From c567bfbd179402efb6a053a7f4dfc4168feeb6f7 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 2 Sep 2025 08:53:55 -0400 Subject: [PATCH] Add sysctl tune check to selfcheck Apart frem the gc_thresh indirect check, perform other checks. For now, just highlight that tcp_sack being disabled can really mess with BMC connections. Since the management node may have high speed and the BMC may be behind a 100MBit link, SACK is needed to overcome the massive loss and induce TCP to rate limit appropriately. --- confluent_server/bin/confluent_selfcheck | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/confluent_server/bin/confluent_selfcheck b/confluent_server/bin/confluent_selfcheck index 14ced5d3..f2ad7ef0 100755 --- a/confluent_server/bin/confluent_selfcheck +++ b/confluent_server/bin/confluent_selfcheck @@ -27,6 +27,16 @@ import signal import confluent.collective.manager as collective import confluent.noderange as noderange +def check_sysctl_tuning(): + with open('/proc/sys/net/ipv4/tcp_sack', 'r') as f: + value = f.read().strip() + if value == '1': + print('OK') + return + else: + emprint('TCP SACK is disabled, network operations to BMCs may be particularly impacted, including firmware updates and virtual media') + + def check_neigh_overflow(): dmesgout = subprocess.check_output(['dmesg']) if b'_cache: neighbor table overflow!' in subprocess.check_output(['dmesg']): @@ -216,6 +226,8 @@ if __name__ == '__main__': emprint('ARP/Neighbor table problem detected, evaluate and increase net.ipv*.neigh.default.gc_thresh*') else: print('OK') + fprint('Checking sysctl tunables: ') + check_sysctl_tuning() fprint('TFTP Status: ') if tftp_works(): print('OK')