/proc/sys/net/ipv4/tcp_sack - TCP Selective Acknowledgements. They can reduce retransmissions, however make servers more prone to DDoS Attacks and increase CPU utilization.
Uh, so what did Netflix to, read the kernel documentation?
Good advice from Suse:
https://www.suse.com/support/kb/doc/?id=7023928
Give this a shot if you find you need relief (with a trade-off):
echo 0 > /proc/sys/net/ipv4/tcp_sack