One, Tomcat settings
1. Acceptcount
The maximum queue length for incoming connection requests if all possible request processing threads is in use. Any requests received if the queue is full would be refused. The default value is 100.
2. MaxConnections
The maximum number of connections that the server would accept and process at any given time. When this number has been reached, the server would accept, but not process, one further connection. This additional connection is blocked until the number of connections being processed falls below MaxConnections At which point the server would start accepting and processing new connections again. Note that once the limit have been reached, the operating system may still accept connections based on the acceptCount
settin G. the default value varies by connector type. For BIO The default was the value of maxthreads unless an Executor was used in which case the default would be the V Alue of MaxThreads from the executor. For NIO, the default is 10000
. For apr/native, the default is 8192
.
3. Spring Settings
server.tomcat.max-connections=10
server.tomcat.accept-count=10
Or
@Configuration Public classwebserverconfiguration {@Bean Publicembeddedservletcontainerfactory createembeddedservletcontainerfactory () {TOMCATEMBEDDEDSERVLETCONTAINERFAC Tory tomcatfactory=Newtomcatembeddedservletcontainerfactory (); Tomcatfactory.setport (8081); Tomcatfactory.addconnectorcustomizers (NewMytomcatconnectorcustomizer ()); returntomcatfactory; } } classMytomcatconnectorcustomizerImplementsTomcatconnectorcustomizer { Public voidCustomize (Connector Connector) {Http11nioprotocol Protocol=(Http11nioprotocol) Connector.getprotocolhandler (); //set maximum number of connectionsProtocol.setmaxconnections (2000); //set maximum number of threadsProtocol.setmaxthreads (2000); Protocol.setconnectiontimeout (30000); } }
Second, system settings
/etc/sysctl.conf optimized configuration
1 #优化TCP2vi/etc/sysctl.conf3 #禁用包过滤功能4Net.ipv4.ip_forward = 05 #启用源路由核查功能6Net.ipv4.conf.default. Rp_filter = 17 #禁用所有IP源路由8Net.ipv4.conf.default. Accept_source_route = 09 #使用sysrq组合键是了解系统目前运行情况, set to 0 off for security reasonsTenKERNEL.SYSRQ = 0 One #控制core文件的文件名是否添加pid作为扩展 AKernel.core_uses_pid = 1 - #开启SYN cookies, when a SYN wait queue overflows, cookies are enabled to handle -Net.ipv4.tcp_syncookies = 1 the #每个消息队列的大小 (Units: bytes) Limit -KERNEL.MSGMNB = 65536 - #整个系统最大消息队列数量限制 -Kernel.msgmax = 65536 +#单个共享内存段的大小 (units: bytes) limit, calculation formula 64g*1024*1024*1024(bytes) -Kernel.shmmax = 68719476736 +#所有内存大小 (Unit: page, 1 pages = 4Kb), calculation formula 16g*1024*1024*1024/4KB (page) AKernel.shmall = 4294967296 at #timewait的数量, the default is 180000 -Net.ipv4.tcp_max_tw_buckets = 6000 - #开启有选择的应答 -Net.ipv4.tcp_sack = 1 - #支持更大的TCP窗口. If the TCP window is greater than 65535 (64K), you must set the value to 1 -net.ipv4.tcp_window_scaling = 1 in #TCP读buffer -Net.ipv4.tcp_rmem = 4096 131072 1048576 to #TCP写buffer +Net.ipv4.tcp_wmem = 4096 131072 1048576 - #为TCP socket reserved Memory default value (in bytes) for sending buffers theNet.core.wmem_default = 8388608 * Maximum amount of memory (in bytes) #为TCP socket reserved for sending buffers $Net.core.wmem_max = 16777216Panax Notoginseng #为TCP socket reserved Memory default value (in bytes) for receiving buffering -Net.core.rmem_default = 8388608 the Maximum amount of memory (in bytes) #为TCP socket reserved for receiving buffering +Net.core.rmem_max = 16777216 A #每个网络接口接收数据包的速率比内核处理这些包的速率快时, the maximum number of packets that are allowed to be sent to the queue theNet.core.netdev_max_backlog = 262144
+ #web应用中listen函数的backlog默认会给我们内核参数的net. Core.somaxconn is limited to 128, and nginx-defined ngx_listen_backlog defaults to 511, so it is necessary to adjust this value -Net.core.somaxconn = 262144
$ #系统中最多有多少个TCP套接字不被关联到任何一个用户文件句柄上. This limit is only to prevent a simple Dos attack, can not rely too much on it or artificially reduce the value, it should increase this value (if the memory is increased) $Net.ipv4.tcp_max_orphans = 3276800
- #记录的那些尚未收到客户端确认信息的连接请求的最大值. For systems with 128M of memory, the default value is 1024, and the small memory system is -Net.ipv4.tcp_max_syn_backlog = 262144
the #时间戳可以避免序列号的卷绕. A 1Gbps link will definitely encounter a previously used serial number. Timestamps allow the kernel to accept this "exception" packet. You need to turn it off here . -Net.ipv4.tcp_timestamps = 0
Wuyi#为了打开对端的连接, the kernel sends a SYN and comes with an ACK that responds to the previous syn. The second handshake in the so-called three-time handshake. This setting determines whether the kernel sends syn+ before discarding the connectionnumber of ACK packets theNet.ipv4.tcp_synack_retries = 1 - #在内核放弃建立连接之前发送SYN包的数量 WuNet.ipv4.tcp_syn_retries = 1 - Rapid recovery of #开启TCP连接中time_wait sockets AboutNet.ipv4.tcp_tw_recycle = 1 $ #开启TCP连接复用功能, allows time_wait sockets to be re-used for new TCP connections (primarily for time_wait connections) -Net.ipv4.tcp_tw_reuse = 1 - #1st低于此值, TCP has no memory pressure, 2nd enters the memory pressure phase, 3rdTCP refuses to allocate socket (unit: memory page) -Net.ipv4.tcp_mem = 94500000 915000000 927000000 A#如果套接字由本端要求关闭, this parameter determines how long it remains in the fin-wait-2 state. The peer can make an error and never shut down the connection, or even accidentally become a machine. The default value is 60 seconds. 2.2 The normal value of the kernel is 180 seconds, you can press this setting, but keep in mind that even if your machine is a lightweight Web server, there is a risk of memory overflow due to a large number of dead sockets, Fin-wait-2 is more dangerous than fin-wait-1 is small because it can eat up to 1.5K of memory, but they have a longer lifetime. +Net.ipv4.tcp_fin_timeout = 15 the #表示当keepalive起用的时候, the frequency with which TCP sends KeepAlive messages (in seconds) -Net.ipv4.tcp_keepalive_time = 30 $ #对外连接端口范围 theNet.ipv4.ip_local_port_range = 2048 65000 the #表示文件句柄的最大数量 theFs.file-max = 102400
tcp_abort_on_overflow
is a parameter more relevant to the application, when set to 1 o'clock, if the application processing speed is slow, too late to accept the new connection, the system will directly discard the connection, to the end of the send a RST.
/proc/sys/net/core/somaxconn
The meaning of the Tcp_max_syn_backlog parameter is basically the same, specifying the length of the queue that is used to hold the three-time handshake wait accept
, which somaxconn
is the backlog
maximum value that can be set. When the value set in the application is backlog
greater than the somaxconn
parameter, the system silently backlog
decreases to the somaxconn
specified value.
Reference:
The Acceptcount and MaxConnections of Segmentfault:tomcat
Spring:howto-embedded-servlet-containers
Noodles: Some doubts and misunderstandings about Linux TCP
HelloDog:sysctl.conf Learning and Tuning
Spring configuration embedded Tomcat Acceptcount and MaxConnections