ProxMenux LogoProxMenux

Network Settings

The Network Settings category focuses on optimizing network performance and configuration in Proxmox VE. These settings are essential for efficient network operations in virtualized environments where multiple VMs and containers share network resources.

Available Optimizations

1
Apply Network Optimizations

This setting adjusts various sysctl parameters to enhance network performance, security, and stability.

Why it's beneficial:Improves throughput, reduces latency, and enhances security by fine-tuning kernel network settings. These optimizations are critical in virtualization environments where network efficiency directly impacts VMs and container performance.

This adjustment automates the following commands:


cat <<EOF | sudo tee /etc/sysctl.d/99-network-performance.conf
net.core.netdev_max_backlog=8192
net.core.optmem_max=8192
net.core.rmem_max=16777216
net.core.somaxconn=8151
net.core.wmem_max=16777216
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.ip_local_port_range=1024 65535
net.ipv4.tcp_base_mss = 1024
net.ipv4.tcp_challenge_ack_limit = 999999999
net.ipv4.tcp_fin_timeout=10
net.ipv4.tcp_keepalive_intvl=30
net.ipv4.tcp_keepalive_probes=3
net.ipv4.tcp_keepalive_time=240
net.ipv4.tcp_limit_output_bytes=65536
net.ipv4.tcp_max_syn_backlog=8192
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_rfc1337=1
net.ipv4.tcp_rmem=8192 87380 16777216
net.ipv4.tcp_sack=1
net.ipv4.tcp_slow_start_after_idle=0
net.ipv4.tcp_syn_retries=3
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_wmem=8192 65536 16777216
net.netfilter.nf_conntrack_generic_timeout = 60
net.netfilter.nf_conntrack_helper=0
net.netfilter.nf_conntrack_max = 524288
net.netfilter.nf_conntrack_tcp_timeout_established = 28800
net.unix.max_dgram_qlen = 4096
EOF

sudo sysctl -p /etc/sysctl.d/99-network-performance.conf

2
Enable TCP BBR and Fast Open

This optimization enables TCP BBR, Google's congestion control algorithm, and TCP Fast Open.

Why it's beneficial:

  • TCP BBR improves network throughput and reduces latency, especially over long-distance or congested links.
  • TCP Fast Open accelerates connection establishment, benefiting short-lived connections.

These enhancements improve network responsiveness in virtualized environments where efficient communication between systems is critical.

This adjustment automates the following commands:


echo "net.core.default_qdisc = fq" | sudo tee -a /etc/sysctl.d/99-tcp-bbr.conf
echo "net.ipv4.tcp_congestion_control = bbr" | sudo tee -a /etc/sysctl.d/99-tcp-bbr.conf
echo "net.ipv4.tcp_fastopen = 3" | sudo tee -a /etc/sysctl.d/99-tcp-fastopen.conf

sudo modprobe tcp_bbr
sudo sysctl -p /etc/sysctl.d/99-tcp-bbr.conf
sudo sysctl -p /etc/sysctl.d/99-tcp-fastopen.conf

3
Force APT to Use IPv4

This setting forces APT (Advanced Package Tool) to use IPv4 exclusively.

Why it's beneficial:Ensures reliable package management operations in environments where IPv6 is misconfigured or causes slow downloads. This is particularly useful in networks where IPv6 connectivity is unstable or unsupported, reducing potential update and repository access issues.

This adjustment automates the following commands:


echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4

4
Install Open vSwitch

This optimization installs Open vSwitch (OVS), a multilayer virtual switch designed for modern virtualized environments. OVS enhances network management by enabling advanced features for virtualized infrastructures.

Why it's beneficial:Open vSwitch provides powerful networking capabilities, including:

  • VLAN Support: Enables segmentation of virtual networks for better security and isolation.
  • Trunking: Allows multiple VLANs on a single physical or virtual interface.
  • Traffic Shaping: Implements bandwidth control and rate limiting per interface or flow.
  • Quality of Service (QoS): Prioritizes network traffic for optimized performance.
  • Integration with SDN (Software Defined Networking): Works seamlessly with OpenFlow for programmable network control.

This adjustment automates the following commands:


      # Install Open vSwitch packages
      DEBIAN_FRONTEND=noninteractive apt-get -y install openvswitch-switch openvswitch-common

      # Verify installation
      ovs-vsctl --version

Basic Usage: Creating a Virtual Switch

Once installed, Open vSwitch can be used to create virtual network bridges. Below is an example of how to create a virtual switch named br0 and add a network interface to it.


      # Create a new OVS bridge
      ovs-vsctl add-br br0

      # Add a network interface (e.g., eth1) to the bridge
      ovs-vsctl add-port br0 eth1

      # Show the current Open vSwitch configuration
      ovs-vsctl show

Adding VLANs to Open vSwitch

Open vSwitch allows VLAN tagging to segment network traffic. Below is an example of how to add an interface to a specific VLAN.


      # Add eth1 to br0 and assign it to VLAN 100
      ovs-vsctl add-port br0 eth1 tag=100

Trunking Multiple VLANs

If an interface needs to carry multiple VLANs (trunk mode), use the following command:


      # Configure eth1 as a trunk port allowing VLANs 100 and 200
      ovs-vsctl add-port br0 eth1 trunks=100,200

Deleting a Bridge or Port

If you need to remove a bridge or a port from Open vSwitch, use these commands:


      # Delete a bridge
      ovs-vsctl del-br br0

      # Remove a port from a bridge
      ovs-vsctl del-port br0 eth1

Open vSwitch enables advanced networking capabilities for virtual environments, allowing greater control over network traffic, security, and performance optimizations.

5
Optimize Network Interface Settings

This setting adjusts network interface parameters to enhance performance and reliability.

Why it's beneficial:PProper NIC tuning reduces latency, packet loss, and improves stability in environments with high network loads. Adjustments like increasing TX queue length prevent packet drops and enhance network responsiveness, which is essential in virtualized infrastructures with multiple VMs and containers.

This adjustment automates the following commands:


# Replace eth0 with your actual interface name
sudo ip link set eth0 txqueuelen 10000

# Make the change persistent
echo 'ACTION=="add", SUBSYSTEM=="net", KERNEL=="eth0", RUN+="/sbin/ip link set eth0 txqueuelen 10000"' | sudo tee /etc/udev/rules.d/60-net-txqueue.rules

# Enable TCP timestamps
echo 'net.ipv4.tcp_timestamps = 1' | sudo tee -a /etc/sysctl.d/99-network-performance.conf

sudo sysctl -p /etc/sysctl.d/99-network-performance.conf

Automatic Application

All of these optimizations are automatically applied when selected in the Network section. This automation ensures that these beneficial settings are applied consistently and correctly, saving time and reducing the potential for human error during manual configuration.

Post-Install Script: Previous
Virtualization
Post-Install Script: Next
Storage