linux 调整内核优化

所谓内核优化，主要是在 linux 中针对业务服务应用而进行的系统内核参数优化，优化并无特殊的 标准，下面以常见生产环境 linux 的内核优化为例讲解，仅供大家参考：

内核调优

#vi /etc/sysctl.cof net.ipv4.tcp_fin_timeout = 2 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_keepalive_time = 600 net.ipv4.ip_local_port_range = 4000 65000 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_max_tw_buckets = 36000 net.ipv4.route.gc_timeout = 100 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_synack_retries = 1

net.core.somaxconn = 16384                                                                                                              12

net.core.netdev_max_backlog = 16384 net.ipv4.tcp_max_orphans = 16384

#以下参数是对 iptables 防火墙的优化，防火墙不开会提示，可以忽略不理。 net.ipv4.ip_conntrack_max = 25000000 net.ipv4.netfilter.ip_conntrack_max=25000000 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=180 net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait=120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait=60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait=120

[root@eric6 ~]# sysctl -p //使配置文件生效 net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0

kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1

error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key error: "net.bridge.bridge-nf-call-iptables" is an unknown key error: "net.bridge.bridge-nf-call-arptables" is an unknown key kernel.msgmnb = 65536

kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_fin_timeout = 2 net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_keepalive_time = 600 net.ipv4.ip_local_port_range = 4000 65000 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_max_tw_buckets = 36000 net.ipv4.route.gc_timeout = 100 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_synack_retries = 1 net.core.somaxconn = 16384 net.core.netdev_max_backlog = 16384 net.ipv4.tcp_max_orphans = 16384

error: "net.ipv4.ip_conntrack_max" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_max" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established" is an unknown key error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait" is an unknown key error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait" is an unknown key //防火 墙未开启报错，不用管,5.8 的话，不会报错