richardevs/CentOS7_YUM_UPDATE_IPv6_ENABLE_BBR.sh

## CentOS7_YUM_UPDATE_IPv6_ENABLE_BBR.sh
#!/bin/bash
## ScriptName: CentOS7_YUM_UPDATE_IPv6_ENABLE_BBR

set -x

main_script() {
  yum clean all
  yum -y install yum-plugin-fastestmirror
  yum -y update

  # https://help.sakura.ad.jp/115000065981/ IPv6有効化手順(CentOS7)

  sed -i -e "/net.ipv6.conf.all.disable_ipv6/s/1/0/" /etc/sysctl.conf
  sed -i -e "/net.ipv6.conf.default.disable_ipv6/s/1/0/" /etc/sysctl.conf

  sed -i -e "s/^#//g" /etc/sysconfig/network
  sed -i -e "s/^#//g" /etc/sysconfig/network-scripts/ifcfg-eth0

  # Install 5.x kernel and enable BBR

  rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
  yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm

  yum -y install yum-utils
  yum-config-manager --enable elrepo-kernel
  yum -y install kernel-ml kernel-ml-devel

  grub2-set-default 0

  sed -i '/net.core.default_qdisc/d' /etc/sysctl.conf
  sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.conf
  echo "net.core.default_qdisc = fq" >> /etc/sysctl.conf
  echo "net.ipv4.tcp_congestion_control = bbr" >> /etc/sysctl.conf

  # TCP SYN Flood Mitigation
  sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf
  sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf
  sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf
  sed -i '/net.ipv4.tcp_synack_retries/d' /etc/sysctl.conf
  echo "net.ipv4.tcp_max_tw_buckets = 5000" >> /etc/sysctl.conf
  echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
  echo "net.ipv4.tcp_max_syn_backlog = 1024" >> /etc/sysctl.conf
  echo "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.conf

  sysctl -p >/dev/null 2>&1

  reboot
}

main_script 2>&1 | tee /root/CentOS7_YUM_UPDATE_IPv6_ENABLE_BBR.log
	#!/bin/bash
	## ScriptName: CentOS7_YUM_UPDATE_IPv6_ENABLE_BBR

	set -x

	main_script() {
	yum clean all
	yum -y install yum-plugin-fastestmirror
	yum -y update

	# https://help.sakura.ad.jp/115000065981/ IPv6有効化手順(CentOS7)

	sed -i -e "/net.ipv6.conf.all.disable_ipv6/s/1/0/" /etc/sysctl.conf
	sed -i -e "/net.ipv6.conf.default.disable_ipv6/s/1/0/" /etc/sysctl.conf

	sed -i -e "s/^#//g" /etc/sysconfig/network
	sed -i -e "s/^#//g" /etc/sysconfig/network-scripts/ifcfg-eth0

	# Install 5.x kernel and enable BBR

	rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
	yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm

	yum -y install yum-utils
	yum-config-manager --enable elrepo-kernel
	yum -y install kernel-ml kernel-ml-devel

	grub2-set-default 0

	sed -i '/net.core.default_qdisc/d' /etc/sysctl.conf
	sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.conf
	echo "net.core.default_qdisc = fq" >> /etc/sysctl.conf
	echo "net.ipv4.tcp_congestion_control = bbr" >> /etc/sysctl.conf

	# TCP SYN Flood Mitigation
	sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf
	sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf
	sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf
	sed -i '/net.ipv4.tcp_synack_retries/d' /etc/sysctl.conf
	echo "net.ipv4.tcp_max_tw_buckets = 5000" >> /etc/sysctl.conf
	echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
	echo "net.ipv4.tcp_max_syn_backlog = 1024" >> /etc/sysctl.conf
	echo "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.conf

	sysctl -p >/dev/null 2>&1

	reboot
	}

	main_script 2>&1 \| tee /root/CentOS7_YUM_UPDATE_IPv6_ENABLE_BBR.log