Kernel support for server-side tcp fast open remains disabled

An interesting ‘info’ in the log


enable with: sysctl -w net.ipv4.tcp_fastopen=3

What is this for ?


this is new technology for fast open connection, lowering time to client start uploading or downloading data to you. Just in linux it not activated by default in linux kernel, storj cant activate it in your pc, so you need to do it by yourself.


Nice! good to make the change/update for the new storj release then 1.75*

But how to enable it persitently?

Is sysctl -w net.ipv4.tcp_fastopen=3
sufficient or to put it into /etc/sysctl.conf?

Edit: I have put the et.ipv4.tcp_fastopen=3 into the /etc/sysctl.conf


and then reloaded the sysctl with sysctl --system

but I’m still getting the same Info-Message:

Does anyone know how to realize it and to remove the Info-Message?

Thanks and kind regards,

1 Like

I’ve been wondering about this too. The value of tcp_fastopen seems to have a different value inside and outside of the docker container.

cat /proc/sys/net/ipv4/tcp_fastopen
docker exec -it storagenode cat /proc/sys/net/ipv4/tcp_fastopen

I think there may be a step we’re missing as SNOs.

1 Like

Am having the same values 3 and 1. Think something has to be added then in the docker run order. But I don’t know what exactly.

I’ve managed to get tcp_fastopen=3 inside my docker container now by altering my run command to include a sysctl argument:

docker run -d --restart unless-stopped --stop-timeout 300 \
--user 1000:1000 \
--sysctl net.ipv4.tcp_fastopen=3 \
-p 28969:28967/tcp \
docker exec -it  storagenode cat /proc/sys/net/ipv4/tcp_fastopen

No idea if tcp_fastopen is actually being used though as netstat -s on the host doesn’t show anything and netstat doesn’t exist inside the container.


There’s a message on startup the node will says if TCP Fast Open is enabled.


2023-03-31T11:12:42.971Z	INFO	server	existing kernel support for server-side tcp fast open detected	{"Process": "storagenode"}

But I’ve still no idea if it’s actually being used for any traffic.

If it shown as enabled then yes I think.

1 Like

Thanks alot waistcoat! Your --sysctl is the solution!


@Alexey @waistcoat
Sorry for the noob questions, I don’t understand linux very well…

  1. What’s with the --user 1000:1000 parameter? Do I must use that too? What does it do?
  2. Do I must run docker exec -it... too? Isn’t enough to stop > remove > start node, after modifying the docker run ?
  3. Why do you use net.core.wmem_max=2500000? The offical Storj Docs dosen’t say anything about that, only about rmem. Is it better to set this too?
  1. this is a user ID and group ID, you may use --user $(id -u):(id -g) instead (it will substitute the user ID and group ID automatically)
  2. You do not need to use docker exec, only if you want :slight_smile: This command allows you to execute some command inside the docker container. It could be useful in some situation, for example, you can see a CLI dashboard:
docker exec -it storagenode ./

(Ctrl-C to exit)
3. it’s not required, so I do not know, why is it used.


For the OS I used:

sysctl -w net.ipv4.tcp_fastopen=3

For the docker run I see that it misses -w. Is it ok without -w?

--sysctl net.ipv4.tcp_fastopen=3 \
  1. What’s with the --user 1000:1000 parameter? Do I must use that too? What does it do?

This is just part of my config to run the docker container as that particular user - 1000:1000 is the uid and gid of the pi user on a raspberry pi.

@Alexey 's soiution is more elegant as it runs the container as the user you’re currently logged into.

However, if you’re currently not setting the --user argument, please continue to not set it as it may well break your installation as the files ownerships would most probably be incorrect. Sames goes for if you’re using a different value - keep it as it is.


I’m on Synology NAS + Docker, imput as root (sudo su). I modifyed the run command and gives me an error:

docker: Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: write sysctl key net.ipv4.tcp_fastopen: open /proc/sys/net/ipv4/tcp_fastopen: no such file or directory: unknown.

Where is the problem? This is my command:

docker run -d --restart unless-stopped --stop-timeout 300 \
	--sysctl net.ipv4.tcp_fastopen=3 \
	-p 28967:28967/tcp \
	-p 28967:28967/udp \
	-p 14002:14002 \
	-e WALLET="....." \
	-e EMAIL="....." \
	-e ADDRESS=".....:28967" \
	-e STORAGE="7TB" \
	--mount type=bind,source="/volume1/Storj/Identity/storagenode/",destination=/app/identity \
	--mount type=bind,source="/volume1/Storj/",destination=/app/config \
	--log-opt max-size=10m \
	--log-opt max-file=5 \
	--name storagenode storjlabs/storagenode:latest \
	--server.address=":28967" \
	--console.address=":14002" \
	--log.level=error \
1 Like

I removed the node and restarted without that parameter, and than I run the exec command sugested (I undertand that it reads and shows the actual value of tcp_fast_open). It says 3… but also an error… ? ! ? !

 docker exec -it  storagenode cat /proc/sys/net/ipv4/tcp_fastopen

cat: /proc/sys/net/ipv4/tcp_fastopen: No such file or directory

this is a docker option, so they require this format. See docker run --help

seems Synology doesn’t support it in full

But why it shows “3”? It mirrors the value from the OS? Docker runs by default in bridge mode, not host mode. Maybe uses the value set in the OS and dosen’t need it set in docker run

the network connection doesn’t matter here, these values are kernel values. Just for docker you can set it independently in some cases.

For honestly I do not know, why it shows 3 and then print this error.