update

web/app/docs/post-install/network/page.tsx

@@ -1,5 +1,6 @@
 import type { Metadata } from "next"
 import { Network } from "lucide-react"
+import { CopyableCode } from "@/components/CopyableCode"
 
 export const metadata: Metadata = {
   title: "ProxMenux Post-Install: Network Settings",
@@ -38,12 +39,45 @@ net.core.optmem_max=8192
 net.core.rmem_max=16777216
 net.core.somaxconn=8151
 net.core.wmem_max=16777216
-net.ipv4.tcp_rmem=8192 87380 16777216
-net.ipv4.tcp_wmem=8192 65536 16777216
+net.ipv4.conf.all.accept_redirects = 0
+net.ipv4.conf.all.accept_source_route = 0
+net.ipv4.conf.all.log_martians = 0
+net.ipv4.conf.all.rp_filter = 1
+net.ipv4.conf.all.secure_redirects = 0
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv4.conf.default.accept_source_route = 0
+net.ipv4.conf.default.log_martians = 0
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.default.secure_redirects = 0
+net.ipv4.conf.default.send_redirects = 0
+net.ipv4.icmp_echo_ignore_broadcasts = 1
+net.ipv4.icmp_ignore_bogus_error_responses = 1
+net.ipv4.ip_local_port_range=1024 65535
+net.ipv4.tcp_base_mss = 1024
+net.ipv4.tcp_challenge_ack_limit = 999999999
+net.ipv4.tcp_fin_timeout=10
+net.ipv4.tcp_keepalive_intvl=30
+net.ipv4.tcp_keepalive_probes=3
+net.ipv4.tcp_keepalive_time=240
+net.ipv4.tcp_limit_output_bytes=65536
 net.ipv4.tcp_max_syn_backlog=8192
+net.ipv4.tcp_max_tw_buckets = 1440000
+net.ipv4.tcp_mtu_probing = 1
+net.ipv4.tcp_rfc1337=1
+net.ipv4.tcp_rmem=8192 87380 16777216
+net.ipv4.tcp_sack=1
 net.ipv4.tcp_slow_start_after_idle=0
-net.ipv4.tcp_tw_reuse=0
-# ... (other network optimizations)
+net.ipv4.tcp_syn_retries=3
+net.ipv4.tcp_synack_retries = 2
+net.ipv4.tcp_tw_recycle = 0
+net.ipv4.tcp_tw_reuse = 0
+net.ipv4.tcp_wmem=8192 65536 16777216
+net.netfilter.nf_conntrack_generic_timeout = 60
+net.netfilter.nf_conntrack_helper=0
+net.netfilter.nf_conntrack_max = 524288
+net.netfilter.nf_conntrack_tcp_timeout_established = 28800
+net.unix.max_dgram_qlen = 4096
 EOF
 
 # Apply sysctl changes
@@ -77,8 +111,10 @@ echo "Acquire::ForceIPv4 \"true\";" > /etc/apt/apt.conf.d/99-force-ipv4
   `
 
   const installOpenVSwitchCode = `
-# Install OpenVSwitch
+# Update package lists
 apt-get update
+
+# Install OpenVSwitch
 apt-get install -y openvswitch-switch openvswitch-common
 
 # Verify installation
@@ -105,12 +141,18 @@ ovs-vsctl --version
         </p>
         <p className="mb-4">
           <strong>Why it's beneficial:</strong> These optimizations can significantly improve network throughput, reduce
-          latency, and enhance security by adjusting various kernel parameters related to networking.
+          latency, and enhance security by adjusting various kernel parameters related to networking. Some key benefits
+          include:
         </p>
+        <ul className="list-disc pl-5 mb-4">
+          <li>Increased maximum number of backlog connections</li>
+          <li>Optimized TCP window sizes for better throughput</li>
+          <li>Enhanced security by disabling potentially dangerous features like ICMP redirects</li>
+          <li>Improved TCP connection handling and timeout settings</li>
+          <li>Optimized network memory allocation</li>
+        </ul>
         <h4 className="text-lg font-semibold mb-2">To apply this optimization manually, you would run:</h4>
-        <pre className="bg-gray-100 p-4 rounded-md overflow-x-auto">
-          <code>{applyNetworkOptimizationsCode}</code>
-        </pre>
+        <CopyableCode code={applyNetworkOptimizationsCode} />
       </section>
 
       <section className="mb-8">
@@ -119,14 +161,20 @@ ovs-vsctl --version
           This optimization enables Google's TCP BBR congestion control algorithm and TCP Fast Open.
         </p>
         <p className="mb-4">
-          <strong>Why it's beneficial:</strong> TCP BBR can significantly improve network throughput and reduce latency,
-          especially on long-distance or congested networks. TCP Fast Open reduces connection establishment time,
-          improving the speed of short-lived connections.
+          <strong>Why it's beneficial:</strong>
         </p>
+        <ul className="list-disc pl-5 mb-4">
+          <li>
+            TCP BBR (Bottleneck Bandwidth and Round-trip propagation time) can significantly improve network throughput
+            and reduce latency, especially on long-distance or congested networks.
+          </li>
+          <li>
+            TCP Fast Open reduces connection establishment time, improving the speed of short-lived connections by
+            allowing data transfer during the initial TCP handshake.
+          </li>
+        </ul>
         <h4 className="text-lg font-semibold mb-2">To apply this optimization manually, you would run:</h4>
-        <pre className="bg-gray-100 p-4 rounded-md overflow-x-auto">
-          <code>{enableTcpFastOpenCode}</code>
-        </pre>
+        <CopyableCode code={enableTcpFastOpenCode} />
       </section>
 
       <section className="mb-8">
@@ -134,12 +182,15 @@ ovs-vsctl --version
         <p className="mb-4">This optimization configures APT (Advanced Package Tool) to use IPv4 exclusively.</p>
         <p className="mb-4">
           <strong>Why it's beneficial:</strong> Forcing APT to use IPv4 can resolve issues in environments where IPv6 is
-          not properly configured or is causing slowdowns. This ensures more reliable package management operations.
+          not properly configured or is causing slowdowns. This ensures more reliable package management operations by:
         </p>
+        <ul className="list-disc pl-5 mb-4">
+          <li>Avoiding potential IPv6-related connection issues</li>
+          <li>Ensuring consistent behavior across different network configurations</li>
+          <li>Potentially speeding up package downloads in networks with suboptimal IPv6 support</li>
+        </ul>
         <h4 className="text-lg font-semibold mb-2">To apply this optimization manually, you would run:</h4>
-        <pre className="bg-gray-100 p-4 rounded-md overflow-x-auto">
-          <code>{forceAptIpv4Code}</code>
-        </pre>
+        <CopyableCode code={forceAptIpv4Code} />
       </section>
 
       <section className="mb-8">
@@ -149,13 +200,17 @@ ovs-vsctl --version
         </p>
         <p className="mb-4">
           <strong>Why it's beneficial:</strong> Open vSwitch provides advanced networking capabilities for virtualized
-          environments. It allows for more flexible and powerful network configurations, supporting features like VLAN
-          tagging, traffic shaping, and software-defined networking.
+          environments. It allows for more flexible and powerful network configurations, including:
         </p>
+        <ul className="list-disc pl-5 mb-4">
+          <li>Support for VLAN tagging and trunking</li>
+          <li>Advanced traffic shaping and Quality of Service (QoS) capabilities</li>
+          <li>Integration with software-defined networking (SDN) controllers</li>
+          <li>Improved network performance and scalability for large virtualized environments</li>
+          <li>Support for network function virtualization (NFV)</li>
+        </ul>
         <h4 className="text-lg font-semibold mb-2">To apply this optimization manually, you would run:</h4>
-        <pre className="bg-gray-100 p-4 rounded-md overflow-x-auto">
-          <code>{installOpenVSwitchCode}</code>
-        </pre>
+        <CopyableCode code={installOpenVSwitchCode} />
       </section>
 
       <section className="mt-12 p-4 bg-blue-100 rounded-md">
@@ -163,7 +218,8 @@ ovs-vsctl --version
         <p>
           All of these optimizations are automatically applied when selected in the Network section of the
           customizable_post_install.sh script. This automation ensures that these beneficial settings are applied
-          consistently and correctly.
+          consistently and correctly, saving time and reducing the potential for human error during manual
+          configuration.
         </p>
       </section>
     </div>