"Parameter mentioned herein are Linux kernel parameters related to the IPv4 network, we can append these kernel parameter values in the /etc/sysctl.conf Linux file system, and then use the / sbin / sysctl -p command changes to take effect."
# net.core.netdev_max_backlog
Net.core.netdev_max_backlog parameter indicates when the rate of each fast packet network receiving rate interface than the core processing of these packages, the maximum allowed number of packets sent to the queue. The default value is typically 128. NGX_LISTEN_BACKLOG Nginx server-defined default of 511, we can adjust it:
net.core.netdev_max_backlog = 262144 #2的18次幂
# net.core.somaxconn
Net.core.somaxconn parameters for TCP connections initiated by simultaneously adjusting system, generally is 128. In the presence of high concurrent requests a client, the default value is small, the link could lead to a timeout or retransmission problem, we can combine the number of concurrent requests based on actual needs to adjust this value.
net.core.somaxconn = 262114
# net.ipv4.tcp_max_orphans
Net.ipv4.tcp_max_orphans parameter setting system for the most number of allowed TCP socket is not linked to the presence of any user file handle. More than that, did not immediately reset the TCP socket handle associated user files, also issued a warning, this limitation of knowledge in order to prevent simple DoS (Denial of Service, denial of service) attack, it is generally more abundant in the system memory under the circumstances, it may increase the assignment of this parameter:
net.ipv4.tcp_max_orphans = 262144
# net.ipv4.tcp_max_syn_backlog
Net.ipv4.tcp_max_syn_backlog parameters for recording the client has not received confirmation of the maximum connection request information, for the system has a 128MB memory, the default parameter is 1024 times, for a small memory system is 128 ,. Usually in the case of system memory is relatively abundant, you can turn up the assignment of this parameter:
net.ipv4.tcp_max _syn_backlog = 262114
# net.ipv4.tcp_max_timestamps
Net.ipv4.tcp_max_timestamps parameter used to set the time stamp, sequence number of the winding can be avoided. Link on a 1Gb / s, the probability of experiencing a great serial number previously used, when the assignment is 0, disable support for TCP timestamp, by default, the kernel will accept the TCP protocol "abnormal" packets for Nginx server, it is recommended to turn it off:
net.ipv4.tcp_max_timestamps = 0
# net.ipv4.tcp_synack_retries
Net.ipv4.tcp_synack_retries parameter is used to set the number of cores give up sending SYN + ACK packets before TCP connection to the client, in order to establish a connection to the service side, the server and the client needs to be three-way handshake, during the second handshake, the kernel needs to send SYN and a SYN comes before a response of the ACK, this parameter mainly affects the process, is generally assigned to 1, i.e. the kernel before abandoning transmission a SYN + ACK packet connection, which may be provided as follows:
net.ipv4.tcp_synack_retries = 1
# net.ipv4.tcp_syn_retries
Net.ipv4.tcp_syn_retries parameters with a similar argument, set the kernel to give up the establishment of the number of SYN packets sent before the connection, the same as his assignment and the parameters can be:
net.ipv4.tcp_syn_retries = 1
Content Source: "Nginx high-performance web server explanation"