I’m getting this in a container (Ubuntu 16.04)
cat /proc/sys/net/ipv4/tcp_keepalive_time
cat: /proc/sys/net/ipv4/tcp_keepalive_time: No such file or directory
Any solution?
LXD v 2.20
No solution, that’d be a kernel bug, either related to the network namespace or to the user namespace. If it’s limited to user namespaces, then making the container privileged (security.privileged=true) may help.
In either case, you could file a kernel bug at https://launchpad.net/ubuntu/+source/linux/+filebug so there’s at least a record of this issue.
Oh and if you do file a bug, please post the link here so others can follow along.
Wow! I am having fun…
I’ve reported as you suggest.
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1736804
This is fixed upstream. The file appears in user namespaces at least from kernels 4.13 onwards but it must be turned on way earlier.
commit 13b287e8d1cad951634389f85b8c9b816bd3bb1e
Author: Nikolay Borisov kernel@kyup.com
Date: Thu Jan 7 16:38:43 2016 +0200
ipv4: Namespaceify tcp_keepalive_time sysctl knob
Different net namespaces might have different requirements as to
the keepalive time of tcp sockets. This might be required in cases
where different firewall rules are in place which require tcp
timeout sockets to be increased/decreased independently of the host.
Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>Thanks @brauner
I’m using hosting from Scaleway, and they have brought out a new kernel version
Linux zentyal1 4.14.4-mainline-rev1 #1 SMP Tue Dec 5 13:08:45 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
And I can confirm that its fixed.
Sorry, that I didn’t try a different kernel before posting originally - it didn’t occur to me that it would be a kernel issue.