2 - name: Load the tcp_bbr kernel module
6 - name: Persist the tcp_bbr module to configuration
8 dest: /etc/modules-load.d/local-network.conf
11 - name: Set network-related sysctl options
13 sysctl_file: /etc/sysctl.d/local-network.conf
15 name: "{{ item.key }}"
16 value: "{{ item.value }}"
19 # CoDel (controlled delay) with Fair Queuing as the default queue scheduler
20 # mitigates bufferbloat and helps share bandwidth equitably across flows.
21 net.core.default_qdisc: fq_codel
23 # BBR is currently the best TCP congestion control algorithm.
24 # C.f. https://queue.acm.org/detail.cfm?id=3022184
25 net.ipv4.tcp_congestion_control: bbr
27 # Disable Selective Acknowledgement (SACK)
28 # Workaround CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
29 # See https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
33 label: "{{ item.key }}"