Created
April 29, 2020 01:39
-
-
Save lesstif/238c74352f63b13c9ec7c116528d0734 to your computer and use it in GitHub Desktop.
네트워크 서버를 위한 linux kernel parameter 설정
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# sysctl settings are defined through files in | |
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/. | |
# | |
# Vendors settings live in /usr/lib/sysctl.d/. | |
# To override a whole file, create a new file with the same in | |
# /etc/sysctl.d/ and put new settings there. To override | |
# only specific settings, add a file with a lexically later | |
# name in /etc/sysctl.d/ and put new settings there. | |
# | |
# For more information, see sysctl.conf(5) and sysctl.d(5). | |
vm.overcommit_memory = 1 | |
# Configuration file for runtime kernel parameters. | |
# See sysctl.conf(5) for more information. | |
# See also http://www.nateware.com/linux-network-tuning-for-2013.html for | |
# an explanation about some of these parameters, and instructions for | |
# a few other tweaks outside this file. Increasing the TCP congestion | |
# window is particularly important. | |
# Protection from SYN flood attack. | |
# net.ipv4.tcp_syncookies = 1 | |
# See evil packets in your logs. | |
net.ipv4.conf.all.log_martians = 1 | |
# Discourage Linux from swapping idle server processes to disk (default = 60) | |
vm.swappiness = 10 | |
# Be less aggressive about reclaiming cached directory and inode objects | |
# in order to improve filesystem performance. | |
vm.vfs_cache_pressure = 50 | |
# Tweak how the flow of kernel messages is throttled. | |
#kernel.printk_ratelimit_burst = 10 | |
#kernel.printk_ratelimit = 5 | |
# -------------------------------------------------------------------- | |
# The following allow the server to handle lots of connection requests | |
# -------------------------------------------------------------------- | |
# Increase number of incoming connections that can queue up | |
# before dropping | |
net.core.somaxconn = 65535 | |
# Handle SYN floods and large numbers of valid HTTPS connections | |
net.ipv4.tcp_max_syn_backlog = 30000 | |
# Increase the length of the network device input queue | |
net.core.netdev_max_backlog = 5000 | |
# Increase system file descriptor limit so we will (probably) | |
# never run out under lots of concurrent requests. | |
# (Per-process limit is set in /etc/security/limits.conf) | |
fs.file-max = 100000 | |
# Widen the port range used for outgoing connections | |
net.ipv4.ip_local_port_range = 10000 65000 | |
# If your servers talk UDP, also up these limits | |
net.ipv4.udp_rmem_min = 8192 | |
net.ipv4.udp_wmem_min = 8192 | |
# -------------------------------------------------------------------- | |
# The following help the server efficiently pipe large amounts of data· | |
# -------------------------------------------------------------------- | |
# Disable source routing and redirects | |
net.ipv4.conf.all.send_redirects = 0 | |
net.ipv4.conf.all.accept_redirects = 0 | |
net.ipv4.conf.all.accept_source_route = 0 | |
# Disable packet forwarding. | |
net.ipv4.ip_forward = 0 | |
net.ipv6.conf.all.forwarding = 0 | |
# Disable TCP slow start on idle connections | |
net.ipv4.tcp_slow_start_after_idle = 0 | |
# Increase Linux autotuning TCP buffer limits | |
# Set max to 16MB for 1GE and 32M (33554432) or 54M (56623104) for 10GE | |
# Don't set tcp_mem itself! Let the kernel scale it based on RAM. | |
# net.core.rmem_max = 16777216 | |
# net.core.wmem_max = 16777216 | |
# net.core.rmem_default = 16777216 | |
# net.core.wmem_default = 16777216 | |
# net.core.optmem_max = 40960 | |
# net.ipv4.tcp_rmem = 4096 87380 16777216 | |
# net.ipv4.tcp_wmem = 4096 65536 16777216 | |
# -------------------------------------------------------------------- | |
# The following allow the server to handle lots of connection churn | |
# -------------------------------------------------------------------- | |
# Disconnect dead TCP connections after 1 minute | |
net.ipv4.tcp_keepalive_time = 60 | |
# Wait a maximum of 5 * 2 = 10 seconds in the TIME_WAIT state after a FIN, to handle | |
# any remaining packets in the network.· | |
# net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 5 | |
# Allow a high number of timewait sockets | |
net.ipv4.tcp_max_tw_buckets = 2000000 | |
# Timeout broken connections faster (amount of time to wait for FIN) | |
net.ipv4.tcp_fin_timeout = 10 | |
# Let the networking stack reuse TIME_WAIT connections when it thinks it's safe to do so | |
net.ipv4.tcp_tw_reuse = 1 | |
# Determines the wait time between isAlive interval probes (reduce from 75 sec to 15) | |
net.ipv4.tcp_keepalive_intvl = 15 | |
# Determines the number of probes before timing out (reduce from 9 sec to 5 sec) | |
net.ipv4.tcp_keepalive_probes = 5 | |
########### | |
# Oracle Database 11g Express Edition Recommended Values | |
kernel.sem = 250 32000 100 128 | |
fs.file-max = 6815744 | |
######## |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment