[Next] [Previous] [Up] [Top] [Contents]

8.2 SunOS 5.X

8.2.5 Tuning Kernel Parameters

Many kernel parameters scale relative to the value chosen for maxusers. You can change many others that affect the kernel and kernel modules by setting values for them in /etc/system. With /etc/system you can specify:

To get a complete list of the tunable kernel parameters use the /usr/ccs/bin/nm command on the kernel, e.g.:

# /usr/ccs/bin/nm /kernel/unix -for Solaris 2.4

# /usr/ccs/bin/nm /kernel/genunix /platform/'uname -m'/kernel/unix -for Solaris 2.5

which yields over 5000 lines of kernel parameters, of the form:

Symbols from /kernel/unix:

[Index] Value Size Type Bind Other Shndx Name

[1] | 0| 0|FILE |LOCL |0 |ABS |unix

Most of these you will never need to change. You should also be aware that kernel parameters and their meanings may change in latter releases of the OS, so you should not blindly copy /etc/system files to new machines.

You can get a list of the drivers and modules currently loaded and some selected kernel parameter values by using the /usr/sbin/sysdef command with the -i option as shown below.

# sysdef -i

[...]

* Loadable Objects

*

genunix

misc/consconfig

[...]

fs/nfs

hard link: sys/nfs

fs/procfs

fs/specfs

fs/tmpfs

fs/ufs

[...]

sys/semsys

sys/shmsys

drv/arp

hard link: strmod/arp

drv/arp

[...]

* Tunable Parameters

*

1306624 maximum memory allowed in buffer cache (bufhwm)

1002 maximum number of processes (v.v_proc)

99 maximum global priority in sys class (MAXCLSYSPRI)

997 maximum processes per user id (v.v_maxup)

30 auto update time limit in seconds (NAUTOUP)

25 page stealing low water mark (GPGSLO)

5 fsflush run rate (FSFLUSHR)

25 minimum resident memory for avoiding deadlock (MINARMEM)

25 minimum swapable memory for avoiding deadlock (MINASMEM)

*

* Utsname Tunables

*

5.5 release (REL)

nyssa node name (NODE)

SunOS system name (SYS)

Generic version (VER)

*

* Process Resource Limit Tunables (Current:Maximum)

*

Infinity:Infinity cpu time

Infinity:Infinity file size

7ffff000:7ffff000 heap size

800000:7ffff000 stack size

Infinity:Infinity core file size

40: 400 file descriptors

Infinity:Infinity mapped memory

*

* Streams Tunables

*

9 maximum number of pushes allowed (NSTRPUSH)

65536 maximum stream message size (STRMSGSZ)

1024 max size of ctl part of message (STRCTLSZ)

*

* IPC Messages

*

100 entries in msg map (MSGMAP)

2048 max message size (MSGMAX)

4096 max bytes on queue (MSGMNB)

50 message queue identifiers (MSGMNI)

8 message segment size (MSGSSZ)

40 system message headers (MSGTQL)

1024 message segments (MSGSEG)

*

* IPC Semaphores

*

10 entries in semaphore map (SEMMAP)

10 semaphore identifiers (SEMMNI)

60 semaphores in system (SEMMNS)

30 undo structures in system (SEMMNU)

25 max semaphores per id (SEMMSL)

10 max operations per semop call (SEMOPM)

10 max undo entries per process (SEMUME)

32767 semaphore maximum value (SEMVMX)

16384 adjust on exit max value (SEMAEM)

*

* IPC Shared Memory

*

1048576 max shared memory segment size (SHMMAX)

1 min shared memory segment size (SHMMIN)

100 shared memory identifiers (SHMMNI)

6 max attached shm segments per process (SHMSEG)

*

* Time Sharing Scheduler Tunables

*

60 maximum time sharing user priority (TSMAXUPRI)

SYS system class name (SYS_NAME)

To get and set kernel driver configuration parameters you can use the command /usr/sbin/ndd. At this time ndd only supports access to the TCP/IP modules. Use the "-set" option to set a value, without it you query the named device driver, e.g. to get a list of the IP driver parameters execute:

# ndd /dev/ip \? - "?" indicates to list all parameters for the driver

? (read only)

ip_ill_status (read only)

ip_ipif_status (read only)

ip_ire_status (read only)

ip_rput_pullups (read and write)

ip_forwarding (read and write)

ip_respond_to_address_mask_broadcast (read and write)

ip_respond_to_echo_broadcast (read and write)

ip_respond_to_timestamp (read and write)

ip_respond_to_timestamp_broadcast (read and write)

ip_send_redirects (read and write)

ip_forward_directed_broadcasts (read and write)

ip_debug (read and write)

ip_mrtdebug (read and write)

ip_ire_cleanup_interval (read and write)

ip_ire_flush_interval (read and write)

ip_ire_redirect_interval (read and write)

ip_def_ttl (read and write)

ip_forward_src_routed (read and write)

ip_wroff_extra (read and write)

ip_ire_pathmtu_interval (read and write)

ip_icmp_return_data_bytes (read and write)

ip_send_source_quench (read and write)

ip_path_mtu_discovery (read and write)

ip_ignore_delete_time (read and write)

ip_ignore_redirect (read and write)

ip_output_queue (read and write)

ip_broadcast_ttl (read and write)

ip_icmp_err_interval (read and write)

ip_reass_queue_bytes (read and write)

ip_strict_dst_multihoming (read and write)

To get the value of a specific driver:

# ndd /dev/ip ip_forwarding

2

To disable packet forwarding (i.e. on a firewall machine) set this value to "0", as is done in the startup script /etc/init.d/inetinit:

# ndd -set /dev/ip ip_forwarding 0

To set values for kernel parameters in /etc/system you would use the form:

set module:variable=value

some examples would be:

set maxusers=16

to raise maxusers above the default value of 8. Actually the default value for maxusers is chosen based on the amount of available memory, with a maximum of 2048, according to:

Solaris 2.X maxusers default values
Memory SizeMaxusers value
< 32 MB8
< 40 MB32
< 64 MB40
< 128 MB64
³ 128 MB128

Maxusers affects the default settings for several other kernel table parameters according to the formula in the following table.

Kernel Parameter values affected by Maxusers
Kernel TableKernel VariableVariable Value
Calloutncallout16+max_nprocs
Inodeufs_ninodemax_nprocs+16+maxusers+64
Name Cache Lookupncsizemax_nprocs+16+maxusers+64
Processmax_nprocs10+16*maxusers
Disk Quota Structurendquot (maxusers*NMOUNT)/4+max_nprocs
User Processesmaxuprcmax_nprocs-5

The parameters npty and pt_cnt are not automatically tuned with the size of memory or maxusers, and may need to be reset to allow more network connections on a large machine.

Another example where you might reset a kernel parameter is to have NFS always check that the request is coming from a port number < 1024 (i.e. a "trusted port"). Do this for Solaris 2.4 with:

set nfs:nfs_portmon=1

and for Solaris 2.5 with:

set nfssrv:nfs_portmon=1

where the module containing the parameter has changed from nfs to nfssrv.

Some kernel parameters that you might consider tuning are in the table below.

Some Tunable Kernel Parameters
ParameterDefault ValuePractical LimitFunction
pt_cnt483000number of 5.X style pseudo-ttys.; sets the limit for the number of remote logins. Reboot with the "-r" option to create the /dev/pts entries.
npty483000number of 4.X style pseudo-ttys
ncsize17*maxusers + 9016000Directory Name Lookup Cache (DNLC) size. Increase for NFS server with lots of clients. "vmstat -s" reports the cache hit rate.
ufs_ninode17*maxusers + 9034906maximum number of inodes cached; should be at least as large as ncsize
maxuprc16*maxusers + 5 set this if you want to limit the number of processes a user can have
bufhwm0, which allows up to 2% of physical memory20% of physical memorymaximum size of the buffer cache (Kbytes). Caches inode, indirect block, and cylinder group information. "sar -b" reports the buffer cache hit rate.

You need to be very careful about the changes you make in /etc/system. It's possible that by putting incorrect values in /etc/system you could leave the machine in a state in which it is unable to boot. Should this occur, boot with the "-a" option, and when the system asks you to provide the configuration file name input /dev/null instead of /etc/system. Then edit /etc/system to correct the problem and reboot again.


Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]