Linux kernel tuning section parameter description

Net.core.rmem_default = 262144

The default value, in bytes, that receives the socket buffer size.

Net.core.rmem_max = 16777216

The maximum value, in bytes, of the receive socket buffer size.

Net.core.wmem_default = 262144

The default value, in bytes, of the send socket buffer size.

Net.core.wmem_max = 16777216

The maximum value, in bytes, of the send socket buffer size.

Net.core.somaxconn = 262144

To limit the number of maximum packets in the Listening (LISTEN) queue, exceeding this number will cause the link to time out or trigger a retransmission mechanism.

Net.core.netdev_max_backlog = 262144

When a network card receives a packet that is faster than the kernel processing speed, a queue holds the packets. This parameter represents the maximum value of the queue.

Net.ipv4.tcp_max_orphans = 262144

The maximum number of TCP sockets that the system can handle that is not part of any process. If this amount is exceeded, then the connection that is not part of any process is immediately reset and a warning message is displayed. The reason to set this limit is simply to resist those simple Dos attacks, and do not rely on this or artificially reduce the limit.

Net.ipv4.tcp_max_syn_backlog = 262144

Represents the length of the connection (SYN message) queue that has not yet received the client acknowledgment information, which defaults to 1024, and a larger queue length of 262144, which can accommodate more network connections waiting to be connected.

Net.ipv4.tcp_max_tw_buckets = 10000

The maximum number of timewait sockets the system is processing at the same time. If this number is exceeded, the time-wait socket is immediately removed and a warning message is displayed. The reason to set this limit is to protect against simple DoS attacks, but do not artificially reduce this limit, but if the network conditions need to be more than the default value, you can increase it (and perhaps increase the memory).

Net.ipv4.ip_local_port_range = 1024 65500

Allows the system to open a range of ports.

Net.ipv4.tcp_tw_recycle = 1

Enables fast collection of time-wait sockets in TCP connections, which defaults to 0, which means shutdown.

Net.ipv4.tcp_tw_reuse = 1

Indicates whether to allow the re-application of sockets in the Time-wait state for new TCP connections.

Net.ipv4.tcp_syncookies = 1

When a SYN wait queue overflow occurs, cookies are enabled to protect against a small number of SYN attacks, which by default is 0, which means close.

Net.ipv4.tcp_synack_retries = 1

In order to open the connection to the end, the kernel sends a SYN and comes with an ACK that responds to the previous syn. The second handshake in the so-called three-time handshake. This setting determines the number of Syn+ack packets sent before the kernel abandons the connection.

Net.ipv4.tcp_syn_retries = 1

The number of SYN packets sent before the kernel abandons the connection.

Net.ipv4.tcp_fin_timeout = 30

If the socket is closed by the local side, this parameter determines how long it remains in the fin-wait-2 state. The pair can go wrong and never shut down the connection, or even an unplanned outage.

Net.ipv4.tcp_keepalive_time = 600

This parameter indicates the frequency at which TCP sends keepalive messages when KeepAlive is enabled. The default is 2 hours, and if you set it smaller, you can quickly clean up invalid connections.

NET.IPV4.TCP_KEEPALIVE_INTVL = 30

When the probe message is not responding, the time interval (in seconds) for the message to be re-sent.

Net.ipv4.tcp_keepalive_probes = 3

How many TCP keepalive probe packets are sent before the connection is determined to fail. The default value is 9. This value, multiplied by TCP_KEEPALIVE_INTVL, determines how much time a connection can have without a response after sending a keepalive.

Net.ipv4.tcp_mem = 786432 1048576 1572864

Determine how the TCP stack should reflect memory usage, and each value is in a memory page (usually 4KB). The first value is the lower limit for memory usage, and the second value is the upper limit of the applied pressure that the memory pressure pattern begins to use for the buffer, and the third value is the upper limit for memory usage. At this level, messages can be discarded, thereby reducing the use of memory. For larger BDP, these values can be increased (note that the units are in memory pages and not bytes).

FS.AIO-MAX-NR = 1048576

This parameter limits the number of asynchronous requests that are not completed concurrently and should be set to avoid I/O subsystem failures.

Fs.file-max = 6815744

This parameter determines the maximum number of file handles allowed in the system, and the file handle setting represents the number of files that can be opened on the Linux system.

Kernel.sem = 250 32000 100 128

250 is the value of the parameter SEMMSL, which represents the maximum number of semaphores that can be contained in a semaphore collection.

2000 is the value of the parameter Semmns, which indicates the maximum number of semaphores that can be allowed within the system.

100 is the value of the parameter semopm that represents the number of operations that a single semopm () call can perform on a semaphore collection.

128 is the value of the parameter Semmni, which represents the total number of system semaphore sets.

Vm.swappiness = 10

When the free memory is less than 10%, use the disk Swap swap partition, memory speed is significantly higher than the disk an order of magnitude, try to use memory, improve efficiency.

This article is from the "Pine" blog, be sure to keep this source http://dongsong.blog.51cto.com/916653/1631085

Linux kernel tuning section parameter description