Skip to content

Instantly share code, notes, and snippets.

@samvignoli
Last active December 2, 2015 12:26
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save samvignoli/e88896628fd1d5849012 to your computer and use it in GitHub Desktop.
#!/bin/bash -e
#sugestoes do vital
echo "86400" > /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_established
echo "40000" > /sys/module/nf_conntrack/parameters/hashsize
#nf_conntrack
echo 0 > /proc/sys/net/netfilter/nf_conntrack_checksum
echo 500000 > /proc/sys/net/netfilter/nf_conntrack_max
echo 0 > /proc/sys/net/netfilter/nf_conntrack_events
echo "1024" > /proc/sys/net/core/somaxconn
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "4096 87380 16777216" > /proc/sys/net/ipv4/tcp_rmem
echo "4096 65536 16777216" > /proc/sys/net/ipv4/tcp_wmem
echo "0" > /proc/sys/net/ipv4/tcp_timestamps
echo "30" > /proc/sys/net/ipv4/tcp_fin_timeout
echo "5" > /proc/sys/net/ipv4/tcp_keepalive_probes
echo "15" > /proc/sys/net/ipv4/tcp_keepalive_intvl
echo "16777216" > /proc/sys/net/core/wmem_max
echo "32784" > /proc/sys/net/core/netdev_max_backlog
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "1024 65535" > /proc/sys/net/ipv4/ip_local_port_range
echo "4096" > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo "3221039" > /proc/sys/fs/file-max
@vitalbh
Copy link

vitalbh commented Dec 1, 2015

comparando com algumas modificações q fiz na vega

faltando aumentar o hashsize (hashsize = nf_conntrack_max / 8)
echo "40000" > /sys/module/nf_conntrack/parameters/hashsize

diminuir ttl TCP-session (default 5 dias)
echo "86400" > /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_established

http://antmeetspenguin.blogspot.com.br/2011/01/high-performance-linux-router.html

@samvignoli
Copy link
Author

Adicionei, valeu! Notei que algumas máquinas não tinham esse módulo do kernel. Será que é melhor que ele não esteja habilitado?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment