====== Use /proc/sys and sysctl to modify and set kernel runtime parameters ======


Note: This was a RHCE 7 exam objective until June 2016. It is now removed from the curriculum.

====== Presentation ======


When you want to improve the performance or the characteristics of your server, you need to set the kernel runtime parameters.

In order to do this, you’ve got three ways:

  * through the **/proc** filesystem,
  * with the **sysctl** command,
  * through the **/etc/sysctl.conf** file.

====== The /proc Filesystem ======


To get the value of a kernel runtime parameter (here /proc/sys/net/ipv4/ip_forward used for allowing a host to act as an router), type:

<code bash>
# cat /proc/sys/net/ipv4/ip_forward
</code>
To set the value of the same parameter, type:

<code bash>
# echo 1 > /proc/sys/net/ipv4/ip_forward
</code>
Note: **1** is used for **On** and **0** for **off**.

This change is instantaneously active but doesn’t persist a reboot. You have to write it into the /etc/rc.d/rc.local file to get it re-applied at each boot. See below for a better solution.

====== The sysctl Command ======


With the sysctl command, you can get all the available kernel runtime parameters with their current value.

<code bash>
# sysctl -a | grep vm.swappiness
vm.swappiness = 30
</code>
But you can also set a kernel runtime parameter with the **-w** option.

<code bash>
# sysctl -w vm.swappiness=20
vm.swappiness = 20
</code>

Still like the previous method, this change is instantaneously active but doesn’t persist a reboot. You have to write it into the /etc/rc.d/rc.local file to get it re-applied at each boot. See below for a better solution.

====== The /etc/sysctl.conf File ======


To permanently store kernel runtime parameters, you need to write them into the /etc/sysctl.conf file.

For example, edit the **/etc/sysctl.conf** file and paste the following line:

<code bash>
# allow IPv4 forwarding
net.ipv4.ip_forward = 1
</code>
**Caution**: Comments are only allowed on a separate line and not at the end of a line!
Note: It is not a coincidence if the **net.ipv4.ip_forward** kernel runtime parameter name matches the **/proc/sys/net/ipv4/ip_forward** path name.

Then, you need to apply the change:

<code bash>
# sysctl -p
</code>
Many kernel runtime parameters can be set this way. Here are only a few examples:

<code bash>
# don't respond to a ping
net.ipv4.icmp_echo_ignore_all = 1
# don't respond to a ping to the broadcast address
net.ipv4.icmp_echo_ignore_broadcasts = 1
# disable IPv6 for all network interfaces
net.ipv6.conf.all.disable_ipv6 = 1
</code>
**Note**: As seen before, the **sysctl -a** command gets all the kernel runtime parameters with their current value. By redirecting the output to a file, this is also a good way to back up your configuration before any change.

Default kernel runtime configuration is located in the **/usr/lib/sysctl.d** directory and is executed before anything else (see **sysctl –system**).

**Caution**: Kernel runtime parameters set in the **/etc/sysctl.conf** file can be overrided by the application of a **tuned** profile.