{ "mode": "man", "parameter": "tcp", "section": "7", "url": "https://www.chedong.com/phpMan.php/man/tcp/7/json", "generated": "2026-05-30T06:06:21Z", "synopsis": "", "sections": { "NAME": { "content": "tcp - TCP protocol\n", "subsections": [] }, "SYNOPSIS": { "content": "", "subsections": [ { "name": "#include ", "content": "" }, { "name": "#include ", "content": "" }, { "name": "#include ", "content": "tcpsocket = socket(AFINET, SOCKSTREAM, 0);\n" } ] }, "DESCRIPTION": { "content": "This is an implementation of the TCP protocol defined in RFC 793, RFC 1122 and RFC 2001 with\nthe NewReno and SACK extensions. It provides a reliable, stream-oriented, full-duplex con‐\nnection between two sockets on top of ip(7), for both v4 and v6 versions. TCP guarantees\nthat the data arrives in order and retransmits lost packets. It generates and checks a per-\npacket checksum to catch transmission errors. TCP does not preserve record boundaries.\n\nA newly created TCP socket has no remote or local address and is not fully specified. To\ncreate an outgoing TCP connection use connect(2) to establish a connection to another TCP\nsocket. To receive new incoming connections, first bind(2) the socket to a local address and\nport and then call listen(2) to put the socket into the listening state. After that a new\nsocket for each incoming connection can be accepted using accept(2). A socket which has had\naccept(2) or connect(2) successfully called on it is fully specified and may transmit data.\nData cannot be transmitted on listening or not yet connected sockets.\n\nLinux supports RFC 1323 TCP high performance extensions. These include Protection Against\nWrapped Sequence Numbers (PAWS), Window Scaling and Timestamps. Window scaling allows the\nuse of large (> 64 kB) TCP windows in order to support links with high latency or bandwidth.\nTo make use of them, the send and receive buffer sizes must be increased. They can be set\nglobally with the /proc/sys/net/ipv4/tcpwmem and /proc/sys/net/ipv4/tcprmem files, or on\nindividual sockets by using the SOSNDBUF and SORCVBUF socket options with the setsockopt(2)\ncall.\n\nThe maximum sizes for socket buffers declared via the SOSNDBUF and SORCVBUF mechanisms are\nlimited by the values in the /proc/sys/net/core/rmemmax and /proc/sys/net/core/wmemmax\nfiles. Note that TCP actually allocates twice the size of the buffer requested in the set‐‐\nsockopt(2) call, and so a succeeding getsockopt(2) call will not return the same size of buf‐\nfer as requested in the setsockopt(2) call. TCP uses the extra space for administrative pur‐\nposes and internal kernel structures, and the /proc file values reflect the larger sizes com‐\npared to the actual TCP windows. On individual connections, the socket buffer size must be\nset prior to the listen(2) or connect(2) calls in order to have it take effect. See\nsocket(7) for more information.\n\nTCP supports urgent data. Urgent data is used to signal the receiver that some important\nmessage is part of the data stream and that it should be processed as soon as possible. To\nsend urgent data specify the MSGOOB option to send(2). When urgent data is received, the\nkernel sends a SIGURG signal to the process or process group that has been set as the socket\n\"owner\" using the SIOCSPGRP or FIOSETOWN ioctls (or the POSIX.1-specified fcntl(2) FSETOWN\noperation). When the SOOOBINLINE socket option is enabled, urgent data is put into the nor‐\nmal data stream (a program can test for its location using the SIOCATMARK ioctl described be‐\nlow), otherwise it can be received only when the MSGOOB flag is set for recv(2) or\nrecvmsg(2).\n\nWhen out-of-band data is present, select(2) indicates the file descriptor as having an excep‐\ntional condition and poll (2) indicates a POLLPRI event.\n\nLinux 2.4 introduced a number of changes for improved throughput and scaling, as well as en‐\nhanced functionality. Some of these features include support for zero-copy sendfile(2), Ex‐\nplicit Congestion Notification, new management of TIMEWAIT sockets, keep-alive socket op‐\ntions and support for Duplicate SACK extensions.\n", "subsections": [ { "name": "Address formats", "content": "TCP is built on top of IP (see ip(7)). The address formats defined by ip(7) apply to TCP.\nTCP supports point-to-point communication only; broadcasting and multicasting are not sup‐\nported.\n" }, { "name": "/proc interfaces", "content": "System-wide TCP parameter settings can be accessed by files in the directory\n/proc/sys/net/ipv4/. In addition, most IP /proc interfaces also apply to TCP; see ip(7).\nVariables described as Boolean take an integer value, with a nonzero value (\"true\") meaning\nthat the corresponding option is enabled, and a zero value (\"false\") meaning that the option\nis disabled.\n\ntcpabc (Integer; default: 0; Linux 2.6.15 to Linux 3.8)\nControl the Appropriate Byte Count (ABC), defined in RFC 3465. ABC is a way of in‐\ncreasing the congestion window (cwnd) more slowly in response to partial acknowledg‐\nments. Possible values are:\n\n0 increase cwnd once per acknowledgment (no ABC)\n\n1 increase cwnd once per acknowledgment of full sized segment\n\n2 allow increase cwnd by two if acknowledgment is of two segments to compensate for\ndelayed acknowledgments.\n\ntcpabortonoverflow (Boolean; default: disabled; since Linux 2.4)\nEnable resetting connections if the listening service is too slow and unable to keep\nup and accept them. It means that if overflow occurred due to a burst, the connection\nwill recover. Enable this option only if you are really sure that the listening dae‐\nmon cannot be tuned to accept connections faster. Enabling this option can harm the\nclients of your server.\n\ntcpadvwinscale (integer; default: 2; since Linux 2.4)\nCount buffering overhead as bytes/2^tcpadvwinscale, if tcpadvwinscale is greater\nthan 0; or bytes-bytes/2^(-tcpadvwinscale), if tcpadvwinscale is less than or\nequal to zero.\n\nThe socket receive buffer space is shared between the application and kernel. TCP\nmaintains part of the buffer as the TCP window, this is the size of the receive window\nadvertised to the other end. The rest of the space is used as the \"application\" buf‐\nfer, used to isolate the network from scheduling and application latencies. The\ntcpadvwinscale default value of 2 implies that the space used for the application\nbuffer is one fourth that of the total.\n\ntcpallowedcongestioncontrol (String; default: see text; since Linux 2.4.20)\nShow/set the congestion control algorithm choices available to unprivileged processes\n(see the description of the TCPCONGESTION socket option). The items in the list are\nseparated by white space and terminated by a newline character. The list is a subset\nof those listed in tcpavailablecongestioncontrol. The default value for this list\nis \"reno\" plus the default setting of tcpcongestioncontrol.\n\ntcpautocorking (Boolean; default: enabled; since Linux 3.14)\nIf this option is enabled, the kernel tries to coalesce small writes (from consecutive\nwrite(2) and sendmsg(2) calls) as much as possible, in order to decrease the total\nnumber of sent packets. Coalescing is done if at least one prior packet for the flow\nis waiting in Qdisc queues or device transmit queue. Applications can still use the\nTCPCORK socket option to obtain optimal behavior when they know how/when to uncork\ntheir sockets.\n\ntcpavailablecongestioncontrol (String; read-only; since Linux 2.4.20)\nShow a list of the congestion-control algorithms that are registered. The items in\nthe list are separated by white space and terminated by a newline character. This\nlist is a limiting set for the list in tcpallowedcongestioncontrol. More conges‐\ntion-control algorithms may be available as modules, but not loaded.\n\ntcpappwin (integer; default: 31; since Linux 2.4)\nThis variable defines how many bytes of the TCP window are reserved for buffering\noverhead.\n\nA maximum of (window/2^tcpappwin, mss) bytes in the window are reserved for the ap‐\nplication buffer. A value of 0 implies that no amount is reserved.\n\ntcpbasemss (Integer; default: 512; since Linux 2.6.17)\nThe initial value of searchlow to be used by the packetization layer Path MTU discov‐\nery (MTU probing). If MTU probing is enabled, this is the initial MSS used by the\nconnection.\n\ntcpbic (Boolean; default: disabled; Linux 2.4.27/2.6.6 to 2.6.13)\nEnable BIC TCP congestion control algorithm. BIC-TCP is a sender-side-only change\nthat ensures a linear RTT fairness under large windows while offering both scalability\nand bounded TCP-friendliness. The protocol combines two schemes called additive in‐\ncrease and binary search increase. When the congestion window is large, additive in‐\ncrease with a large increment ensures linear RTT fairness as well as good scalability.\nUnder small congestion windows, binary search increase provides TCP friendliness.\n\ntcpbiclowwindow (integer; default: 14; Linux 2.4.27/2.6.6 to 2.6.13)\nSet the threshold window (in packets) where BIC TCP starts to adjust the congestion\nwindow. Below this threshold BIC TCP behaves the same as the default TCP Reno.\n\ntcpbicfastconvergence (Boolean; default: enabled; Linux 2.4.27/2.6.6 to 2.6.13)\nForce BIC TCP to more quickly respond to changes in congestion window. Allows two\nflows sharing the same connection to converge more rapidly.\n\ntcpcongestioncontrol (String; default: see text; since Linux 2.4.13)\nSet the default congestion-control algorithm to be used for new connections. The al‐\ngorithm \"reno\" is always available, but additional choices may be available depending\non kernel configuration. The default value for this file is set as part of kernel\nconfiguration.\n\ntcpdmacopybreak (integer; default: 4096; since Linux 2.6.24)\nLower limit, in bytes, of the size of socket reads that will be offloaded to a DMA\ncopy engine, if one is present in the system and the kernel was configured with the\nCONFIGNETDMA option.\n\ntcpdsack (Boolean; default: enabled; since Linux 2.4)\nEnable RFC 2883 TCP Duplicate SACK support.\n\ntcpecn (Integer; default: see below; since Linux 2.4)\nEnable RFC 3168 Explicit Congestion Notification.\n\nThis file can have one of the following values:\n\n0 Disable ECN. Neither initiate nor accept ECN. This was the default up to and\nincluding Linux 2.6.30.\n\n1 Enable ECN when requested by incoming connections and also request ECN on out‐\ngoing connection attempts.\n\n2 Enable ECN when requested by incoming connections, but do not request ECN on\noutgoing connections. This value is supported, and is the default, since Linux\n2.6.31.\n\nWhen enabled, connectivity to some destinations could be affected due to older, misbe‐\nhaving middle boxes along the path, causing connections to be dropped. However, to\nfacilitate and encourage deployment with option 1, and to work around such buggy\nequipment, the tcpecnfallback option has been introduced.\n\ntcpecnfallback (Boolean; default: enabled; since Linux 4.1)\nEnable RFC 3168, Section 6.1.1.1. fallback. When enabled, outgoing ECN-setup SYNs\nthat time out within the normal SYN retransmission timeout will be resent with CWR and\nECE cleared.\n\ntcpfack (Boolean; default: enabled; since Linux 2.2)\nEnable TCP Forward Acknowledgement support.\n\ntcpfintimeout (integer; default: 60; since Linux 2.2)\nThis specifies how many seconds to wait for a final FIN packet before the socket is\nforcibly closed. This is strictly a violation of the TCP specification, but required\nto prevent denial-of-service attacks. In Linux 2.2, the default value was 180.\n\ntcpfrto (integer; default: see below; since Linux 2.4.21/2.6)\nEnable F-RTO, an enhanced recovery algorithm for TCP retransmission timeouts (RTOs).\nIt is particularly beneficial in wireless environments where packet loss is typically\ndue to random radio interference rather than intermediate router congestion. See RFC\n4138 for more details.\n\nThis file can have one of the following values:\n\n0 Disabled. This was the default up to and including Linux 2.6.23.\n\n1 The basic version F-RTO algorithm is enabled.\n\n2 Enable SACK-enhanced F-RTO if flow uses SACK. The basic version can be used also\nwhen SACK is in use though in that case scenario(s) exists where F-RTO interacts\nbadly with the packet counting of the SACK-enabled TCP flow. This value is the de‐\nfault since Linux 2.6.24.\n\nBefore Linux 2.6.22, this parameter was a Boolean value, supporting just values 0 and\n1 above.\n\ntcpfrtoresponse (integer; default: 0; since Linux 2.6.22)\nWhen F-RTO has detected that a TCP retransmission timeout was spurious (i.e., the\ntimeout would have been avoided had TCP set a longer retransmission timeout), TCP has\nseveral options concerning what to do next. Possible values are:\n\n0 Rate halving based; a smooth and conservative response, results in halved conges‐\ntion window (cwnd) and slow-start threshold (ssthresh) after one RTT.\n\n1 Very conservative response; not recommended because even though being valid, it in‐\nteracts poorly with the rest of Linux TCP; halves cwnd and ssthresh immediately.\n\n2 Aggressive response; undoes congestion-control measures that are now known to be\nunnecessary (ignoring the possibility of a lost retransmission that would require\nTCP to be more cautious); cwnd and ssthresh are restored to the values prior to\ntimeout.\n\ntcpkeepaliveintvl (integer; default: 75; since Linux 2.4)\nThe number of seconds between TCP keep-alive probes.\n\ntcpkeepaliveprobes (integer; default: 9; since Linux 2.2)\nThe maximum number of TCP keep-alive probes to send before giving up and killing the\nconnection if no response is obtained from the other end.\n\ntcpkeepalivetime (integer; default: 7200; since Linux 2.2)\nThe number of seconds a connection needs to be idle before TCP begins sending out\nkeep-alive probes. Keep-alives are sent only when the SOKEEPALIVE socket option is\nenabled. The default value is 7200 seconds (2 hours). An idle connection is termi‐\nnated after approximately an additional 11 minutes (9 probes an interval of 75 seconds\napart) when keep-alive is enabled.\n\nNote that underlying connection tracking mechanisms and application timeouts may be\nmuch shorter.\n\ntcplowlatency (Boolean; default: disabled; since Linux 2.4.21/2.6; obsolete since Linux\n4.14)\nIf enabled, the TCP stack makes decisions that prefer lower latency as opposed to\nhigher throughput. It this option is disabled, then higher throughput is preferred.\nAn example of an application where this default should be changed would be a Beowulf\ncompute cluster. Since Linux 4.14, this file still exists, but its value is ignored.\n\ntcpmaxorphans (integer; default: see below; since Linux 2.4)\nThe maximum number of orphaned (not attached to any user file handle) TCP sockets al‐\nlowed in the system. When this number is exceeded, the orphaned connection is reset\nand a warning is printed. This limit exists only to prevent simple denial-of-service\nattacks. Lowering this limit is not recommended. Network conditions might require\nyou to increase the number of orphans allowed, but note that each orphan can eat up to\n~64 kB of unswappable memory. The default initial value is set equal to the kernel\nparameter NRFILE. This initial default is adjusted depending on the memory in the\nsystem.\n\ntcpmaxsynbacklog (integer; default: see below; since Linux 2.2)\nThe maximum number of queued connection requests which have still not received an ac‐\nknowledgement from the connecting client. If this number is exceeded, the kernel will\nbegin dropping requests. The default value of 256 is increased to 1024 when the mem‐\nory present in the system is adequate or greater (>= 128 MB), and reduced to 128 for\nthose systems with very low memory (<= 32 MB).\n\nPrior to Linux 2.6.20, it was recommended that if this needed to be increased above\n1024, the size of the SYNACK hash table (TCPSYNQHSIZE) in include/net/tcp.h should\nbe modified to keep\n\nTCPSYNQHSIZE * 16 <= tcpmaxsynbacklog\n\nand the kernel should be recompiled. In Linux 2.6.20, the fixed sized TCPSYNQHSIZE\nwas removed in favor of dynamic sizing.\n\ntcpmaxtwbuckets (integer; default: see below; since Linux 2.4)\nThe maximum number of sockets in TIMEWAIT state allowed in the system. This limit\nexists only to prevent simple denial-of-service attacks. The default value of\nNRFILE*2 is adjusted depending on the memory in the system. If this number is ex‐\nceeded, the socket is closed and a warning is printed.\n\ntcpmoderatercvbuf (Boolean; default: enabled; since Linux 2.4.17/2.6.7)\nIf enabled, TCP performs receive buffer auto-tuning, attempting to automatically size\nthe buffer (no greater than tcprmem[2]) to match the size required by the path for\nfull throughput.\n\ntcpmem (since Linux 2.4)\nThis is a vector of 3 integers: [low, pressure, high]. These bounds, measured in\nunits of the system page size, are used by TCP to track its memory usage. The de‐\nfaults are calculated at boot time from the amount of available memory. (TCP can only\nuse low memory for this, which is limited to around 900 megabytes on 32-bit systems.\n64-bit systems do not suffer this limitation.)\n\nlow TCP doesn't regulate its memory allocation when the number of pages it has al‐\nlocated globally is below this number.\n\npressure\nWhen the amount of memory allocated by TCP exceeds this number of pages, TCP\nmoderates its memory consumption. This memory pressure state is exited once\nthe number of pages allocated falls below the low mark.\n\nhigh The maximum number of pages, globally, that TCP will allocate. This value\noverrides any other limits imposed by the kernel.\n\ntcpmtuprobing (integer; default: 0; since Linux 2.6.17)\nThis parameter controls TCP Packetization-Layer Path MTU Discovery. The following\nvalues may be assigned to the file:\n\n0 Disabled\n\n1 Disabled by default, enabled when an ICMP black hole detected\n\n2 Always enabled, use initial MSS of tcpbasemss.\n\ntcpnometricssave (Boolean; default: disabled; since Linux 2.6.6)\nBy default, TCP saves various connection metrics in the route cache when the connec‐\ntion closes, so that connections established in the near future can use these to set\ninitial conditions. Usually, this increases overall performance, but it may sometimes\ncause performance degradation. If tcpnometricssave is enabled, TCP will not cache\nmetrics on closing connections.\n\ntcporphanretries (integer; default: 8; since Linux 2.4)\nThe maximum number of attempts made to probe the other end of a connection which has\nbeen closed by our end.\n\ntcpreordering (integer; default: 3; since Linux 2.4)\nThe maximum a packet can be reordered in a TCP packet stream without TCP assuming\npacket loss and going into slow start. It is not advisable to change this number.\nThis is a packet reordering detection metric designed to minimize unnecessary back off\nand retransmits provoked by reordering of packets on a connection.\n\ntcpretranscollapse (Boolean; default: enabled; since Linux 2.2)\nTry to send full-sized packets during retransmit.\n\ntcpretries1 (integer; default: 3; since Linux 2.2)\nThe number of times TCP will attempt to retransmit a packet on an established connec‐\ntion normally, without the extra effort of getting the network layers involved. Once\nwe exceed this number of retransmits, we first have the network layer update the route\nif possible before each new retransmit. The default is the RFC specified minimum of\n3.\n\ntcpretries2 (integer; default: 15; since Linux 2.2)\nThe maximum number of times a TCP packet is retransmitted in established state before\ngiving up. The default value is 15, which corresponds to a duration of approximately\nbetween 13 to 30 minutes, depending on the retransmission timeout. The RFC 1122 spec‐\nified minimum limit of 100 seconds is typically deemed too short.\n\ntcprfc1337 (Boolean; default: disabled; since Linux 2.2)\nEnable TCP behavior conformant with RFC 1337. When disabled, if a RST is received in\nTIMEWAIT state, we close the socket immediately without waiting for the end of the\nTIMEWAIT period.\n\ntcprmem (since Linux 2.4)\nThis is a vector of 3 integers: [min, default, max]. These parameters are used by TCP\nto regulate receive buffer sizes. TCP dynamically adjusts the size of the receive\nbuffer from the defaults listed below, in the range of these values, depending on mem‐\nory available in the system.\n\nmin minimum size of the receive buffer used by each TCP socket. The default value\nis the system page size. (On Linux 2.4, the default value is 4 kB, lowered to\nPAGESIZE bytes in low-memory systems.) This value is used to ensure that in\nmemory pressure mode, allocations below this size will still succeed. This is\nnot used to bound the size of the receive buffer declared using SORCVBUF on a\nsocket.\n\ndefault\nthe default size of the receive buffer for a TCP socket. This value overwrites\nthe initial default buffer size from the generic global net.core.rmemdefault\ndefined for all protocols. The default value is 87380 bytes. (On Linux 2.4,\nthis will be lowered to 43689 in low-memory systems.) If larger receive buffer\nsizes are desired, this value should be increased (to affect all sockets). To\nemploy large TCP windows, the net.ipv4.tcpwindowscaling must be enabled (de‐\nfault).\n\nmax the maximum size of the receive buffer used by each TCP socket. This value\ndoes not override the global net.core.rmemmax. This is not used to limit the\nsize of the receive buffer declared using SORCVBUF on a socket. The default\nvalue is calculated using the formula\n\nmax(87380, min(4 MB, tcpmem[1]*PAGESIZE/128))\n\n(On Linux 2.4, the default is 87380*2 bytes, lowered to 87380 in low-memory\nsystems).\n\ntcpsack (Boolean; default: enabled; since Linux 2.2)\nEnable RFC 2018 TCP Selective Acknowledgements.\n\ntcpslowstartafteridle (Boolean; default: enabled; since Linux 2.6.18)\nIf enabled, provide RFC 2861 behavior and time out the congestion window after an idle\nperiod. An idle period is defined as the current RTO (retransmission timeout). If\ndisabled, the congestion window will not be timed out after an idle period.\n\ntcpstdurg (Boolean; default: disabled; since Linux 2.2)\nIf this option is enabled, then use the RFC 1122 interpretation of the TCP urgent-\npointer field. According to this interpretation, the urgent pointer points to the\nlast byte of urgent data. If this option is disabled, then use the BSD-compatible in‐\nterpretation of the urgent pointer: the urgent pointer points to the first byte after\nthe urgent data. Enabling this option may lead to interoperability problems.\n\ntcpsynretries (integer; default: 6; since Linux 2.2)\nThe maximum number of times initial SYNs for an active TCP connection attempt will be\nretransmitted. This value should not be higher than 255. The default value is 6,\nwhich corresponds to retrying for up to approximately 127 seconds. Before Linux 3.7,\nthe default value was 5, which (in conjunction with calculation based on other kernel\nparameters) corresponded to approximately 180 seconds.\n\ntcpsynackretries (integer; default: 5; since Linux 2.2)\nThe maximum number of times a SYN/ACK segment for a passive TCP connection will be re‐\ntransmitted. This number should not be higher than 255.\n\ntcpsyncookies (integer; default: 1; since Linux 2.2)\nEnable TCP syncookies. The kernel must be compiled with CONFIGSYNCOOKIES. The syn‐\ncookies feature attempts to protect a socket from a SYN flood attack. This should be\nused as a last resort, if at all. This is a violation of the TCP protocol, and con‐\nflicts with other areas of TCP such as TCP extensions. It can cause problems for\nclients and relays. It is not recommended as a tuning mechanism for heavily loaded\nservers to help with overloaded or misconfigured conditions. For recommended alterna‐\ntives see tcpmaxsynbacklog, tcpsynackretries, and tcpabortonoverflow. Set to\none of the following values:\n\n0 Disable TCP syncookies.\n\n1 Send out syncookies when the syn backlog queue of a socket overflows.\n\n2 (since Linux 3.12) Send out syncookies unconditionally. This can be useful for\nnetwork testing.\n\ntcptimestamps (integer; default: 1; since Linux 2.2)\nSet to one of the following values to enable or disable RFC 1323 TCP timestamps:\n\n0 Disable timestamps.\n\n1 Enable timestamps as defined in RFC1323 and use random offset for each connection\nrather than only using the current time.\n\n2 As for the value 1, but without random offsets. Setting tcptimestamps to this\nvalue is meaningful since Linux 4.10.\n\ntcptsowindivisor (integer; default: 3; since Linux 2.6.9)\nThis parameter controls what percentage of the congestion window can be consumed by a\nsingle TCP Segmentation Offload (TSO) frame. The setting of this parameter is a\ntradeoff between burstiness and building larger TSO frames.\n\ntcptwrecycle (Boolean; default: disabled; Linux 2.4 to 4.11)\nEnable fast recycling of TIMEWAIT sockets. Enabling this option is not recommended\nas the remote IP may not use monotonically increasing timestamps (devices behind NAT,\ndevices with per-connection timestamp offsets). See RFC 1323 (PAWS) and RFC 6191.\n\ntcptwreuse (Boolean; default: disabled; since Linux 2.4.19/2.6)\nAllow to reuse TIMEWAIT sockets for new connections when it is safe from protocol\nviewpoint. It should not be changed without advice/request of technical experts.\n\ntcpvegascongavoid (Boolean; default: disabled; Linux 2.2 to 2.6.13)\nEnable TCP Vegas congestion avoidance algorithm. TCP Vegas is a sender-side-only\nchange to TCP that anticipates the onset of congestion by estimating the bandwidth.\nTCP Vegas adjusts the sending rate by modifying the congestion window. TCP Vegas\nshould provide less packet loss, but it is not as aggressive as TCP Reno.\n\ntcpwestwood (Boolean; default: disabled; Linux 2.4.26/2.6.3 to 2.6.13)\nEnable TCP Westwood+ congestion control algorithm. TCP Westwood+ is a sender-side-\nonly modification of the TCP Reno protocol stack that optimizes the performance of TCP\ncongestion control. It is based on end-to-end bandwidth estimation to set congestion\nwindow and slow start threshold after a congestion episode. Using this estimation,\nTCP Westwood+ adaptively sets a slow start threshold and a congestion window which\ntakes into account the bandwidth used at the time congestion is experienced. TCP\nWestwood+ significantly increases fairness with respect to TCP Reno in wired networks\nand throughput over wireless links.\n\ntcpwindowscaling (Boolean; default: enabled; since Linux 2.2)\nEnable RFC 1323 TCP window scaling. This feature allows the use of a large window (>\n64 kB) on a TCP connection, should the other end support it. Normally, the 16 bit\nwindow length field in the TCP header limits the window size to less than 64 kB. If\nlarger windows are desired, applications can increase the size of their socket buffers\nand the window scaling option will be employed. If tcpwindowscaling is disabled,\nTCP will not negotiate the use of window scaling with the other end during connection\nsetup.\n\ntcpwmem (since Linux 2.4)\nThis is a vector of 3 integers: [min, default, max]. These parameters are used by TCP\nto regulate send buffer sizes. TCP dynamically adjusts the size of the send buffer\nfrom the default values listed below, in the range of these values, depending on mem‐\nory available.\n\nmin Minimum size of the send buffer used by each TCP socket. The default value is\nthe system page size. (On Linux 2.4, the default value is 4 kB.) This value\nis used to ensure that in memory pressure mode, allocations below this size\nwill still succeed. This is not used to bound the size of the send buffer de‐\nclared using SOSNDBUF on a socket.\n\ndefault\nThe default size of the send buffer for a TCP socket. This value overwrites\nthe initial default buffer size from the generic global\n/proc/sys/net/core/wmemdefault defined for all protocols. The default value\nis 16 kB. If larger send buffer sizes are desired, this value should be in‐\ncreased (to affect all sockets). To employ large TCP windows, the\n/proc/sys/net/ipv4/tcpwindowscaling must be set to a nonzero value (default).\n\nmax The maximum size of the send buffer used by each TCP socket. This value does\nnot override the value in /proc/sys/net/core/wmemmax. This is not used to\nlimit the size of the send buffer declared using SOSNDBUF on a socket. The\ndefault value is calculated using the formula\n\nmax(65536, min(4 MB, tcpmem[1]*PAGESIZE/128))\n\n(On Linux 2.4, the default value is 128 kB, lowered 64 kB depending on low-mem‐\nory systems.)\n\ntcpworkaroundsignedwindows (Boolean; default: disabled; since Linux 2.6.26)\nIf enabled, assume that no receipt of a window-scaling option means that the remote\nTCP is broken and treats the window as a signed quantity. If disabled, assume that\nthe remote TCP is not broken even if we do not receive a window scaling option from\nit.\n" }, { "name": "Socket options", "content": "To set or get a TCP socket option, call getsockopt(2) to read or setsockopt(2) to write the\noption with the option level argument set to IPPROTOTCP. Unless otherwise noted, optval is\na pointer to an int. In addition, most IPPROTOIP socket options are valid on TCP sockets.\nFor more information see ip(7).\n\nFollowing is a list of TCP-specific socket options. For details of some other socket options\nthat are also applicable for TCP sockets, see socket(7).\n\nTCPCONGESTION (since Linux 2.6.13)\nThe argument for this option is a string. This option allows the caller to set the\nTCP congestion control algorithm to be used, on a per-socket basis. Unprivileged pro‐\ncesses are restricted to choosing one of the algorithms in tcpallowedcongestioncon‐\ntrol (described above). Privileged processes (CAPNETADMIN) can choose from any of\nthe available congestion-control algorithms (see the description of tcpavailablecon‐\ngestioncontrol above).\n\nTCPCORK (since Linux 2.2)\nIf set, don't send out partial frames. All queued partial frames are sent when the\noption is cleared again. This is useful for prepending headers before calling send‐‐\nfile(2), or for throughput optimization. As currently implemented, there is a 200\nmillisecond ceiling on the time for which output is corked by TCPCORK. If this ceil‐\ning is reached, then queued data is automatically transmitted. This option can be\ncombined with TCPNODELAY only since Linux 2.5.71. This option should not be used in\ncode intended to be portable.\n\nTCPDEFERACCEPT (since Linux 2.4)\nAllow a listener to be awakened only when data arrives on the socket. Takes an inte‐\nger value (seconds), this can bound the maximum number of attempts TCP will make to\ncomplete the connection. This option should not be used in code intended to be porta‐\nble.\n\nTCPINFO (since Linux 2.4)\nUsed to collect information about this socket. The kernel returns a struct tcpinfo\nas defined in the file /usr/include/linux/tcp.h. This option should not be used in\ncode intended to be portable.\n\nTCPKEEPCNT (since Linux 2.4)\nThe maximum number of keepalive probes TCP should send before dropping the connection.\nThis option should not be used in code intended to be portable.\n\nTCPKEEPIDLE (since Linux 2.4)\nThe time (in seconds) the connection needs to remain idle before TCP starts sending\nkeepalive probes, if the socket option SOKEEPALIVE has been set on this socket. This\noption should not be used in code intended to be portable.\n\nTCPKEEPINTVL (since Linux 2.4)\nThe time (in seconds) between individual keepalive probes. This option should not be\nused in code intended to be portable.\n\nTCPLINGER2 (since Linux 2.4)\nThe lifetime of orphaned FINWAIT2 state sockets. This option can be used to override\nthe system-wide setting in the file /proc/sys/net/ipv4/tcpfintimeout for this\nsocket. This is not to be confused with the socket(7) level option SOLINGER. This\noption should not be used in code intended to be portable.\n\nTCPMAXSEG\nThe maximum segment size for outgoing TCP packets. In Linux 2.2 and earlier, and in\nLinux 2.6.28 and later, if this option is set before connection establishment, it also\nchanges the MSS value announced to the other end in the initial packet. Values\ngreater than the (eventual) interface MTU have no effect. TCP will also impose its\nminimum and maximum bounds over the value provided.\n\nTCPNODELAY\nIf set, disable the Nagle algorithm. This means that segments are always sent as soon\nas possible, even if there is only a small amount of data. When not set, data is\nbuffered until there is a sufficient amount to send out, thereby avoiding the frequent\nsending of small packets, which results in poor utilization of the network. This op‐\ntion is overridden by TCPCORK; however, setting this option forces an explicit flush\nof pending output, even if TCPCORK is currently set.\n\nTCPQUICKACK (since Linux 2.4.4)\nEnable quickack mode if set or disable quickack mode if cleared. In quickack mode,\nacks are sent immediately, rather than delayed if needed in accordance to normal TCP\noperation. This flag is not permanent, it only enables a switch to or from quickack\nmode. Subsequent operation of the TCP protocol will once again enter/leave quickack\nmode depending on internal protocol processing and factors such as delayed ack time‐\nouts occurring and data transfer. This option should not be used in code intended to\nbe portable.\n\nTCPSYNCNT (since Linux 2.4)\nSet the number of SYN retransmits that TCP should send before aborting the attempt to\nconnect. It cannot exceed 255. This option should not be used in code intended to be\nportable.\n\nTCPUSERTIMEOUT (since Linux 2.6.37)\nThis option takes an unsigned int as an argument. When the value is greater than 0,\nit specifies the maximum amount of time in milliseconds that transmitted data may re‐\nmain unacknowledged before TCP will forcibly close the corresponding connection and\nreturn ETIMEDOUT to the application. If the option value is specified as 0, TCP will\nuse the system default.\n\nIncreasing user timeouts allows a TCP connection to survive extended periods without\nend-to-end connectivity. Decreasing user timeouts allows applications to \"fail fast\",\nif so desired. Otherwise, failure may take up to 20 minutes with the current system\ndefaults in a normal WAN environment.\n\nThis option can be set during any state of a TCP connection, but is effective only\nduring the synchronized states of a connection (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2,\nCLOSE-WAIT, CLOSING, and LAST-ACK). Moreover, when used with the TCP keepalive\n(SOKEEPALIVE) option, TCPUSERTIMEOUT will override keepalive to determine when to\nclose a connection due to keepalive failure.\n\nThe option has no effect on when TCP retransmits a packet, nor when a keepalive probe\nis sent.\n\nThis option, like many others, will be inherited by the socket returned by accept(2),\nif it was set on the listening socket.\n\nFurther details on the user timeout feature can be found in RFC 793 and RFC 5482 (\"TCP\nUser Timeout Option\").\n\nTCPWINDOWCLAMP (since Linux 2.4)\nBound the size of the advertised window to this value. The kernel imposes a minimum\nsize of SOCKMINRCVBUF/2. This option should not be used in code intended to be por‐\ntable.\n" }, { "name": "Sockets API", "content": "TCP provides limited support for out-of-band data, in the form of (a single byte of) urgent\ndata. In Linux this means if the other end sends newer out-of-band data the older urgent\ndata is inserted as normal data into the stream (even when SOOOBINLINE is not set). This\ndiffers from BSD-based stacks.\n\nLinux uses the BSD compatible interpretation of the urgent pointer field by default. This\nviolates RFC 1122, but is required for interoperability with other stacks. It can be changed\nvia /proc/sys/net/ipv4/tcpstdurg.\n\nIt is possible to peek at out-of-band data using the recv(2) MSGPEEK flag.\n\nSince version 2.4, Linux supports the use of MSGTRUNC in the flags argument of recv(2) (and\nrecvmsg(2)). This flag causes the received bytes of data to be discarded, rather than passed\nback in a caller-supplied buffer. Since Linux 2.4.4, MSGTRUNC also has this effect when\nused in conjunction with MSGOOB to receive out-of-band data.\n" }, { "name": "Ioctls", "content": "The following ioctl(2) calls return information in value. The correct syntax is:\n\nint value;\nerror = ioctl(tcpsocket, ioctltype, &value);\n\nioctltype is one of the following:\n\nSIOCINQ\nReturns the amount of queued unread data in the receive buffer. The socket must not\nbe in LISTEN state, otherwise an error (EINVAL) is returned. SIOCINQ is defined in\n. Alternatively, you can use the synonymous FIONREAD, defined in\n.\n\nSIOCATMARK\nReturns true (i.e., value is nonzero) if the inbound data stream is at the urgent\nmark.\n\nIf the SOOOBINLINE socket option is set, and SIOCATMARK returns true, then the next\nread from the socket will return the urgent data. If the SOOOBINLINE socket option\nis not set, and SIOCATMARK returns true, then the next read from the socket will re‐\nturn the bytes following the urgent data (to actually read the urgent data requires\nthe recv(MSGOOB) flag).\n\nNote that a read never reads across the urgent mark. If an application is informed of\nthe presence of urgent data via select(2) (using the exceptfds argument) or through\ndelivery of a SIGURG signal, then it can advance up to the mark using a loop which re‐\npeatedly tests SIOCATMARK and performs a read (requesting any number of bytes) as long\nas SIOCATMARK returns false.\n\nSIOCOUTQ\nReturns the amount of unsent data in the socket send queue. The socket must not be in\nLISTEN state, otherwise an error (EINVAL) is returned. SIOCOUTQ is defined in\n. Alternatively, you can use the synonymous TIOCOUTQ, defined in\n.\n" }, { "name": "Error handling", "content": "When a network error occurs, TCP tries to resend the packet. If it doesn't succeed after\nsome time, either ETIMEDOUT or the last received error on this connection is reported.\n\nSome applications require a quicker error notification. This can be enabled with the IP‐‐\nPROTOIP level IPRECVERR socket option. When this option is enabled, all incoming errors\nare immediately passed to the user program. Use this option with care — it makes TCP less\ntolerant to routing changes and other normal network conditions.\n" } ] }, "ERRORS": { "content": "EAFNOTSUPPORT\nPassed socket address type in sinfamily was not AFINET.\n\nEPIPE The other end closed the socket unexpectedly or a read is executed on a shut down\nsocket.\n\nETIMEDOUT\nThe other end didn't acknowledge retransmitted data after some time.\n\nAny errors defined for ip(7) or the generic socket layer may also be returned for TCP.\n", "subsections": [] }, "VERSIONS": { "content": "Support for Explicit Congestion Notification, zero-copy sendfile(2), reordering support and\nsome SACK extensions (DSACK) were introduced in 2.4. Support for forward acknowledgement\n(FACK), TIMEWAIT recycling, and per-connection keepalive socket options were introduced in\n2.3.\n", "subsections": [] }, "BUGS": { "content": "Not all errors are documented.\n\nIPv6 is not described.\n", "subsections": [] }, "SEE ALSO": { "content": "accept(2), bind(2), connect(2), getsockopt(2), listen(2), recvmsg(2), sendfile(2),\nsendmsg(2), socket(2), ip(7), socket(7)\n\nThe kernel source file Documentation/networking/ip-sysctl.txt.\n\nRFC 793 for the TCP specification.\nRFC 1122 for the TCP requirements and a description of the Nagle algorithm.\nRFC 1323 for TCP timestamp and window scaling options.\nRFC 1337 for a description of TIMEWAIT assassination hazards.\nRFC 3168 for a description of Explicit Congestion Notification.\nRFC 2581 for TCP congestion control algorithms.\nRFC 2018 and RFC 2883 for SACK and extensions to SACK.\n", "subsections": [] }, "COLOPHON": { "content": "This page is part of release 5.10 of the Linux man-pages project. A description of the\nproject, information about reporting bugs, and the latest version of this page, can be found\nat https://www.kernel.org/doc/man-pages/.\n\n\n\nLinux 2020-12-21 TCP(7)", "subsections": [] } }, "summary": "tcp - TCP protocol", "flags": [], "examples": [], "see_also": [ { "name": "accept", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/accept/2/json" }, { "name": "bind", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/bind/2/json" }, { "name": "connect", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/connect/2/json" }, { "name": "getsockopt", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/getsockopt/2/json" }, { "name": "listen", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/listen/2/json" }, { "name": "recvmsg", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/recvmsg/2/json" }, { "name": "sendfile", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/sendfile/2/json" }, { "name": "sendmsg", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/sendmsg/2/json" }, { "name": "socket", "section": "2", "url": "https://www.chedong.com/phpMan.php/man/socket/2/json" }, { "name": "ip", "section": "7", "url": "https://www.chedong.com/phpMan.php/man/ip/7/json" }, { "name": "socket", "section": "7", "url": "https://www.chedong.com/phpMan.php/man/socket/7/json" } ] }