# increase minimum TCP MSS to largest allowed minimum (cf. CVE-2019-11479)
net.ipv4.tcp_min_snd_mss = 536
