Kernel parameter optimization /etc/sysctl.conf
net.nf_conntrack_max = 65536000
net.netfilter.nf_conntrack_tcp_timeout_established = 1200
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.route.gc_timeout = 100
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_max_syn_backlog = 262144
net.core.netdev_max_backlog = 262144
sysctl: setting key "net.core.somaxconn": Invalid argument
net.core.somaxconn = 262144
net.ipv4.tcp_mem = 94500000 915000000 927000000
# allow testing with buffers up to 128MB net.core.rmem_max = 134217728 net.core.wmem_max = 134217728 # increase Linux autotuning TCP buffer limit to 64MB net.ipv4.tcp_rmem = 4096 87380 67108864 net.ipv4.tcp_wmem = 4096 65536 67108864 # increase the length of the processor input queue net.core.netdev_max_backlog = 250000 # recommended default congestion control is htcp net.ipv4.tcp_congestion_control = htcp # recommended for hosts with jumbo frames enabled net.ipv4.tcp_mtu_probing = 1 net.netfilter.nf_conntrack_max = 2100000 net.netfilter.nf_conntrack_max = 1048576 net.netfilter.ip_conntrack_tcp_timeout_established = 3600 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
Linux TCPIP kernel parameter optimization /proc/sys/net directory All TCP/IP parameters are located in the /proc/sys/net directory (please note that changes to the contents of the /proc/sys/net directory are temporary, and any changes will be lost after a system restart), such as the following Important parameters: Parameters (path + file) describe Defaults optimized value /proc/sys/net/core/rmem_default Default TCP data receive window size (bytes). 229376 256960 /proc/sys/net/core/rmem_max Maximum TCP data receive window (bytes). 131071 513920 /proc/sys/net/core/wmem_default Default TCP data sending window size (bytes). 229376 256960 /proc/sys/net/core/wmem_max Maximum TCP data send window (bytes). 131071 513920 /proc/sys/net/core/netdev_max_backlog The maximum number of packets allowed to be sent to the queue when each network interface is receiving packets faster than the kernel can process them. 1000 2000 /proc/sys/net/core/somaxconn Defines the length of the maximum listening queue for each port in the system, which is a global parameter. 128 2048 /proc/sys/net/core/optmem_max Indicates the maximum buffer size allowed per socket. 20480 81920 /proc/sys/net/ipv4/tcp_mem Determines how the TCP stack should reflect memory usage, each value in units of memory pages (usually 4KB). The first value is the lower limit for memory usage; the second value is the upper limit at which memory pressure mode starts to apply pressure to buffer usage; the third value is the upper limit for memory usage. Packets can be discarded at this level, thereby reducing memory usage. These values can be increased for larger BDPs (note that they are in pages rather than bytes). 94011 125351 188022 131072 262144 524288 /proc/sys/net/ipv4/tcp_rmem Defines the memory used by sockets for automatic tuning. The first value is the minimum number of bytes allocated for the socket receive buffer; the second value is the default value (this value will be overwritten by rmem_default), and the buffer can grow to this value when the system is not under heavy load; The three values are the maximum bytes of receive buffer space (this value will be overwritten by rmem_max). 4096 87380 4011232 8760 256960 4088000 /proc/sys/net/ipv4/tcp_wmem Defines the memory used by sockets for automatic tuning. The first value is the minimum number of bytes allocated for the socket send buffer; the second value is the default value (this value will be overwritten by wmem_default), the buffer can grow to this value when the system load is not heavy; The three values are the maximum number of bytes of send buffer space (this value will be overwritten by wmem_max). 4096 16384 4011232 8760 256960 4088000 /proc/sys/net/ipv4/tcp_keepalive_time The interval (in seconds) for TCP to send keepalive detection messages, which is used to confirm whether the TCP connection is valid. 7200 1800 /proc/sys/net/ipv4/tcp_keepalive_intvl The interval (in seconds) for resending a probe message when it does not get a response. 75 30 /proc/sys/net/ipv4/tcp_keepalive_probes The maximum number of keepalive probe messages sent before the TCP connection is deemed invalid. 9 3 /proc/sys/net/ipv4/tcp_sack Enable selective acknowledgment (1 means enable), which improves performance by selectively acknowledging out-of-order received packets, allowing the sender to send only missing segments, (for WAN traffic) this option should be enabled, But it will increase the CPU usage. 1 1 / proc / sys / net / ipv4 / tcp_fack Enable forwarding acknowledgments, which can perform selective acknowledgment (SACK) to reduce the occurrence of congestion, this option should also be enabled. 1 1 /proc/sys/net/ipv4/tcp_timestamps The TCP timestamp (which adds 12 bytes to the TCP header) enables the calculation of the RTT in a more precise way than the transmit timeout (refer to RFC 1323). This option should be enabled for better performance. 1 1 /proc/sys/net/ipv4/tcp_window_scaling Enable window scaling defined by RFC 1323. To support TCP windows exceeding 64KB, this value must be enabled (1 means enable). The maximum TCP window is 1GB, and it takes effect when both sides of the TCP connection are enabled. 1 1 /proc/sys/net/ipv4/tcp_syncookies Indicates whether to open the TCP synchronization tag (syncookie). The kernel must be compiled with the CONFIG_SYN_COOKIES item turned on. The synchronization tag can prevent a socket from being overloaded when there are too many attempts to connect. 1 1 /proc/sys/net/ipv4/tcp_tw_reuse Indicates whether the socket in the TIME-WAIT state (the port of TIME-WAIT) is allowed to be used for new TCP connections. 0 1 /proc/sys/net/ipv4/tcp_tw_recycle Ability to recycle TIME-WAIT sockets faster. 0 1 /proc/sys/net/ipv4/tcp_fin_timeout The time (in seconds) that TCP remains in the FIN-WAIT-2 state for the socket connection disconnected by the local end. The other party may disconnect or never end the connection or unpredictably process death. 60 30 /proc/sys/net/ipv4/ip_local_port_range Indicates the local port number allowed by the TCP/UDP protocol 32768 61000 1024 65000 /proc/sys/net/ipv4/tcp_max_syn_backlog The maximum number of connection requests that can be stored in the queue for connection requests that have not yet been acknowledged by the other party. If the server is frequently overloaded, try increasing this number. 2048 2048 /proc/sys/net/ipv4/tcp_low_latency To allow the TCP/IP stack to adapt to low latency in high throughput situations, this option should be disabled. 0 /proc/sys/net/ipv4/tcp_westwood Enables a sender-side congestion control algorithm that maintains an estimate of throughput and attempts to optimize overall bandwidth utilization. This option should be enabled for WAN traffic. 0 /proc/sys/net/ipv4/tcp_bic Enable Binary Increase Congestion for fast long distance networks to better utilize links operating at GB speeds, this option should be enabled for WAN traffic. 1 /etc/sysctl.conf file /etc/sysctl.conf is an interface that allows you to make changes to a running Linux system. It contains some advanced options for the TCP/IP stack and virtual memory system, which can be used to control the Linux network configuration. Due to the temporary nature of the contents of the /proc/sys/net directory, it is recommended to add modifications to the TCPIP parameters to the /etc/sysctl.conf file , then save the file and use the command "/sbin/sysctl -p" to make it effective immediately. Refer to the above for the specific modification plan: net.core.rmem_default = 256960 net.core.rmem_max = 513920 net.core.wmem_default = 256960 net.core.wmem_max = 513920 net.core.netdev_max_backlog = 2000 net.core.somaxconn = 2048 net.core.optmem_max = 81920 net.ipv4.tcp_mem = 131072 262144 524288 net.ipv4.tcp_rmem = 8760 256960 4088000 net.ipv4.tcp_wmem = 8760 256960 4088000 net.ipv4.tcp_keepalive_time = 1800 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_sack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_timestamps = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.ip_local_port_range = 1024 65000 net.ipv4.tcp_max_syn_backlog = 2048