8.2 SunOS 5.X
# /usr/ccs/bin/nm /kernel/unix -for Solaris 2.4
# /usr/ccs/bin/nm /kernel/genunix /platform/'uname -m'/kernel/unix -for Solaris 2.5
which yields over 5000 lines of kernel parameters, of the form:
Symbols from /kernel/unix:
[Index] Value Size Type Bind Other Shndx Name
[1] | 0| 0|FILE |LOCL |0 |ABS |unix
Most of these you will never need to change. You should also be aware that kernel parameters and their meanings may change in latter releases of the OS, so you should not blindly copy /etc/system files to new machines.
You can get a list of the drivers and modules currently loaded and some selected kernel parameter values by using the /usr/sbin/sysdef command with the -i option as shown below.
# sysdef -i
[...]
* Loadable Objects
*
genunix
misc/consconfig
[...]
fs/nfs
hard link: sys/nfs
fs/procfs
fs/specfs
fs/tmpfs
fs/ufs
[...]
sys/semsys
sys/shmsys
drv/arp
hard link: strmod/arp
drv/arp
[...]
* Tunable Parameters
*
1306624 maximum memory allowed in buffer cache (bufhwm)
1002 maximum number of processes (v.v_proc)
99 maximum global priority in sys class (MAXCLSYSPRI)
997 maximum processes per user id (v.v_maxup)
30 auto update time limit in seconds (NAUTOUP)
25 page stealing low water mark (GPGSLO)
5 fsflush run rate (FSFLUSHR)
25 minimum resident memory for avoiding deadlock (MINARMEM)
25 minimum swapable memory for avoiding deadlock (MINASMEM)
*
* Utsname Tunables
*
5.5 release (REL)
nyssa node name (NODE)
SunOS system name (SYS)
Generic version (VER)
*
* Process Resource Limit Tunables (Current:Maximum)
*
Infinity:Infinity cpu time
Infinity:Infinity file size
7ffff000:7ffff000 heap size
800000:7ffff000 stack size
Infinity:Infinity core file size
40: 400 file descriptors
Infinity:Infinity mapped memory
*
* Streams Tunables
*
9 maximum number of pushes allowed (NSTRPUSH)
65536 maximum stream message size (STRMSGSZ)
1024 max size of ctl part of message (STRCTLSZ)
*
* IPC Messages
*
100 entries in msg map (MSGMAP)
2048 max message size (MSGMAX)
4096 max bytes on queue (MSGMNB)
50 message queue identifiers (MSGMNI)
8 message segment size (MSGSSZ)
40 system message headers (MSGTQL)
1024 message segments (MSGSEG)
*
* IPC Semaphores
*
10 entries in semaphore map (SEMMAP)
10 semaphore identifiers (SEMMNI)
60 semaphores in system (SEMMNS)
30 undo structures in system (SEMMNU)
25 max semaphores per id (SEMMSL)
10 max operations per semop call (SEMOPM)
10 max undo entries per process (SEMUME)
32767 semaphore maximum value (SEMVMX)
16384 adjust on exit max value (SEMAEM)
*
* IPC Shared Memory
*
1048576 max shared memory segment size (SHMMAX)
1 min shared memory segment size (SHMMIN)
100 shared memory identifiers (SHMMNI)
6 max attached shm segments per process (SHMSEG)
*
* Time Sharing Scheduler Tunables
*
60 maximum time sharing user priority (TSMAXUPRI)
SYS system class name (SYS_NAME)
To get and set kernel driver configuration parameters you can use the command /usr/sbin/ndd. At this time ndd only supports access to the TCP/IP modules. Use the "-set" option to set a value, without it you query the named device driver, e.g. to get a list of the IP driver parameters execute:
# ndd /dev/ip \? - "?" indicates to list all parameters for the driver
? (read only)
ip_ill_status (read only)
ip_ipif_status (read only)
ip_ire_status (read only)
ip_rput_pullups (read and write)
ip_forwarding (read and write)
ip_respond_to_address_mask_broadcast (read and write)
ip_respond_to_echo_broadcast (read and write)
ip_respond_to_timestamp (read and write)
ip_respond_to_timestamp_broadcast (read and write)
ip_send_redirects (read and write)
ip_forward_directed_broadcasts (read and write)
ip_debug (read and write)
ip_mrtdebug (read and write)
ip_ire_cleanup_interval (read and write)
ip_ire_flush_interval (read and write)
ip_ire_redirect_interval (read and write)
ip_def_ttl (read and write)
ip_forward_src_routed (read and write)
ip_wroff_extra (read and write)
ip_ire_pathmtu_interval (read and write)
ip_icmp_return_data_bytes (read and write)
ip_send_source_quench (read and write)
ip_path_mtu_discovery (read and write)
ip_ignore_delete_time (read and write)
ip_ignore_redirect (read and write)
ip_output_queue (read and write)
ip_broadcast_ttl (read and write)
ip_icmp_err_interval (read and write)
ip_reass_queue_bytes (read and write)
ip_strict_dst_multihoming (read and write)
To get the value of a specific driver:
# ndd /dev/ip ip_forwarding
2
To disable packet forwarding (i.e. on a firewall machine) set this value to "0", as is done in the startup script /etc/init.d/inetinit:
# ndd -set /dev/ip ip_forwarding 0
To set values for kernel parameters in /etc/system you would use the form:
set module:variable=value
some examples would be:
set maxusers=16
to raise maxusers above the default value of 8. Actually the default value for maxusers is chosen based on the amount of available memory, with a maximum of 2048, according to:
Memory Size | Maxusers value |
---|---|
< 32 MB | 8 |
< 40 MB | 32 |
< 64 MB | 40 |
< 128 MB | 64 |
³ 128 MB | 128 |
Maxusers affects the default settings for several other kernel table parameters according to the formula in the following table.
Kernel Table | Kernel Variable | Variable Value |
---|---|---|
Callout | ncallout | 16+max_nprocs |
Inode | ufs_ninode | max_nprocs+16+maxusers+64 |
Name Cache Lookup | ncsize | max_nprocs+16+maxusers+64 |
Process | max_nprocs | 10+16*maxusers |
Disk Quota Structure | ndquot | (maxusers*NMOUNT)/4+max_nprocs |
User Processes | maxuprc | max_nprocs-5 |
The parameters npty and pt_cnt are not automatically tuned with the size of memory or maxusers, and may need to be reset to allow more network connections on a large machine.
Another example where you might reset a kernel parameter is to have NFS always check that the request is coming from a port number < 1024 (i.e. a "trusted port"). Do this for Solaris 2.4 with:
set nfs:nfs_portmon=1
and for Solaris 2.5 with:
set nfssrv:nfs_portmon=1
where the module containing the parameter has changed from nfs to nfssrv.
Some kernel parameters that you might consider tuning are in the table below.
Parameter | Default Value | Practical Limit | Function |
---|---|---|---|
pt_cnt | 48 | 3000 | number of 5.X style pseudo-ttys.; sets the limit for the number of remote logins. Reboot with the "-r" option to create the /dev/pts entries. |
npty | 48 | 3000 | number of 4.X style pseudo-ttys |
ncsize | 17*maxusers + 90 | 16000 | Directory Name Lookup Cache (DNLC) size. Increase for NFS server with lots of clients. "vmstat -s" reports the cache hit rate. |
ufs_ninode | 17*maxusers + 90 | 34906 | maximum number of inodes cached; should be at least as large as ncsize |
maxuprc | 16*maxusers + 5 | set this if you want to limit the number of processes a user can have | |
bufhwm | 0, which allows up to 2% of physical memory | 20% of physical memory | maximum size of the buffer cache (Kbytes). Caches inode, indirect block, and cylinder group information. "sar -b" reports the buffer cache hit rate. |
You need to be very careful about the changes you make in /etc/system. It's possible that by putting incorrect values in /etc/system you could leave the machine in a state in which it is unable to boot. Should this occur, boot with the "-a" option, and when the system asks you to provide the configuration file name input /dev/null instead of /etc/system. Then edit /etc/system to correct the problem and reboot again.