From 7a1fa0b17ef0e600cbd3a588d1ed5838b2ed0ec8 Mon Sep 17 00:00:00 2001
From: Soong-Vilda <61845673+SoongVilda@users.noreply.github.com>
Date: Tue, 18 Nov 2025 19:49:35 +0100
Subject: [PATCH 1/4] Update network performance 99-cachyos-settings.conf

I have been testing these for about a week. I had some inaccurate values, but it seems promising now.

Rustdesk can achieve usable gaming at 80-100 FPS on a LAN connection.
Sunshine + Moonlight also works perfectly, even at a 150 Mbps bitrate with H.265, with no drops or lags.

Results over WAN (Tailscale) are pretty similar when direct P2P is achieved and both sides have a decent network.

I believe my personal tweaks would be useful for CachyOS.
---
 usr/lib/sysctl.d/99-cachyos-settings.conf | 62 +++++++++++++++++++++--
 1 file changed, 58 insertions(+), 4 deletions(-)

diff --git a/usr/lib/sysctl.d/99-cachyos-settings.conf b/usr/lib/sysctl.d/99-cachyos-settings.conf
index 15b1085..2297669 100644
--- a/usr/lib/sysctl.d/99-cachyos-settings.conf
+++ b/usr/lib/sysctl.d/99-cachyos-settings.conf
@@ -38,9 +38,63 @@ kernel.printk = 3 3 3 3
 # Restricting access to kernel pointers in the proc filesystem
 kernel.kptr_restrict = 2
 
-# Increase netdev receive queue
-# May help prevent losing packets
-net.core.netdev_max_backlog = 4096
-
 # Set size of file handles and inode cache
 fs.file-max = 2097152
+
+# ==============================================================================
+#   UNIVERSAL NETWORK TUNING (Performance & Stability)
+#   Optimized for: Low-Latency Gaming, High-Throughput File Transfer, VPNs
+#   Target Environments: Wired (1Gbps+), Wireless (Wi-Fi/5G), High Jitter
+# ==============================================================================
+
+# --- Maximum Socket Buffer Size (Throughput Optimization) ---
+# Increases the maximum window size for TCP/UDP.
+# Benefit: Allows high-performance devices to saturate Gigabit+ and WAN links.
+# Use Case: Prevents throttling in high-bandwidth apps like Syncthing (Large Syncs), Steam Downloads, and Sunshine/Moonlight (4K HDR Streams).
+net.core.rmem_max = 33554432
+net.core.wmem_max = 33554432
+
+# --- Default Socket Buffer Size (Universal Baseline) ---
+# Sets a baseline buffer larger than the generic Linux default (~212KB).
+# Benefit: Improves throughput stability on all connections without app-specific tuning.
+# Constraint: Safe for low-memory devices (4GB+ RAM) to prevent OOM conditions.
+net.core.rmem_default = 1048576
+net.core.wmem_default = 1048576
+
+# --- Input Packet Queue (Burst Handling) ---
+# Increases the backlog queue for incoming packets.
+# Benefit: Prevents packet drops on wireless (Wi-Fi/5G) networks where data often arrives in "clumps" or bursts due to signal jitter.
+# Use Case: Smoother playback in Moonlight/Parsec and fewer re-transmits in WireGuard.
+net.core.netdev_max_backlog = 4096
+
+# --- TCP Write Limit (Anti-Bufferbloat) ---
+# Limits the amount of unsent data in the TCP write buffer.
+# Benefit: Drastically reduces bufferbloat and input latency by keeping data "fresh".
+# Use Case: Critical for reducing input lag in RustDesk, Moonlight, and SSH sessions.
+net.ipv4.tcp_notsent_lowat = 131072
+
+# --- 5. MTU Probing (Connection Stability) ---
+# Enables Path MTU Discovery.
+# Benefit: Essential for connections involving encapsulation where the MTU is < 1500.
+# Use Case: Fixes "black hole" connections and stalled transfers in Tailscale, ZeroTier, and Docker networks running over Cellular/5G.
+net.ipv4.tcp_mtu_probing = 1
+
+# --- Fast Resume (Responsiveness) ---
+# Disables "Slow Start" after a connection has been idle.
+# Benefit: Ensures immediate maximum throughput when resuming a stream or transfer.
+# Use Case: Prevents "ramp up" blurriness when unpausing a Sunshine stream or resuming a Syncthing transfer after idle.
+net.ipv4.tcp_slow_start_after_idle = 0
+
+# --- Aggressive Keepalives (NAT Persistence) ---
+# Reduces the time before keepalive packets are sent (Default: 2 hours -> 60s).
+# Benefit: Prevents aggressive Carrier-Grade NATs (CGNAT) or Mobile Networks from closing idle connections.
+# Use Case: Keeps RustDesk, SSH, and Database connections alive on mobile data.
+net.ipv4.tcp_keepalive_time = 60
+net.ipv4.tcp_keepalive_intvl = 10
+net.ipv4.tcp_keepalive_probes = 6
+
+# --- IP Forwarding (Routing Support) ---
+# Enables IPv4 packet forwarding.
+# Benefit: Necessary for functionality in Containers and VPN Mesh networks.
+# Use Case: Required for Tailscale (Exit Nodes/Subnet Routers) and Docker/Podman.
+net.ipv4.ip_forward = 1

From 9bd83cbcf243f3d930cf2ddedddcce5b5812e9d0 Mon Sep 17 00:00:00 2001
From: Soong-Vilda <61845673+SoongVilda@users.noreply.github.com>
Date: Wed, 19 Nov 2025 00:28:04 +0100
Subject: [PATCH 2/4] Update 99-cachyos-settings.conf

---
 usr/lib/sysctl.d/99-cachyos-settings.conf | 48 ++++++++++++++++++-----
 1 file changed, 39 insertions(+), 9 deletions(-)

diff --git a/usr/lib/sysctl.d/99-cachyos-settings.conf b/usr/lib/sysctl.d/99-cachyos-settings.conf
index 2297669..42964ba 100644
--- a/usr/lib/sysctl.d/99-cachyos-settings.conf
+++ b/usr/lib/sysctl.d/99-cachyos-settings.conf
@@ -42,50 +42,62 @@ kernel.kptr_restrict = 2
 fs.file-max = 2097152
 
 # ==============================================================================
-#   UNIVERSAL NETWORK TUNING (Performance & Stability)
 #   Optimized for: Low-Latency Gaming, High-Throughput File Transfer, VPNs
 #   Target Environments: Wired (1Gbps+), Wireless (Wi-Fi/5G), High Jitter
 # ==============================================================================
 
-# --- Maximum Socket Buffer Size (Throughput Optimization) ---
+# --- 1. Maximum Socket Buffer Size (Throughput Optimization) ---
 # Increases the maximum window size for TCP/UDP.
 # Benefit: Allows high-performance devices to saturate Gigabit+ and WAN links.
 # Use Case: Prevents throttling in high-bandwidth apps like Syncthing (Large Syncs), Steam Downloads, and Sunshine/Moonlight (4K HDR Streams).
 net.core.rmem_max = 33554432
 net.core.wmem_max = 33554432
 
-# --- Default Socket Buffer Size (Universal Baseline) ---
+# --- 2. Default Socket Buffer Size (Universal Baseline) ---
 # Sets a baseline buffer larger than the generic Linux default (~212KB).
 # Benefit: Improves throughput stability on all connections without app-specific tuning.
 # Constraint: Safe for low-memory devices (4GB+ RAM) to prevent OOM conditions.
 net.core.rmem_default = 1048576
 net.core.wmem_default = 1048576
 
-# --- Input Packet Queue (Burst Handling) ---
+# --- 3. UDP Safety Floor (Audio/Input Stability) ---
+# Sets a minimum buffer reservation for every UDP socket (Default 4096 -> 32768).
+# Benefit: Eliminates "robotic" audio and input drops during CPU usage spikes by ensuring breathing room.
+# Use Case: Critical for 7.1 Surround Sound in Moonlight and glitch-free calls in high-load scenarios.
+net.ipv4.udp_rmem_min = 32768
+net.ipv4.udp_wmem_min = 32768
+
+# --- 4. Input Packet Queue (Burst Handling) ---
 # Increases the backlog queue for incoming packets.
 # Benefit: Prevents packet drops on wireless (Wi-Fi/5G) networks where data often arrives in "clumps" or bursts due to signal jitter.
 # Use Case: Smoother playback in Moonlight/Parsec and fewer re-transmits in WireGuard.
 net.core.netdev_max_backlog = 4096
 
-# --- TCP Write Limit (Anti-Bufferbloat) ---
+# --- 5. Connection Queue Limit (Startup Storms) ---
+# Increases the maximum number of pending connections waiting to be accepted.
+# Benefit: Prevents "Connection Refused" errors during sudden bursts of connection attempts.
+# Use Case: Ensures Syncthing connects to all peers instantly at startup; stabilizes Tailscale subnet routers.
+net.core.somaxconn = 8192
+
+# --- 6. TCP Write Limit (Anti-Bufferbloat) ---
 # Limits the amount of unsent data in the TCP write buffer.
 # Benefit: Drastically reduces bufferbloat and input latency by keeping data "fresh".
 # Use Case: Critical for reducing input lag in RustDesk, Moonlight, and SSH sessions.
 net.ipv4.tcp_notsent_lowat = 131072
 
-# --- 5. MTU Probing (Connection Stability) ---
+# --- 7. MTU Probing (Connection Stability) ---
 # Enables Path MTU Discovery.
 # Benefit: Essential for connections involving encapsulation where the MTU is < 1500.
 # Use Case: Fixes "black hole" connections and stalled transfers in Tailscale, ZeroTier, and Docker networks running over Cellular/5G.
 net.ipv4.tcp_mtu_probing = 1
 
-# --- Fast Resume (Responsiveness) ---
+# --- 8. Fast Resume (Responsiveness) ---
 # Disables "Slow Start" after a connection has been idle.
 # Benefit: Ensures immediate maximum throughput when resuming a stream or transfer.
 # Use Case: Prevents "ramp up" blurriness when unpausing a Sunshine stream or resuming a Syncthing transfer after idle.
 net.ipv4.tcp_slow_start_after_idle = 0
 
-# --- Aggressive Keepalives (NAT Persistence) ---
+# --- 9. Aggressive Keepalives (NAT Persistence) ---
 # Reduces the time before keepalive packets are sent (Default: 2 hours -> 60s).
 # Benefit: Prevents aggressive Carrier-Grade NATs (CGNAT) or Mobile Networks from closing idle connections.
 # Use Case: Keeps RustDesk, SSH, and Database connections alive on mobile data.
@@ -93,8 +105,26 @@ net.ipv4.tcp_keepalive_time = 60
 net.ipv4.tcp_keepalive_intvl = 10
 net.ipv4.tcp_keepalive_probes = 6
 
-# --- IP Forwarding (Routing Support) ---
+# --- 10. IP Forwarding (Routing Support) ---
 # Enables IPv4 packet forwarding.
 # Benefit: Necessary for functionality in Containers and VPN Mesh networks.
 # Use Case: Required for Tailscale (Exit Nodes/Subnet Routers) and Docker/Podman.
 net.ipv4.ip_forward = 1
+
+# --- 11. Half-Open Connection Queue (DDoS/Storm Protection) ---
+# Increases the queue for connections that are sending SYN but haven't ACKed yet.
+# Benefit: Prevents dropped connections when many peers try to connect at the exact same second.
+# Use Case: Vital for Syncthing when waking up a device with 20+ peers.
+net.ipv4.tcp_max_syn_backlog = 8192
+
+# --- 12. Socket Cleanup (Resource Recycling) ---
+# Reduces the time a closed connection stays in "FIN-WAIT-2" (Default 60s -> 30s).
+# Benefit: Releases memory and port handles faster after a disconnect.
+# Use Case: Helps Syncthing and Web Browsers free up resources during heavy P2P usage.
+net.ipv4.tcp_fin_timeout = 30
+
+# --- 13. TCP Timewait Reuse (P2P Optimization) ---
+# Allows reusing sockets in TIME_WAIT state for new connections.
+# Benefit: Prevents "Port Exhaustion" when Syncthing rotates through hundreds of peers.
+# Use Case: Keeps Syncthing fast during heavy multi-peer syncing.
+net.ipv4.tcp_tw_reuse = 1

From 0891f9f96882525cfe3d7435160ab2e3d2464961 Mon Sep 17 00:00:00 2001
From: Soong-Vilda <61845673+SoongVilda@users.noreply.github.com>
Date: Thu, 20 Nov 2025 10:12:23 +0100
Subject: [PATCH 3/4] Update 99-cachyos-settings.conf

Changed from

```bash
net.ipv4.udp_rmem_min = 32768
net.ipv4.udp_wmem_min = 32768
```

to

```bash
net.ipv4.udp_rmem_min = 8192
net.ipv4.udp_wmem_min = 8192
```

Reason: It could kill RAM on low-performance device and from my testing Moonlight + Sunshine or Rustdesk still works fine even with `8192`, so no reason to use higher. Right now it's just 2x time than Arch default, but Arch wiki suggest values `8192`.

https://wiki.archlinux.org/title/Sysctl#Increase_the_memory_dedicated_to_the_network_interfaces
---
 usr/lib/sysctl.d/99-cachyos-settings.conf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/usr/lib/sysctl.d/99-cachyos-settings.conf b/usr/lib/sysctl.d/99-cachyos-settings.conf
index 42964ba..d805ca4 100644
--- a/usr/lib/sysctl.d/99-cachyos-settings.conf
+++ b/usr/lib/sysctl.d/99-cachyos-settings.conf
@@ -61,11 +61,11 @@ net.core.rmem_default = 1048576
 net.core.wmem_default = 1048576
 
 # --- 3. UDP Safety Floor (Audio/Input Stability) ---
-# Sets a minimum buffer reservation for every UDP socket (Default 4096 -> 32768).
+# Sets a minimum buffer reservation for every UDP socket (Default 4096 -> 8192).
 # Benefit: Eliminates "robotic" audio and input drops during CPU usage spikes by ensuring breathing room.
 # Use Case: Critical for 7.1 Surround Sound in Moonlight and glitch-free calls in high-load scenarios.
-net.ipv4.udp_rmem_min = 32768
-net.ipv4.udp_wmem_min = 32768
+net.ipv4.udp_rmem_min = 8192
+net.ipv4.udp_wmem_min = 8192
 
 # --- 4. Input Packet Queue (Burst Handling) ---
 # Increases the backlog queue for incoming packets.

From b6bc5a29cb4bcfd721d9c4bfe20057d7d8a4fe45 Mon Sep 17 00:00:00 2001
From: Soong-Vilda <61845673+SoongVilda@users.noreply.github.com>
Date: Thu, 20 Nov 2025 16:01:53 +0100
Subject: [PATCH 4/4] Update 99-cachyos-settings.conf - Changed description to
 align value of net.ipv4.tcp_keepalive_time in Arch Linux

Changed description to align value of net.ipv4.tcp_keepalive_time in Arch Linux: https://gitlab.archlinux.org/archlinux/rfcs/-/merge_requests/51
---
 usr/lib/sysctl.d/99-cachyos-settings.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/usr/lib/sysctl.d/99-cachyos-settings.conf b/usr/lib/sysctl.d/99-cachyos-settings.conf
index d805ca4..7b0126f 100644
--- a/usr/lib/sysctl.d/99-cachyos-settings.conf
+++ b/usr/lib/sysctl.d/99-cachyos-settings.conf
@@ -98,7 +98,8 @@ net.ipv4.tcp_mtu_probing = 1
 net.ipv4.tcp_slow_start_after_idle = 0
 
 # --- 9. Aggressive Keepalives (NAT Persistence) ---
-# Reduces the time before keepalive packets are sent (Default: 2 hours -> 60s).
+# Reduces the time before keepalive packets are sent (Default: 120s on Arch Linux -> 60s).
+# https://gitlab.archlinux.org/archlinux/rfcs/-/merge_requests/51
 # Benefit: Prevents aggressive Carrier-Grade NATs (CGNAT) or Mobile Networks from closing idle connections.
 # Use Case: Keeps RustDesk, SSH, and Database connections alive on mobile data.
 net.ipv4.tcp_keepalive_time = 60