7

I have two changes to ip route & sysctl that disable tcp slow start. Here’s how I do it 

ip route show

Make a note of the line starting with default.

Pick up the IP from the default line and run 

sudo ip route change default via $ip_address dev eth0 initcwnd 12 
sudo sysctl -w net.ipv4.tcp_slow_start_after_idle=0

How can I create a puppet script out of this? One that can be deployed to many machines of the same type – CentOS 6

Edit: Added bounty to get a working example for

sudo ip route change default via $ip_address dev eth0 initcwnd 12
Quintin Par
  • 4,293
  • 10
  • 46
  • 72

3 Answers3

6

The sysctl side was covered in this post: Set sysctl.conf parameters with Puppet.

Puppet's example for networking also leverages Augeas.

Edit: You're on CentOS, so remember that you need to make these routes persistent... Is the safer approach to make the change in a file, verify, then restart the network interface? This assumes /etc/sysconfig/network-scripts/route-ethX use since you're using via syntax. The ip route command seems to be your goal since you want to change the initial congestion window (initcwnd). I would seriously separate that into another option because setting the default gateway by itself should be handled by the OS network scripts/kickstart/build process.

Now for a totally different solution:

I like Puppet for some things. Network configs and sysctl values are not among them. With EL6 systems, you have the ability to use the tuned-adm framework to make these system changes on the fly in an easy and consistent manner. The servers I manage sometimes need 30+ sysctl and sysfs changes before going into production. I used to manage that manually, then with Puppet... but with EL6, I create a tuned profile with all of the requisite tweaks and scripts, manage the profiles and their distribution with Puppet, and control the tuned daemon with Puppet.

Given that, just move your ip script and sysctl values in a custom profile and go from there. Much cleaner.

Community
  • 1
ewwhite
  • 194,921
  • 91
  • 434
  • 799
  • Hard a hard time trying to figure out the networking bit. Even explored https://github.com/AbbyEdwards/puppet-iproute2facts Can you help me with the ip route? – Quintin Par Aug 07 '12 at 17:10
  • You're on CentOS, so remember that you need to make these routes persistent, right? Is the safer approach to make the change in a file, verify, then restart the network interface? This assumes `/etc/sysconfig/network-scripts/route-ethX` use. – ewwhite Aug 11 '12 at 23:22
6

If you are obtaining your internet address using DHCP (which is suggested by your question), then you can use /etc/dhcp/dhclient-exit-hooks to run shell commands after dhclient configures your interface. You'll have access to a number of variables provided by dhclient, including $router. You can use this to run:

ip route change default via $router dev $interface initcwnd 12

You would install this script with a normal Puppet file resource:

file { '/etc/dhcp/dhclient-exit-hooks':
owner => root,
group => root,
mode => 0755,
source => 'puppet:///.../dhclient-exit-hooks',
}

And the file contents would probably look something like:

#!/bin/sh

if [ "$interface" = eth0 ]; then
  ip route change default via ${new_routers%% *} dev $interface initcwnd 12 
fi

If you're not using DHCP, you can do something similar. The normal ifup script runs /sbin/ifup-local after configuring the interface, and you could use this to run the ip command. In this case, you could get the address of the default gateway simply by sourcing in the interface configuration in /etc/sysconfig/network-scripts/ifcfg-eth0 (and your Puppet file resource would install /sbin/ifup-local).

larsks
  • 41,276
  • 13
  • 117
  • 170
6

Going off of larsks answer, if you have static ip addresses, place this in /sbin/ifup-local

#!/bin/sh

GATEWAY=`ip route| awk '/^def/{print $3}'`
DEFGWDEV=`ip route| awk '/^def/{print $5}'`

if [ "$1" = $DEFGWDEV ]; then
  ip route change default via $GATEWAY dev $DEFGWDEV initcwnd 12
fi
Tarun Reddy
  • 76
  • 1