-
-
Save vermaslal/843a6333b0152ec5e8430e68908f53c6 to your computer and use it in GitHub Desktop.
Linux kernel tuning settings for large number of concurrent clients Ref: https://tweaked.io/guide/kernel/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Kernel sysctl configuration file for Red Hat Linux | |
# | |
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and | |
# sysctl.conf(5) for more details. | |
# Controls source route verification | |
net.ipv4.conf.default.rp_filter = 1 | |
# Do not accept source routing | |
net.ipv4.conf.default.accept_source_route = 0 | |
# Controls the System Request debugging functionality of the kernel | |
kernel.sysrq = 0 | |
# Controls whether core dumps will append the PID to the core filename. | |
# Useful for debugging multi-threaded applications. | |
kernel.core_uses_pid = 1 | |
# Disable netfilter on bridges. | |
#net.bridge.bridge-nf-call-ip6tables = 0 | |
#net.bridge.bridge-nf-call-iptables = 0 | |
#net.bridge.bridge-nf-call-arptables = 0 | |
# cf. http://www.psc.edu/networking/projects/tcptune/#Linux | |
net.ipv4.ip_forward = 1 | |
net.ipv4.neigh.default.gc_thresh1 = 4096 | |
net.ipv4.neigh.default.gc_thresh2 = 8192 | |
net.ipv4.neigh.default.gc_thresh3 = 16384 | |
net.ipv4.neigh.default.gc_interval = 5 | |
net.ipv4.neigh.default.base_reachable_time = 120 | |
net.ipv4.neigh.default.gc_stale_time = 120 | |
net.ipv4.neigh.default.base_reachable_time = 120 | |
net.ipv4.neigh.default.gc_stale_time = 120 | |
net.core.netdev_max_backlog = 262144 | |
#net.core.rmem_default = 16777216 | |
net.core.somaxconn = 262144 | |
net.netfilter.nf_conntrack_max = 10000000 | |
net.netfilter.nf_conntrack_tcp_timeout_established = 40 | |
net.netfilter.nf_conntrack_tcp_timeout_close = 10 | |
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 10 | |
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 10 | |
net.netfilter.nf_conntrack_tcp_timeout_last_ack = 10 | |
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 10 | |
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 10 | |
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 10 | |
net.ipv4.tcp_fin_timeout = 1 | |
net.ipv4.tcp_max_orphans = 262144 | |
net.ipv4.tcp_max_syn_backlog = 262144 | |
net.ipv4.tcp_rmem = 4096 87380 16777216 | |
net.ipv4.tcp_sack = 0 | |
net.ipv4.tcp_syn_retries = 2 | |
net.ipv4.tcp_synack_retries = 2 | |
net.ipv4.tcp_syncookies = 0 | |
net.ipv4.tcp_timestamps = 0 | |
# Enables fast recycling of TIME_WAIT sockets. | |
# (Use with caution according to the kernel documentation!) | |
net.ipv4.tcp_tw_recycle = 1 | |
net.ipv4.tcp_wmem = 4096 16384 16777216 | |
# Use the full range of ports. | |
net.ipv4.ip_local_port_range = 1024 65535 | |
# Allow reuse of sockets in TIME_WAIT state for new connections | |
# only when it is safe from the network stack’s perspective. | |
net.ipv4.tcp_tw_reuse = 1 | |
# | |
# 16MB per socket - which sounds like a lot, but will virtually never | |
# consume that much. | |
# | |
net.core.rmem_max = 16777216 | |
net.core.wmem_max = 16777216 | |
# Increase the number of outstanding syn requests allowed. | |
# c.f. The use of syncookies. | |
net.ipv4.tcp_max_syn_backlog = 4096 | |
net.ipv4.tcp_syncookies = 1 | |
# The maximum number of "backlogged sockets". Default is 128. | |
net.core.somaxconn = 1024 | |
# The connection timeout | |
net.netfilter.nf_conntrack_tcp_timeout_time_wait=10 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment