would  return  0  immediately  but  the  SYN
              transmission  is deferred.  A subsequent write(2) or sendmsg(2) would trigger a SYN
              with data plus cookie in the Fast Open option.  In other words, the actual  connect
              operation is deferred until data is supplied.

              Note:  While  this  option is designed for convenience, enabling it does change the
              behaviors and certain system calls might set different errno values.   With  cookie
              present,  write(2)  or sendmsg(2) must be called right after connect(2) in order to
              send out SYN+data to complete 3WHS and establish connection.  Calling read(2) right
              after  connect(2)  without  write(2)  will  cause the blocking socket to be blocked
              forever.

              The  application  should  either  set  TCP_FASTOPEN_CONNECT  socket  option  before
              write(2)  or  sendmsg(2),  or  call  write(2)  or sendmsg(2) with MSG_FASTOPEN flag
              directly, instead of both on the same connection.

              Here is the typical call flow with this new option:

                  s = socket();
                  setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, 1, ...);
                  connect(s);
                  write(s); /* write() should always follow connect()
                             * in order to trigger SYN to go out. */
                  read(s)/write(s);
                  /* ... */
                  close(s);

   Sockets API
       TCP provides limited support for out-of-band data, in the  form  of  (a  single  byte  of)
       urgent  data.  In Linux this means if the other end sends newer out-of-band data the older
       urgent data is inserted as normal data into the stream  (even  when  SO_OOBINLINE  is  not
       set).  This differs from BSD-based stacks.

       Linux uses the BSD compatible interpretation of the urgent pointer field by default.  This
       violates RFC 1122, but is required for interoperability with  other  stacks.   It  can  be
       changed via /proc/sys/net/ipv4/tcp_stdurg.

       It is possible to peek at out-of-band data using the recv(2) MSG_PEEK flag.

       Since Linux 2.4, Linux supports the use of MSG_TRUNC in the flags argument of recv(2) (and
       recvmsg(2)).  This flag causes the received bytes of data to  be  discarded,  rather  than
       passed  back  in  a  caller-supplied  buffer.   Since Linux 2.4.4, MSG_TRUNC also has this
       effect when used in conjunction with MSG_OOB to receive out-of-band data.

   Ioctls
       The following ioctl(2) calls return information in value.  The correct syntax is:

              int value;
              error = ioctl(tcp_socket, ioctl_type, &value);

       ioctl_type is one of the following:

       SIOCINQ
              Returns the amount of queued unread data in the receive buffer.   The  socket  must
              not  be  in  LISTEN  state,  otherwise  an  error (EINVAL) is returned.  SIOCINQ is
              defined in <linux/sockios.h>.  Alternatively, you can use the synonymous  FIONREAD,
              defined in <sys/ioctl.h>.

       SIOCATMARK
              Returns  true  (i.e., value is nonzero) if the inbound data stream is at the urgent
              mark.

              If the SO_OOBINLINE socket option is set, and SIOCATMARK  returns  true,  then  the
              next  read from the socket will return the urgent data.  If the SO_OOBINLINE socket
              option is not set, and SIOCATMARK returns true, then the next read from the  socket
              will  return  the bytes following the urgent data (to actually read the urgent data
              requires the recv(MSG_OOB) flag).

              Note that a read never reads across the urgent mark.  If an application is informed
              of  the  presence  of  urgent  data via select(2) (using the exceptfds argument) or
              through delivery of a SIGURG signal, then it can advance up to  the  mark  using  a
              loop  which  repeatedly tests SIOCATMARK and performs a read (requesting any number
              of bytes) as long as SIOCATMARK returns false.

       SIOCOUTQ
              Returns the amount of unsent data in the socket send queue.  The socket must not be
              in  LISTEN  state, otherwise an error (EINVAL) is returned.  SIOCOUTQ is defined in
              <linux/sockios.h>.  Alternatively, you can use the synonymous TIOCOUTQ, defined  in
              <sys/ioctl.h>.

   Error handling
       When  a network error occurs, TCP tries to resend the packet.  If it doesn't succeed after
       some time, either ETIMEDOUT or the last received error on this connection is reported.

       Some applications require a quicker error notification.  This  can  be  enabled  with  the
       IPPROTO_IP  level  IP_RECVERR  socket  option.   When this option is enabled, all incoming
       errors are immediately passed to the user program.  Use this option with care —  it  makes
       TCP less tolerant to routing changes and other normal network conditions.

ERRORS

       EAFNOTSUPPORT
              Passed socket address type in sin_family was not AF_INET.

       EPIPE  The  other  end closed the socket unexpectedly or a read is executed on a shut down
              socket.

       ETIMEDOUT
              The other end didn't acknowledge retransmitted data after some time.

       Any errors defined for ip(7) or the generic socket layer may also be returned for TCP.

VERSIONS

       Support for Explicit Congestion Notification, zero-copy  sendfile(2),  reordering  support
       and  some  SACK  extensions  (DSACK)  were  introduced  in Linux 2.4.  Support for forward
       acknowledgement (FACK), TIME_WAIT recycling, and per-connection keepalive  socket  options
       were introduced in Linux 2.3.

BUGS

       Not all errors are documented.

       IPv6 is not described.

SEE ALSO

       accept(2),   bind(2),   connect(2),  getsockopt(2),  listen(2),  recvmsg(2),  sendfile(2),
       sendmsg(2), socket(2), ip(7), socket(7)

       The kernel source file Documentation/networking/ip-sysctl.txt.

       RFC 793 for the TCP specification.
       RFC 1122 for the TCP requirements and a description of the Nagle algorithm.
       RFC 1323 for TCP timestamp and window scaling options.
       RFC 1337 for a description of TIME_WAIT assassination hazards.
       RFC 3168 for a description of Explicit Congestion Notification.
       RFC 2581 for TCP congestion control algorithms.
       RFC 2018 and RFC 2883 for SACK and extensions to SACK.