Introduction

This post was last updated on the 2021-12 (AAAA-MM), as anything rolling, consider that the best approach is to always to check the arch wiki page of every component to verify if there’s a better way of doing things.

Generic tweaks

Disable NMI watchdog

Attempt to reduce the number of interrupts from NMI watchdog.

Aim: Increase battery life.

1
2

/etc/sysctl.d/98-disable_watchdog.conf
kernel.nmi_watchdog = 0

Reduce swappiness

The default value of swappiness (60) causes my swap to be used even when I still have memory available.

Aim: Spare a bit the life of the ssd. More responsiveness.

Source: archwiki - swappiness

1
2

# /etc/sysctl.d/99-swappiness.conf
vm.swappiness=10

Increase time between writes

vm.dirty_ratio is the percentage of system memory which when dirty, causes the process doing writes to block and write out dirty pages to the disk.

stackoverflow

Source: speedguide.net. Also mentioned in archwiki.

Aim: Spare a bit the life of the ssd and increase responsiveness.

1
2
3
4

# /etc/sysctl.d/98-dirty_ratio.conf
vm.dirty_ratio = 30
vm.dirty_writeback_centisecs = 1500
vm.dirty_expire_centisecs = 4500

Nice levels (ananicy)

Ananicy handles reprioritizing application IO and CPU.

Aim: More responsiveness.

1
2

$ yay -S ananicy-git
# systemctl enable --now ananicy

Networking

Systemd-resolved

Full DNS-over-TLS with caching is a great addition in terms of privacy.

Aim: Faster dns resolution + privacy

1
2
3
4

# /etc/systemd/resolved.conf.d/dns_over_tls.conf
[Resolve]
DNS=9.9.9.9#dns.quad9.net
DNSOverTLS=yes

1

# systemctl enable --now systemd-resolved

1

# ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

Make NetworkManager aware of systemd-resolved.

1

# systemctl restart NetworkManager

iwd

Even though it’s considered “unstable” I tend to have better results with iwd than wpa_supplicant.

Aim: network stability

1
2
3

#/etc/NetworkManager.conf.d/wifi_backend.conf
[device]
wifi.backend=iwd

1
2

# systemctl enable --now iwd
# systemctl restart NetworkManager

Device MAC randomization

The objective of this tweak is to avoid complete fingerprinting of the device but still keep a stable MAC address for networks that require it.

Aim: privacy

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

# /etc/NetworkManager/conf.d/wifi_rand_mac.conf
[device-mac-randomization]
# "yes" is already the default for scanning
wifi.scan-rand-mac-address=yes
 
[connection-mac-randomization]
# Generate a random MAC for ethernet and associate the two permanently.
ethernet.cloned-mac-address=stable
# Generate a random MAC for each WiFi and associate the two permanently.
wifi.cloned-mac-address=stable