Troubleshooting Web (Apache) server time_wait high performance optimization process

Catalogue
1. The hardware environment of the website
2. Modify Httpd.conf
3. Modify the sysctl.conf file
first, the site environment lamp hardware environment
[email protected] conf]# dmidecode-s processor-version
Intel (R) Xeon (r) CPU e3-1270 V2 @ 3.50GHz
four-core eight threads
Memory 32G
[email protected] conf]# free-m
Total used free shared buffers cached
mem:32080 14406 17674 0 189 1905
-/+ buffers/cache:12310 19769
swap:1023 0 1023
HDD for SSD raid10 size 256G

The problem environment is as follows Time_wait 9K, and has been very stable, not round is the peak, or peacetime. have been parked in more than 9K
[[email protected] conf]# netstat-n |awk '/^tcp/{++s[$NF]}end{for (i in S) print I,s[i]} '
Time_wait 9142
FIN_WAIT1 80
Fin_wait2 19
Established 89
SYN_RECV 88
CLOSING 10
Last_ack 3
Here is a step-by-step configuration
Ii. Modification of httpd.conf file
1) Google has some configuration
Reference the next, and then look at the configuration of the next server now sysctl.conf
The following configurations have been found to have been configured
Net.ipv4.tcp_syncookies = 1
Net.ipv4.tcp_tw_reuse = 1
Net.ipv4.tcp_tw_recycle = 1
Net.ipv4.tcp_fin_timeout = 30
Then execute/sbin/sysctl-p to let the parameters take effect.

Net.ipv4.tcp_syncookies = 1 means that Syn Cookies are turned on. When there is a SYN wait queue overflow, cookies are enabled to protect against a small number of SYN attacks, the default is 0, which means close;
Net.ipv4.tcp_tw_reuse = 1 means turn on reuse. Allows time-wait sockets to be re-used for new TCP connections, which defaults to 0, which means shutdown;
Net.ipv4.tcp_tw_recycle = 1 means a fast recycle of time-wait sockets in the TCP connection is turned on, and the default is 0, which means shutdown.
Net.ipv4.tcp_fin_timeout = 30 Modification of the system? Default timeout time
These parameters are similar to the existing parameters of the original system, and should also be from the online CP down
Re-sysctl-p the next, found no effect.
2) Look at the next back end of the Apache configuration parameters
# Apache Conf conf/httpd-wdl.conf
# Created by http://www.wdlinux.cn
# Last Updated 2010.06.01
Timeout 10
KeepAlive OFF
Maxkeepaliverequests 512
KeepAliveTimeout 5
Usecanonicalname OFF
Servertokens Prod
Serversignature OFF
Hostnamelookups OFF
Traceenable off
AddType appliCation/x-httpd-php. php
DirectoryIndex index.html index.php index.htm
This is the original configuration,
The following is the modified configuration
Timeout 10 time that the client connection timed out, this has not changed for the moment
KeepAlive on this give off, in HTTP1.1, a connection can be transmitted multiple times, so that one connection can pass multiple HTTP requests, and then I opened the
Maxkeepaliverequests 100 Set a connection, how many requests can be made, the original is 512 modified 100
KeepAliveTimeout 15 If the server has completed a request, how long does not accept the next request will be disconnected, this setting for 15
Usecanonicalname OFF
Servertokens Prod
Serversignature OFF
Hostnamelookups OFF
Traceenable off
AddType application/x-httpd-php. php
DirectoryIndex index.html index.php index.htm
After modifying these several parameters and then Apachectl graceful, with a little effect
[[email protected] conf]# netstat-n |awk '/^tcp/{++s[$NF]}end{for (i in S) print I,s[i]} '
Time_wait 7594
FIN_WAIT1 84
Fin_wait2 55
Established 848
Syn_recv 21
CLOSING 2
Last_ack 12
[[email protected] conf]# netstat-n |awk '/^tcp/{++s[$NF]}end{for (i in S) print I,s[i]} '
Time_wait 3659
Fin_wait1 33
Fin_wait2 101
Established 754
SYN_RECV 23
CLOSING 3
Last_ack 8
After the above modification, there are some changes, time_wait has dropped to more than 3,000
Third, the eldest brother to help and modified several parameters sysctl.conf
Back to the boss gave two suggestions, modified the next
Net.ipv4.tcp_keepalive_time = 120 changed to 30 to keep the connection time, from 120 to 30
Net.ipv4.tcp_max_tw_buckets = 10000 changed to 100 this is the number of time_wait that set the server to maintain simultaneously

Reset the Ulimit parameter
Cat >>/etc/security/limits.conf<<eof
* Soft Nofile655350
* Hard Nofile 655350
Eof
and Ulimit-shn the next.
Then the number of time_wait is reduced to
[[email protected] conf]# netstat-n |awk '/^tcp/{++s[$NF]}end{for (i in S) print I,s[i]} '
TIME_WAIT 96
FIN_WAIT1 46
Fin_wait2 29
Established 838
SYN_RECV 30
CLOSING 7
Last_ack 3

Troubleshooting Web (Apache) server time_wait High performance tuning process