Linux kernel performance optimization

– Kernel optimization starts —

\# Restart automatically after 1 second when kernel panic occurs

kernel.panic = 1

\# Allows more PIDs (less rolled-out issues); may break some programs 32768

kernel.pid_max = 32768

\# Maximum shared memory segment size allowed by the kernel (bytes)

kernel.shmmax = 4294967296

\# Total amount of shared memory available on the system at any given time (pages)

kernel.shmall = 1073741824

\# Set the file name format generated by the program core

kernel.core_pattern = core_%e

\# Automatically converts to panic when oom occurs

vm.panic_on_oom = 1

\# specifies the minimum amount of free memory that Linux VMS are forced to retain (Kbytes)

vm.min_free_kbytes = 1048576

\# A value above 100 will cause the kernel to tend to reclaim the directory and inode cache

vm.vfs_cache_pressure = 250

\# indicates the degree to which the system performs the switching behavior; the higher the value (0-100), the more likely a disk swap will occur

vm.swappiness = 20

\# Use only 10% as system cache

vm.dirty_ratio = 10

\# Added system file descriptor limit 2^20-1

fs.file-max = 1048575

\# Network layer optimization

The default parameter for \# listen(), the maximum number of pending requests, defaults to 128

net.core.somaxconn = 1024

\# Added Linux to automatically adjust TCP buffer limits

net.core.wmem\_default = 8388608
net.core.rmem\_default = 8388608
net.core.rmem\_max = 16777216
net.core.wmem\_max = 16777216

\# Maximum device queue to enter a packet. The default is 300

net.core.netdev_max_backlog = 2000

\# Enable SYN flood attack protection

net.ipv4.tcp_syncookies = 1

\# Enable and log spoofing, source routing and redirection packets

net.ipv4.conf.all.log\_martians = 1
net.ipv4.conf.default.log\_martians = 1

\# Processes packets that are passively routed

net.ipv4.conf.all.accept\_source\_route = 0
net.ipv4.conf.default.accept\_source\_route = 0

\# Enable reverse path filtering

net.ipv4.conf.all.rp\_filter = 1
net.ipv4.conf.default.rp\_filter = 1

\# Ensure that no one can modify the routing table

net.ipv4.conf.all.accept\_redirects = 0
net.ipv4.conf.default.accept\_redirects = 0
net.ipv4.conf.all.secure\_redirects = 0
net.ipv4.conf.default.secure\_redirects = 0

\# Added system IP port limit

net.ipv4.ip_local_port_range = 9000 65533

\# TTL

net.ipv4.ip_default_ttl = 64

\# Increase the TCP maximum buffer size

net.ipv4.tcp\_rmem = 4096 87380 8388608
net.ipv4.tcp\_wmem = 4096 32768 8388608

\# Tcp automatic window

net.ipv4.tcp_window_scaling = 1

\# Enter the maximum request queue for SYN packets. The default is 1024

net.ipv4.tcp_max_syn_backlog = 8192

\# Turn on time-wait socket reuse, which is very effective for Web servers with a large number of connections.

net.ipv4.tcp\_tw\_recycle = 1 
net.ipv4.tcp\_tw\_reuse = 0

\# indicates whether to enable the calculation of RTT in a more precise way than timeout resend (see RFC 1323); This option should be enabled for better performance

net.ipv4.tcp_timestamps = 0

\# Indicates the number of times a TCP SYN connection is timeout retransmitted

net.ipv4.tcp\_syn\_retries = 2
net.ipv4.tcp\_synack\_retries = 2

\# Reduces the time spent in fin-waIT-2 connection state, allowing the system to handle more connections.

net.ipv4.tcp_fin_timeout = 10

# Reduce the time for TCP KeepAlive connection detection, allowing the system to handle more connections.

\# If a TCP connection is idle for 300 seconds, the kernel initiates a probe. If the probe fails two times (2 seconds each), the kernel gives up completely and considers the connection invalid.

net.ipv4.tcp\_keepalive\_time = 300 
net.ipv4.tcp\_keepalive\_probes = 2
net.ipv4.tcp\_keepalive\_intvl = 2

The maximum number of TCP Sockets that the system can handle that are not part of any process

net.ipv4.tcp_max_orphans = 262144

\# The system also maintains a maximum number of TIME\_WAIT sockets. If this number is exceeded, the TIME\_WAIT socket is immediately cleared and a warning message is printed.

net.ipv4.tcp_max_tw_buckets = 20000

\# arp\_table cache limit optimized

net.ipv4.neigh.default.gc\_thresh1 = 128
net.ipv4.neigh.default.gc\_thresh2 = 512
net.ipv4.neigh.default.gc\_thresh3 = 4096

— End of kernel optimization — —

For more information about Linux kernel parameters, see:

http://yangrong.blog.51cto.co…

Linux kernel performance optimization

Linux kernel performance optimization

– Kernel optimization starts —

— End of kernel optimization — —

Related Posts

A young AI fanatic who came out of junior college with no “degree” in technology

Date command for Linux

Install Maven under Linux