Linux system optimization Parameters

Net.core.wmem_max

Maximum socket write buffer, with reference to the optimized value: 873200

Net.core.rmem_max

Maximum socket read buffer, with reference to optimized values: 873200

Net.ipv4.tcp_wmem

TCP write buffer, reference to optimization values: 8192 436600 873200

Net.ipv4.tcp_rmem

TCP read buffer, reference to optimized values: 32768 436600 873200

Net.ipv4.tcp_mem

There are also 3 values, meaning:

NET.IPV4.TCP_MEM[0]: Below this value, TCP has no memory pressure.

NET.IPV4.TCP_MEM[1]: Under this value, enter the memory pressure phase.

NET.IPV4.TCP_MEM[2]: Above this value, TCP refuses to allocate the socket.

The above-mentioned memory units are pages, not bytes. A reference to the optimization value is: 786432 1048576 1572864

Net.core.netdev_max_backlog

Enter the maximum device queue for the package. The default is 300, which is too low for heavy-duty servers and can be adjusted to 1000

Net.core.somaxconn

The default parameter of Listen (), the maximum number of pending requests. The default is 128. For busy servers, increase this value to help network performance. Adjustable to 256.

Net.core.optmem_max

Maximum initialization value of socket buffer, default 10K

/proc/sys/net/ipv4/tcp_max_syn_backlog

Enter the maximum request queue for the SYN packet. Default 1024. For heavy-duty servers, adjustable to 2048

Net.ipv4.tcp_retries2

TCP failed retransmission, the default value of 15, meaning to focus on 15 times to completely discard. Reduce to 5 and release kernel resources as early as possible.

Net.ipv4.tcp_keepalive_time

Net.ipv4.tcp_keepalive_intvl

Net.ipv4.tcp_keepalive_probes

These 3 parameters are related to TCP keepalive. The default value is:

Tcp_keepalive_time = 7200 seconds (2 hours)

Tcp_keepalive_probes = 9

TCP_KEEPALIVE_INTVL = Seconds

This means that if a TCP connection has been idle for 2 hours, the kernel will not initiate probe. If probe 9 times (75 seconds each) is unsuccessful, the kernel simply abandons it and considers the connection to be invalid. The above values are obviously too large for the server. Can be adjusted to:

Net.ipv4.tcp_keepalive_time 1800

NET.IPV4.TCP_KEEPALIVE_INTVL 30

Net.ipv4.tcp_keepalive_probes 3

Net.ipv4.ip_local_port_range

Specifies a configuration for the port range, which defaults to 32768 61000, which is large enough

Net.ipv4.tcp_syncookies = 1

Indicates that SYN Cookies are turned on. When there is a SYN wait queue overflow, cookies are enabled to protect against a small number of SYN attacks, the default is 0, which means close;

Net.ipv4.tcp_tw_reuse = 1

means to turn on reuse. Allows time-wait sockets to be re-used for new TCP connections, which defaults to 0, which means shutdown;

Net.ipv4.tcp_tw_recycle = 1

Represents a quick recycle of time-wait sockets on a TCP connection, which defaults to 0, which means shutdown.

Net.ipv4.tcp_fin_timeout = 30

Indicates that if the socket is closed by a local requirement, this parameter determines when it remains in the fin-wait-2 state.

Net.ipv4.tcp_keepalive_time = 1200

Indicates the frequency at which TCP sends keepalive messages when KeepAlive is employed. The default is 2 hours, which is changed to 20 minutes.

Net.ipv4.ip_local_port_range = 1024 65000

Represents the range of ports used for an outward connection. Small by default: 32768 to 61000, 1024 to 65000.

Net.ipv4.tcp_max_syn_backlog = 8192

Represents the length of the SYN queue, which defaults to 1024, and a larger queue length of 8192, which can accommodate more network connections waiting to be connected.

Net.ipv4.tcp_max_tw_buckets = 5000

Indicates that the system maintains the maximum number of time_wait sockets at the same time, and if this number is exceeded, the time_wait socket is immediately cleared and a warning message is printed. The default is 180000, which changes to 5000. For Apache, Nginx and other servers, the parameters of the last few lines can be a good way to reduce the number of time_wait sockets, but for squid, the effect is not small. This parameter controls the maximum number of time_wait sockets, preventing squid servers from being dragged to death by a large number of time_wait sockets.

Linux system optimization Parameters