From 5d5eb295189ef9e453748f0f00447a905aecbf2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
Date: Mon, 19 Apr 2021 18:52:31 +0200
Subject: [PATCH] fff-network: Remove obsolete and unnecessary sysctls
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Many of the set sysctls are either unnecessary, are already default in
the kernel or in OpenWrts defaults, or the reason for them being
explicitly set is unknown.

Remove all those sysctls from fff-network, as unfounded deviations from
default values will cause hard-to-debug problems in the future.

The original motivation for this patch is the netdev_max_backlog sysctl,
which was set to a very low value without any reason or comment.
This hurt forwarding performance on mt7621 with DSA significantly and
took quite a while to discover.

Signed-off-by: Fabian Bläse <fabian@blaese.de>
Tested-by: Fabian Bläse <fabian@blaese.de>
---
 src/packages/fff/fff-network/Makefile         |  2 +-
 .../files/etc/sysctl.d/50-fff-network.conf    | 37 -------------------
 2 files changed, 1 insertion(+), 38 deletions(-)

diff --git a/src/packages/fff/fff-network/Makefile b/src/packages/fff/fff-network/Makefile
index 25f81c54..b3f8fe45 100644
--- a/src/packages/fff/fff-network/Makefile
+++ b/src/packages/fff/fff-network/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-network
-PKG_RELEASE:=43
+PKG_RELEASE:=44
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/src/packages/fff/fff-network/files/etc/sysctl.d/50-fff-network.conf b/src/packages/fff/fff-network/files/etc/sysctl.d/50-fff-network.conf
index ab536b4b..3cfd81dd 100644
--- a/src/packages/fff/fff-network/files/etc/sysctl.d/50-fff-network.conf
+++ b/src/packages/fff/fff-network/files/etc/sysctl.d/50-fff-network.conf
@@ -1,46 +1,9 @@
-net.ipv4.conf.default.arp_ignore=1
-net.ipv4.conf.all.arp_ignore=1
-net.ipv4.conf.all.forwarding=0
-net.ipv4.conf.all.send_redirects=0
-net.ipv4.tcp_ecn=0
-net.ipv4.tcp_fin_timeout=30
-net.ipv4.tcp_keepalive_time=120
-net.ipv4.tcp_syncookies=1
-net.core.netdev_max_backlog=30
-net.netfilter.nf_conntrack_checksum=0
-
-#Do not accept source routing
-net.ipv4.conf.all.accept_source_route=0
-net.ipv4.conf.all.accept_redirects=0
-net.ipv4.conf.default.accept_source_route=0
-net.ipv4.conf.default.accept_redirects=0
-net.ipv4.icmp_echo_ignore_broadcasts=1
-net.ipv4.icmp_ignore_bogus_error_responses=1
 net.ipv4.ip_forward=0
 
 net.ipv6.conf.default.accept_dad=0
 net.ipv6.conf.default.accept_ra=0
-net.ipv6.conf.default.accept_redirects=0
 net.ipv6.conf.all.accept_dad=0
 net.ipv6.conf.all.accept_ra=0
-net.ipv6.conf.all.accept_redirects=0
 
-# Learn Prefix Information in Router Advertisement
-net.ipv6.conf.default.accept_ra_pinfo = 0
-net.ipv6.conf.all.accept_ra_pinfo = 0
-
-# Setting controls whether the system will accept Hop Limit settings from a router advertisement
-net.ipv6.conf.default.accept_ra_defrtr = 0
-net.ipv6.conf.all.accept_ra_defrtr = 0
-
-#router advertisements can cause the system to assign a global unicast address to an interface
-net.ipv6.conf.default.autoconf = 0
-net.ipv6.conf.all.autoconf = 0
-
-#how many neighbor solicitations to send out per address?
-net.ipv6.conf.default.dad_transmits = 3
-net.ipv6.conf.all.dad_transmits = 3
-
-# Enable forwarding, otherwise not all local route are examined
 net.ipv6.conf.all.forwarding=1
 net.ipv6.conf.default.forwarding=0