Kernel parameter optimization /etc/sysctl.conf
net.nf_conntrack_max = 65536000
net.netfilter.nf_conntrack_tcp_timeout_established = 1200
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.route.gc_timeout = 100
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_max_syn_backlog = 262144
net.core.netdev_max_backlog = 262144
sysctl: setting key "net.core.somaxconn": Invalid argument
net.core.somaxconn = 262144
net.ipv4.tcp_mem = 94500000 915000000 927000000
# allow testing with buffers up to 128MB net.core.rmem_max = 134217728 net.core.wmem_max = 134217728 # increase Linux autotuning TCP buffer limit to 64MB net.ipv4.tcp_rmem = 4096 87380 67108864 net.ipv4.tcp_wmem = 4096 65536 67108864 # increase the length of the processor input queue net.core.netdev_max_backlog = 250000 # recommended default congestion control is htcp net.ipv4.tcp_congestion_control = htcp # recommended for hosts with jumbo frames enabled net.ipv4.tcp_mtu_probing = 1 net.netfilter.nf_conntrack_max = 2100000 net.netfilter.nf_conntrack_max = 1048576 net.netfilter.ip_conntrack_tcp_timeout_established = 3600 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
Linux TCPIP kernel parameter optimization
/proc/sys/net directory
All TCP/IP parameters are located in the /proc/sys/net directory (please note that changes to the contents of the /proc/sys/net directory are temporary, and any changes will be lost after a system restart), such as the following Important parameters:
Parameters (path + file)
describe
Defaults
optimized value
/proc/sys/net/core/rmem_default
Default TCP data receive window size (bytes).
229376
256960
/proc/sys/net/core/rmem_max
Maximum TCP data receive window (bytes).
131071
513920
/proc/sys/net/core/wmem_default
Default TCP data sending window size (bytes).
229376
256960
/proc/sys/net/core/wmem_max
Maximum TCP data send window (bytes).
131071
513920
/proc/sys/net/core/netdev_max_backlog
The maximum number of packets allowed to be sent to the queue when each network interface is receiving packets faster than the kernel can process them.
1000
2000
/proc/sys/net/core/somaxconn
Defines the length of the maximum listening queue for each port in the system, which is a global parameter.
128
2048
/proc/sys/net/core/optmem_max
Indicates the maximum buffer size allowed per socket.
20480
81920
/proc/sys/net/ipv4/tcp_mem
Determines how the TCP stack should reflect memory usage, each value in units of memory pages (usually 4KB). The first value is the lower limit for memory usage; the second value is the upper limit at which memory pressure mode starts to apply pressure to buffer usage; the third value is the upper limit for memory usage. Packets can be discarded at this level, thereby reducing memory usage. These values can be increased for larger BDPs (note that they are in pages rather than bytes).
94011 125351 188022
131072 262144 524288
/proc/sys/net/ipv4/tcp_rmem
Defines the memory used by sockets for automatic tuning. The first value is the minimum number of bytes allocated for the socket receive buffer; the second value is the default value (this value will be overwritten by rmem_default), and the buffer can grow to this value when the system is not under heavy load; The three values are the maximum bytes of receive buffer space (this value will be overwritten by rmem_max).
4096 87380 4011232
8760 256960 4088000
/proc/sys/net/ipv4/tcp_wmem
Defines the memory used by sockets for automatic tuning. The first value is the minimum number of bytes allocated for the socket send buffer; the second value is the default value (this value will be overwritten by wmem_default), the buffer can grow to this value when the system load is not heavy; The three values are the maximum number of bytes of send buffer space (this value will be overwritten by wmem_max).
4096 16384 4011232
8760 256960 4088000
/proc/sys/net/ipv4/tcp_keepalive_time
The interval (in seconds) for TCP to send keepalive detection messages, which is used to confirm whether the TCP connection is valid.
7200
1800
/proc/sys/net/ipv4/tcp_keepalive_intvl
The interval (in seconds) for resending a probe message when it does not get a response.
75
30
/proc/sys/net/ipv4/tcp_keepalive_probes
The maximum number of keepalive probe messages sent before the TCP connection is deemed invalid.
9
3
/proc/sys/net/ipv4/tcp_sack
Enable selective acknowledgment (1 means enable), which improves performance by selectively acknowledging out-of-order received packets, allowing the sender to send only missing segments, (for WAN traffic) this option should be enabled, But it will increase the CPU usage.
1
1
/ proc / sys / net / ipv4 / tcp_fack
Enable forwarding acknowledgments, which can perform selective acknowledgment (SACK) to reduce the occurrence of congestion, this option should also be enabled.
1
1
/proc/sys/net/ipv4/tcp_timestamps
The TCP timestamp (which adds 12 bytes to the TCP header) enables the calculation of the RTT in a more precise way than the transmit timeout (refer to RFC 1323). This option should be enabled for better performance.
1
1
/proc/sys/net/ipv4/tcp_window_scaling
Enable window scaling defined by RFC 1323. To support TCP windows exceeding 64KB, this value must be enabled (1 means enable). The maximum TCP window is 1GB, and it takes effect when both sides of the TCP connection are enabled.
1
1
/proc/sys/net/ipv4/tcp_syncookies
Indicates whether to open the TCP synchronization tag (syncookie). The kernel must be compiled with the CONFIG_SYN_COOKIES item turned on. The synchronization tag can prevent a socket from being overloaded when there are too many attempts to connect.
1
1
/proc/sys/net/ipv4/tcp_tw_reuse
Indicates whether the socket in the TIME-WAIT state (the port of TIME-WAIT) is allowed to be used for new TCP connections.
0
1
/proc/sys/net/ipv4/tcp_tw_recycle
Ability to recycle TIME-WAIT sockets faster.
0
1
/proc/sys/net/ipv4/tcp_fin_timeout
The time (in seconds) that TCP remains in the FIN-WAIT-2 state for the socket connection disconnected by the local end. The other party may disconnect or never end the connection or unpredictably process death.
60
30
/proc/sys/net/ipv4/ip_local_port_range
Indicates the local port number allowed by the TCP/UDP protocol
32768 61000
1024 65000
/proc/sys/net/ipv4/tcp_max_syn_backlog
The maximum number of connection requests that can be stored in the queue for connection requests that have not yet been acknowledged by the other party. If the server is frequently overloaded, try increasing this number.
2048
2048
/proc/sys/net/ipv4/tcp_low_latency
To allow the TCP/IP stack to adapt to low latency in high throughput situations, this option should be disabled.
0
/proc/sys/net/ipv4/tcp_westwood
Enables a sender-side congestion control algorithm that maintains an estimate of throughput and attempts to optimize overall bandwidth utilization. This option should be enabled for WAN traffic.
0
/proc/sys/net/ipv4/tcp_bic
Enable Binary Increase Congestion for fast long distance networks to better utilize links operating at GB speeds, this option should be enabled for WAN traffic.
1
/etc/sysctl.conf file
/etc/sysctl.conf is an interface that allows you to make changes to a running Linux system. It contains some advanced options for the TCP/IP stack and virtual memory system, which can be used to control the Linux network configuration. Due to the temporary nature of the contents of the /proc/sys/net directory, it is recommended to add modifications to the TCPIP parameters to the /etc/sysctl.conf file , then save the file and use the command "/sbin/sysctl -p" to make it effective immediately. Refer to the above for the specific modification plan:
net.core.rmem_default = 256960
net.core.rmem_max = 513920
net.core.wmem_default = 256960
net.core.wmem_max = 513920
net.core.netdev_max_backlog = 2000
net.core.somaxconn = 2048
net.core.optmem_max = 81920
net.ipv4.tcp_mem = 131072 262144 524288
net.ipv4.tcp_rmem = 8760 256960 4088000
net.ipv4.tcp_wmem = 8760 256960 4088000
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_max_syn_backlog = 2048