52AV手機A片王|52AV.ONE
標題:
Linux 硬體最佳化的調整 ---- 微調sysctl.conf
[打印本頁]
作者:
IT_man
時間:
2017-8-28 11:01
標題:
Linux 硬體最佳化的調整 ---- 微調sysctl.conf
Linux 預設是沒有下述的調整,因此我們必須進行最佳化的調整:
$ v+ M( W% j+ w( L* E7 f$ z
% Y+ \; t/ W5 \
#vi /etc/sysctl.conf
5 W- r4 y$ m% u7 Q( ~6 I7 l4 h# J& v
### 改進系統記憶體管理 ###
4 r0 a! Y$ @1 K6 m: _. G# u3 Z b
+ {8 L. L) S; _7 H( k& @( ?
, w# b3 a" `9 D; @0 V5 J, y- O% U
# 加大檔案處理及inode快取
3 |$ x- _, s4 i' P
fs.file-max = 2097152
/ `- T% B1 ~3 n6 W
( S9 ]' |( \7 `. L
8 y4 D% \9 f+ m
# 較少的交換
4 K9 F6 B/ i9 J9 [
vm.swappiness = 10
: p. L, ?' S. O! ]
vm.dirty_ratio = 60
. S, X& e+ |1 e6 t( K7 y: x+ e
vm.dirty_background_ratio = 2
" C$ K8 Y7 \, p% r( {
6 U0 O/ {) z: _5 _# ?
" a$ x% Z q% {: a$ ?
### 一般的網路安全選項 ###
; @, d) c8 C# ~, I# S( k4 O
% K9 H+ b) R: e3 ~2 q/ E
* V& p+ r7 j6 a {8 j% Z) J
# 被動(passive)TCP連接的SYNACKs次數
9 [: N5 ~) ]/ j1 N! ~
net.ipv4.tcp_synack_retries = 2
* A6 Y; @: t. ^
1 } @! T- u8 F0 f; m' x9 d
9 P# d: h I! I! {
# 允許本機網路連接阜範圍
2 i; f& y3 y4 a. Z) u. }$ S
net.ipv4.ip_local_port_range = 2000 65535
( K3 q4 J9 J' {* v& `
2 V/ A$ j% }+ v; w/ f- [8 U. I) L
9 o7 C- ?( q' S0 G. a
# 反制TCP Time-Wait的保護
& A# ~. y5 f3 A3 Z7 L& O1 p7 Q
net.ipv4.tcp_rfc1337 = 1
0 ~- v4 \* c/ v7 \" g' s! R: A
/ N6 r# ], B4 G/ s; F' w
, E Q6 ]( i0 s+ [ \
# 降低對 tcp_fin_timeout connection 時間的預設值
. a+ B4 v! P3 b: b4 Z! w' I% z
net.ipv4.tcp_fin_timeout = 15
! D! }/ z& r* i8 ]
9 S" w6 A6 j) h& K4 _
8 C: B" ^1 w3 E4 p5 {
# 降低連線存活時間的預設值
: X: A( A$ c( C K* E8 z
net.ipv4.tcp_keepalive_time = 300
D; z1 W2 c) J5 z* d+ \
net.ipv4.tcp_keepalive_probes = 5
; M: W8 `$ M3 q: I9 c2 H; U
net.ipv4.tcp_keepalive_intvl = 15
( I# Z+ ]9 y* b+ N
9 Y- {: Q# k X: H* _- g
0 J) p: B5 s o5 l/ M# Z
### 調整網路效能 ###
2 S9 v3 C4 U0 M- U
' {9 _' }/ q( k0 q1 G, O
. C5 U4 p) ]3 L( T1 d2 Z# J: V* a3 k
# 預設的Socket接收緩存
- Y' q/ i6 e/ a, X$ c, \) Y
net.core.rmem_default = 31457280
- K! A: j& l. K. {9 \3 c' f
7 u. `+ R$ l3 S. ~' B5 |
/ S0 O: }! a2 T% n1 T5 |
# 最大的Socket接收緩存
1 h, ^' T/ t1 B) e, G& v3 x' e
net.core.rmem_max = 12582912
6 D. l5 R' \: _: c, l
9 O% U4 l: i6 g: k4 F% z
- j# N' G, R, l/ w2 i
# 預設的Socket傳送緩存
1 x5 T2 i7 a0 g( `2 P, i7 e
net.core.wmem_default = 31457280
8 |0 ^/ K# P/ ]4 r
# h% M2 F! Y5 y6 x' i
/ t6 f6 T& N2 p7 e& _1 L$ ]+ t2 H8 u
# 最大的Socket傳送緩存
- q: _- H+ @/ Y- G Z* Z; V
net.core.wmem_max = 12582912
$ _' q0 e$ @, W" Q
2 C0 `1 g* e. \
6 T8 J. P+ [9 S0 k
# 加大網路連入數
" B5 A+ b8 _; X8 j2 F/ _3 P
net.core.somaxconn = 4096
^" O4 M" \9 ?7 l8 e3 z
9 h- P( Y G4 a& _% Q3 l
. h0 {2 n! p$ T; a- w5 |
# 加大網路連入的backlog
- C0 m1 @3 P- m3 J5 g: [7 |
net.core.netdev_max_backlog = 65536
- r6 K4 w! { I# g; U1 r' d4 J
* J0 T( B; @, z: ^7 m3 F9 `
d' n# i# {. R, e
# 加大記憶體緩存的最大量
6 P1 L" @0 e" ~1 L# k# I8 w7 u
net.core.optmem_max = 25165824
9 C; V) ?& j7 g' N
1 Z: E+ t6 ]; i- x
[8 w- s+ Y1 Q* i
# Increase the maximum total buffer-space allocatable加大可定址緩存空間的最大總量
: { x6 B& {% c5 I* l5 U
# This is measured in units of pages (4096 bytes)
" s* b1 {4 R/ h. w! k+ X2 V
net.ipv4.tcp_mem = 65536 131072 262144
! |1 E$ x5 ]7 X3 q9 E) h# b
net.ipv4.udp_mem = 65536 131072 262144
- D6 q, w# o: x8 D
" q9 U( p1 ?; l. V7 l% k' D
- G# r" I, Y5 i% }4 r
# 加大讀取緩存可定址空間
" r9 D0 O4 X! H* ^" E7 ]1 G
net.ipv4.tcp_rmem = 8192 87380 16777216
) Q, }* h4 a& _- _9 S
net.ipv4.udp_rmem_min = 16384
# y6 Q" o T2 } j1 S9 ?/ Q6 [
1 H- E8 Q7 b& n
2 Y l& A. g0 @/ o5 V. u+ u K3 e9 |
# 加大寫入緩存可定址空間
. |9 g7 f( }$ {. h
net.ipv4.tcp_wmem = 8192 65536 16777216
( W: K! X! U7 ?! d5 H
net.ipv4.udp_wmem_min = 16384
) _- U8 ~* v' @& T: w) _5 f8 G
$ l. e9 @( |; ^
5 g% g& c0 O4 y, p
# 加大tcp-time-wait桶子池區數量以預防簡易的DOS攻擊
2 z. S L6 E* [1 `# n
net.ipv4.tcp_max_tw_buckets = 1440000
4 e2 h! ~0 n# [8 |9 R9 e1 K
net.ipv4.tcp_tw_recycle = 1
* s4 O" [6 {' a7 D0 M% O; O
net.ipv4.tcp_tw_reuse = 1
) p* j1 \1 c; e
+ y- V% V1 g" ~2 d2 a6 ^# g/ [- b1 Z8 N
8 ?0 Y# G: b: r1 |8 Q0 u
存檔以生效
. K# W4 P' ]) T1 }6 \
#sysctl -p 載入已變更
9 Z/ F* Z$ g: U* c3 E
0 m0 B( F2 x8 d( I
參考來源:
$ d4 T. L3 z6 }' S; W4 l: {7 E
! u4 v8 K! o: R( q2 ]* W2 W
https://easyengine.io/tutorials/linux/sysctl-conf/
1 ^. P. C$ }$ j5 Y
# {' M& N$ h- T9 x1 L
, i( G& j" {/ }, T0 Z' Q
$ D' S5 k, q$ N3 T7 T% q, X
$ s& D/ z" _& F& W
歡迎光臨 52AV手機A片王|52AV.ONE (https://www.52av.one/)
Powered by Discuz! X3.2