linux network optimize with sysctl

转载 2007年09月20日 02:31:00
原贴:http://www.fcicq.net/wp/?p=197

linux network optimize with sysctl

<script type="text/javascript"><!-- google_ad_client = "pub-4541717095573647"; google_ad_width = 250; google_ad_height = 250; google_ad_format = "250x250_as"; google_ad_type = "text_image"; //2007-06-10: content google_ad_channel = "2351211918"; google_color_border = "336699"; google_color_bg = "FFFFFF"; google_color_link = "0000FF"; google_color_text = "000000"; google_color_url = "008000"; //--> </script> <script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"> </script> <iframe width="250" scrolling="no" height="250" frameborder="0" allowtransparency="true" hspace="0" vspace="0" marginheight="0" marginwidth="0" src="http://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4541717095573647&amp;dt=1190224319615&amp;lmt=1190224317&amp;format=250x250_as&amp;output=html&amp;correlator=1190224319614&amp;channel=2351211918&amp;url=http%3A%2F%2Fwww.fcicq.net%2Fwp%2F%3Fp%3D197&amp;color_bg=FFFFFF&amp;color_text=000000&amp;color_link=0000FF&amp;color_url=008000&amp;color_border=336699&amp;ad_type=text_image&amp;ref=http%3A%2F%2Fwww.google.cn%2Fsearch%3Fcomplete%3D1%26hl%3Dzh-CN%26ie%3DGB2312%26q%3Dlinux%2Bnet.core.netdev_max_backlog%26btnG%3DGoogle%2B%25CB%25D1%25CB%25F7%26meta%3D&amp;cc=100&amp;ga_vid=1221258047.1190224320&amp;ga_sid=1190224320&amp;ga_hid=1982649358&amp;flash=9&amp;u_h=800&amp;u_w=1280&amp;u_ah=776&amp;u_aw=1280&amp;u_cd=24&amp;u_tz=480&amp;u_his=1&amp;u_nplug=2&amp;u_nmime=3" name="google_ads_frame"></iframe>

Disabling the TCP options reduces the overhead of each TCP packet and might help to get the last few percent of performance out of the server. Be aware that disabling these options most likely decreases performance for high-latency and lossy links.
* net.ipv4.tcp_sack = 0
* net.ipv4.tcp_timestamps = 0

Increasing the TCP send and receive buffers will increase the performance a lot if (and only if) you have a lot of large files to send.

* net.ipv4.tcp_wmem = 4096 65536 524288
* net.core.wmem_max = 1048576

If you have a lot of large file uploads, increasing the receive buffers will help.

* net.ipv4.tcp_rmem = 4096 87380 524288
* net.core.rmem_max = 1048576

# These ensure that TIME_WAIT ports either get reused or closed fast.
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_tw_recycle = 1
# TCP memory
net.core.rmem_max = 16777216
net.core.rmem_default = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144

net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

# you shouldn’t be using conntrack on a heavily loaded server anyway, but these are
# suitably high for our uses, insuring that if conntrack gets turned on, the box doesn’t die
net.ipv4.ip_conntrack_max = 1048576
net.nf_conntrack_max = 1048576

# increase Linux TCP buffer limits
echo 8388608 > /proc/sys/net/core/rmem_max
echo 8388608 > /proc/sys/net/core/wmem_max

# increase Linux autotuning TCP buffer limits
echo "4096 87380 8388608" > /proc/sys/net/ipv4/tcp_rmem
echo "4096 65536 8388608" > /proc/sys/net/ipv4/tcp_wmem

#echo 65536 > /proc/sys/fs/file-max # physical RAM * 256/4

echo "1024 65000" > /proc/sys/net/ipv4/ip_local_port_range

#echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 8192 > /proc/sys/net/ipv4/tcp_max_syn_backlog
# Decrease the time default value for tcp_fin_timeout connection
#echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
#echo 3 > /proc/sys/net/ipv4/tcp_syn_retries
#echo 2 > /proc/sys/net/ipv4/tcp_retries1
# Decrease the time default value for tcp_keepalive_time connection
#echo 1800 >/proc/sys/net/ipv4/tcp_keepalive_time
# Turn off tcp_window_scaling
echo 0 >/proc/sys/net/ipv4/tcp_window_scaling
#echo "67108864" > /proc/sys/kernel/shmmax
# Turn off the tcp_sack
echo 0 >/proc/sys/net/ipv4/tcp_sack # This disables RFC2018 TCP Selective Acknowledgements
#Turn off tcp_timestamps
echo 0 >/proc/sys/net/ipv4/tcp_timestamps # This disables RFC1323 TCP timestamps
echo 5 > /proc/sys/kernel/panic # reboot 5 minutes later then kernel panic

the third:
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_syncookies = 1
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216

Tags: , ,
Bookmark on del.icio.us

« 偶对玄箱(kurobox,玄箱网络硬盘盒)做了什么? | Home | How to Get 1000 Uniques From Google? »

友情提示: 评论在文章中所占比例虽然不大, 但它们是文章重要的组成部分.
今天如果你不收藏,明天文章就可能找不到了.

订阅 (By feedsky) (By feedburner)

<script type="text/javascript"><!-- google_ad_client = "pub-4541717095573647"; google_ad_width = 336; google_ad_height = 280; google_ad_format = "336x280_as"; google_ad_type = "text_image"; //2007-08-19: content-after google_ad_channel = "4456241149"; google_color_border = "336699"; google_color_bg = "FFFFFF"; google_color_link = "0000FF"; google_color_text = "000000"; google_color_url = "008000"; //--> </script> <script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"> </script> <iframe width="336" scrolling="no" height="280" frameborder="0" allowtransparency="true" hspace="0" vspace="0" marginheight="0" marginwidth="0" src="http://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4541717095573647&amp;dt=1190224319657&amp;lmt=1190224317&amp;prev_fmts=250x250_as&amp;format=336x280_as&amp;output=html&amp;correlator=1190224319614&amp;channel=4456241149&amp;url=http%3A%2F%2Fwww.fcicq.net%2Fwp%2F%3Fp%3D197&amp;color_bg=FFFFFF&amp;color_text=000000&amp;color_link=0000FF&amp;color_url=008000&amp;color_border=336699&amp;ad_type=text_image&amp;ref=http%3A%2F%2Fwww.google.cn%2Fsearch%3Fcomplete%3D1%26hl%3Dzh-CN%26ie%3DGB2312%26q%3Dlinux%2Bnet.core.netdev_max_backlog%26btnG%3DGoogle%2B%25CB%25D1%25CB%25F7%26meta%3D&amp;cc=100&amp;ga_vid=1221258047.1190224320&amp;ga_sid=1190224320&amp;ga_hid=1982649358&amp;flash=9&amp;u_h=800&amp;u_w=1280&amp;u_ah=776&amp;u_aw=1280&amp;u_cd=24&amp;u_tz=480&amp;u_his=1&amp;u_nplug=2&amp;u_nmime=3" name="google_ads_frame"></iframe>

4 Comments »

  1. fcicq said,

    July 29, 2007 @ 14:07:35

    Lot of tuning

    # Disables packet forwarding
    net.ipv4.ip_forward = 0
    # Enables source route verification
    net.ipv4.conf.default.rp_filter = 1
    # Disables the magic-sysrq key
    kernel.sysrq = 0
    # Decrease the time default value for tcp_fin_timeout connection
    net.ipv4.tcp_fin_timeout = 25
    # Decrease the time default value for tcp_keepalive_time connection
    net.ipv4.tcp_keepalive_time = 3600
    # Turn on the tcp_window_scaling
    net.ipv4.tcp_window_scaling = 1
    # Turn on the tcp_sack
    net.ipv4.tcp_sack = 1
    # tcp_fack should be on because of sack
    net.ipv4.tcp_fack = 1
    # Turn on the tcp_timestamps
    net.ipv4.tcp_timestamps = 1
    # Enable TCP SYN Cookie Protection
    net.ipv4.tcp_syncookies = 1
    # Enable ignoring broadcasts request
    net.ipv4.icmp_echo_ignore_broadcasts = 1
    # Disable ICMP Redirect Acceptance
    net.ipv4.conf.all.accept_redirects = 0
    # Enable bad error message Protection
    net.ipv4.icmp_ignore_bogus_error_responses = 1
    # Don’t Log Spoofed Packets, Source Routed Packets, Redirect Packets
    net.ipv4.conf.all.log_martians = 0
    # Make more local ports available
    net.ipv4.ip_local_port_range = 1024 65000
    # Increase maximum amount of memory allocated to shm
    kernel.shmmax = 1073741824
    # Improve file system performance
    vm.bdflush = 100 1200 128 512 15 5000 500 1884 2
    # This will increase the amount of memory available for socket input/output queues
    net.ipv4.tcp_rmem = 4096 25165824 25165824
    net.core.rmem_max = 25165824
    net.core.rmem_default = 25165824
    net.ipv4.tcp_wmem = 4096 65536 25165824
    net.core.wmem_max = 25165824
    net.core.wmem_default = 65536
    net.core.optmem_max = 25165824

    # If you are feeling daring, you can also use these settings below, otherwise just remove them. (Should increase performance)

    net.core.netdev_max_backlog = 2500
    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_tw_reuse = 1

  2. fcicq said,

    July 29, 2007 @ 14:07:59

    net.ipv4.tcp_rmem = 4096 25165824 25165824
    net.core.rmem_max = 25165824
    net.core.rmem_default = 25165824
    net.ipv4.tcp_wmem = 4096 65536 25165824
    net.core.wmem_max = 25165824
    net.core.wmem_default = 65536

  3. fcicq said,

    July 29, 2007 @ 14:08:29

    # Disables packet forwarding
    net.ipv4.ip_forward=0

    # Disables IP source routing
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.lo.accept_source_route = 0
    net.ipv4.conf.eth0.accept_source_route = 0
    net.ipv4.conf.default.accept_source_route = 0

    # Enable IP spoofing protection, turn on source route verification
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.lo.rp_filter = 1
    net.ipv4.conf.eth0.rp_filter = 1
    net.ipv4.conf.default.rp_filter = 1

    # Disable ICMP Redirect Acceptance
    net.ipv4.conf.all.accept_redirects = 0
    net.ipv4.conf.lo.accept_redirects = 0
    net.ipv4.conf.eth0.accept_redirects = 0
    net.ipv4.conf.default.accept_redirects = 0

    # Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
    net.ipv4.conf.all.log_martians = 0
    net.ipv4.conf.lo.log_martians = 0
    net.ipv4.conf.eth0.log_martians = 0

    # Disables IP source routing
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.lo.accept_source_route = 0
    net.ipv4.conf.eth0.accept_source_route = 0
    net.ipv4.conf.default.accept_source_route = 0

    # Enable IP spoofing protection, turn on source route verification
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.lo.rp_filter = 1
    net.ipv4.conf.eth0.rp_filter = 1
    net.ipv4.conf.default.rp_filter = 1

    # Disable ICMP Redirect Acceptance
    net.ipv4.conf.all.accept_redirects = 0
    net.ipv4.conf.lo.accept_redirects = 0
    net.ipv4.conf.eth0.accept_redirects = 0
    net.ipv4.conf.default.accept_redirects = 0

    # Disables the magic-sysrq key
    kernel.sysrq = 0

    # Decrease the time default value for tcp_fin_timeout connection
    net.ipv4.tcp_fin_timeout = 15

    # Decrease the time default value for tcp_keepalive_time connection
    net.ipv4.tcp_keepalive_time = 1800

    # Turn off the tcp_window_scaling
    net.ipv4.tcp_window_scaling = 0

    # Turn off the tcp_sack
    net.ipv4.tcp_sack = 0

    # Turn off the tcp_timestamps
    net.ipv4.tcp_timestamps = 0

    # Enable TCP SYN Cookie Protection
    net.ipv4.tcp_syncookies = 1

    # Enable ignoring broadcasts request
    net.ipv4.icmp_echo_ignore_broadcasts = 1

    # Enable bad error message Protection
    net.ipv4.icmp_ignore_bogus_error_responses = 1

    # Log Spoofed Packets, Source Routed Packets, Redirect Packets
    net.ipv4.conf.all.log_martians = 1

    # Increases the size of the socket queue (effectively, q0).
    net.ipv4.tcp_max_syn_backlog = 1024

    # Increase the tcp-time-wait buckets pool size
    net.ipv4.tcp_max_tw_buckets = 1440000

    # Allowed local port range
    net.ipv4.ip_local_port_range = 16384 65536

  4. fcicq said,

    July 30, 2007 @ 14:50:16

    配置Linux内核如何更新dirty buffers到磁盘。
    当缓冲区内的数据完全dirty,使用:sysctl -w vm.bdflush=”30 500 0 0 500 3000 60 20 0″
    vm.bdflush有9个参数,但是建议只改变其中的3个:
    1 nfract, 为排队写入磁盘前,bdflush daemon允许的缓冲区最大百分比
    2 ndirty, 为bdflush即刻写的最大缓冲区的值。如果这个值很大,bdflush需要更多的时间完成磁盘的数据更新。
    7 nfract_sync, 发生同步前,缓冲区变dirty的最大百分比。
    配置kswapd daemon,指定Linux的内存交换页数量
    sysctl -w vm.kswapd=”1024 32 64″
    三个参数的描述如下:
    – tries_base 相当于内核每次所交换的“页”的数量的四倍。对于有很多交换信息的系统,增加这个值可以改进性能。
    – tries_min 是每次kswapd swaps出去的pages的最小数量。
    – swap_cluster 是kswapd 即刻写如的pages数量。数值小,会提高磁盘I/O的性能;数值大可能也会对请求队列产生负面影响。
    如果要对这些参数进行改动,请使用工具vmstat检查对性能的影响。其它可以改进性能的虚拟内存参数为:
    _ buffermem
    _ freepages
    _ overcommit_memory
    _ page-cluster
    _ pagecache
    _ pagetable_cache

· TrackBack URI

 

相关文章推荐

How to configure Virtual Network Computing (VNC) to work with Red Hat Enterprise Linux?

问题 How to configure Virtual Network Computing (VNC) to work with Red Hat Enterprise Linux? ...

用闭包优化Python程序 optimize-python-with-closures

Optimize Python with Closures Dan Crosta This article is cross-posted on my personal blog, late.am....

linux sysctl

  • 2011年08月25日 21:18
  • 7KB
  • 下载

Android Layout Tricks #3: Optimize with stubs(Android 布局技巧3:使用stub优化)

30 March 2009 Android Layout Tricks #3: Optimize with stubs http://android-developers.blogsp...

How to Create and Optimize Sprite Sheets in Cocos2D with Texture Packer and Pixel Formats

How to Create and Optimize Sprite Sheets in Cocos2D with Texture Packer and Pixel FormatsLike this p...

sublime_text_2.0.2_2221.linux.optimize.x32

  • 2014年10月08日 13:33
  • 5.85MB
  • 下载

Linux下清除缓存 drop_caches,sysctl(备忘)

1. 用命令 free -m 查看一下内存的使用情况: 然后清除缓存后再来查看一下内存的使用情况: 前后对比可发现,缓存由之前的110M缩小到了25M,效果比较明显。 2. 下面说一下 d...
  • Sky_qing
  • Sky_qing
  • 2013年05月29日 13:19
  • 18647

linux内核 与 web服务器 相关的某些参数(sysctl)

缘由 昨天,深入理解ng

Apache Web Server性能测试中大量TIME_WAIT解决方法 及 Linux sysctl.conf 优化解决方案

Background: ADF-FR / RR   ST/PT 测试时调整的参数。 今天早上一上班,有同事就反映公司好几个网站都打不开,登陆数据库 服务器(windows),发...

linux sysctl.conf中相关重要设定的详细说明

$ /proc/sys/net/core/wmem_max 最大socket写buffer,可参考的优化值:873200 $ /proc/sys/net/core/rmem_max 最大...
  • pestd
  • pestd
  • 2011年10月03日 13:56
  • 287
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:linux network optimize with sysctl
举报原因:
原因补充:

(最多只允许输入30个字)