This page describes the various linux syscontrols and what they do, these can be viewed/edited via the sysctl(8) command, or via /proc/sys/. eg, kernel.panic can be viewed by

/sbin/sysctl kernel.panic

or

cat /proc/sys/kernel/panic

kernel

kernel.panic

This is the number of seconds to wait after a kernel has panicked before the machine will reboot itself automatically. Very useful for unattended servers, or machines that are difficult to get physical access to.

net

These sysctls control the networking. See also http://bec.at/support/ipsysctl-tutorial/tcpvariables.html

net.ipv4

These control most of the IPv4 options

net.ipv4.ip_forwarding

enable global IP forwarding. Very important.

net.ipv4.tcp_fack

Enable Forward Acknowledgement congestion avoidance and fast retransmission. The value is not used, if net.ipv4.tcp_sack is not enabled. See http://www.psc.edu/networking/papers/fack_abstract.html for details on how this option works. Basically it seems to assume that missing sequence ranges are dropped (ie, implies no reordering). Linux will disable fack on a per connection basis if it detects reordering.

net.ipv4.tcp_vegas_cong_avoid (0)

Enable tcp vegas congestion avoidance. TCP Vegas is a congestion control algorithm that mostly these days is not considered to be particularly useful (see TCP Westward, below). TCP Vegas is a sender side (ie only used by the machine initiating the TCP connection) change and causes TCP to back off when it detects the RTT changing (ie, queuing is occuring). It works well when there is only a few flows using the bottleneck link.

net.ipv4.tcp_westwood (0)

Enable TCP Westwood+ congestion control algorithm. This is a sender side change (like TCP Vegas) and estimates of throughput are kept to try and make sure that the stack uses the optimum amount of bandwidth at all times. Very useful, defaults off should probably be enabled for many sites.

net.ipv4.tcp_low_latency (0)

"If set, the TCP stack makes decisions that prefer lower latency as opposed to higher throughput" This seems to disable a function called tcp_prequeue, no idea what it does.

net.ipv4.tcp_reordering (3)

How many duplicate acks you need before you enter fast retransmit. IF you are on a network with lots of reordering then this will need to be raised, linux can dynamically tune this on a per TCP flow, so changing it is normally not that necessary.

net.ipv4.tcp_sack (1)

Enable Selective Acknowledgement, reduces the number of segments that need to be retransmitted when packet loss occurs. Good to have on, needed to be enabled by both the sender and the reciever.

net.ipv4.tcp_ecn (0)

Explicit Congestion Notification, this can be used by routers on the internet to signal that congestion is imminent and to therefore to slow down sending before packet loss actually occurs. However many firewalls on the internet incorrectly detect the ECN data as an attack and drop all packets using ECN, sigh.

net.ipv4.tcp_retries1 (3)

How many times to send a SYN/ACK packet before giving up on a connection.

net.ipv4.tcp_retries2 (15)

How many times to send a TCP data packet before giving up on a connection.

inet.ipv4.tcp_syn_retrans (5)

How many times to send a SYN packet before giving up on a connection.

inet.ipv4.tcp_retrans_collapse (1)

If retransmissions should be sent as full sized packets working around some TCP implementation bugs (?).