Trend Micro - Securing Your Journey to the Cloud Business
Success
Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Preventing TCP segment loss in InterScan Web Security Virtual Appliance (IWSVA) 6.5

    • Updated:
    • 7 Nov 2018
    • Product/Version:
    • InterScan Web Security Virtual Appliance 6.5
    • Interscan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

The loss of TCP segments sometimes occur in InterScan Web Security Virtual Appliance 6.5 (IWSVA).

This happens because some TCP tuning parameters in IWSVA's OS are not appropriate for the current TCP traffic. 

This article you how to do some performance tuning for IWSVA in order to prevent the loss of TCP segments.

Details
Public

The loss of TCP segments occur because the TCP traffic may have reached one of the following limits:

  • The maximum send buffer size (default: 8 MB).
  • The maximum receive buffer size (default: 8 MB).
  • The maximum number of packets in the global input queue for the NIC (default: 1024).

These limits are tuning parameters.

 
If it is difficult to decide "to what extent the size should be increased", gradually increase the size to twice, three times then check whether the issue is alleviated.

To change the limits:

  1. Log on to IWSVA as root via SSH (for example with a SSH shell such as PuTTy).

  2. Get a backup copy of /etc/sysctl.conf:

    # cp /etc/sysctl.conf /etc/sysctl.conf.bak

  3. Use vi to edit the file /etc/sysctl.conf:

    # vi /etc/sysctl.conf

  4. Change the following values:

    • The maximum send buffer size:

      [Settings (default)]

      ----------------------------------  net.core.wmem_max=8388608  net.ipv4.tcp_wmem=4096 262144 4194304  ----------------------------------

      For example: Increase size from 8 MB (default) to 32 MB.

      ----------------------------------   net.core.wmem_max=33554432  net.ipv4.tcp_wmem=4096 262144 33554432  ----------------------------------

    • The maximum receive buffer size:

      [Settings (default)]

      ----------------------------------  net.core.rmem_max=8388608  net.ipv4.tcp_rmem=4096 262144 4194304  ----------------------------------

      For example: Increase the size from 8 MB (default) to 32 MB.

      ----------------------------------   net.core.rmem_max=33554432  net.ipv4.tcp_rmem=4096 262144 33554432  ----------------------------------

    • The maximum number of packets in the global input queue for the NIC (default: 1024):

      [Setting (default)]

      ----------------------------------   net.core.netdev_max_backlog=1024  ----------------------------------

      For example: Increase the size from 1024 (default) to 4096.

      ----------------------------------   net.core.netdev_max_backlog=4096  ----------------------------------
  5. Save the file and quit.

  6. Run the following command.

    # sysctl –p

Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1121137
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.
Related Articles