52AV手機A片王|52AV.ONE
標題:
Linux 硬體最佳化的調整 ---- 微調sysctl.conf
[打印本頁]
作者:
IT_man
時間:
2017-8-28 11:01
標題:
Linux 硬體最佳化的調整 ---- 微調sysctl.conf
Linux 預設是沒有下述的調整,因此我們必須進行最佳化的調整:
/ @+ |; b$ x( x/ `4 b( E
( b7 [6 @; X5 E& M: ?% ]
#vi /etc/sysctl.conf
% S! \6 t. p' h8 I
### 改進系統記憶體管理 ###
6 e, A) x& P0 z- r! s, C$ C
5 ?/ z1 n/ P% d/ V% Z N/ o4 p# N
: L# g" U) ~& s/ D) f% z
# 加大檔案處理及inode快取
@# S. m+ v, B3 |
fs.file-max = 2097152
! R! b+ i2 ]4 L& L. b
; q9 Z2 Z: S6 j6 z p# R
+ y% _+ ]8 R2 h( I7 f
# 較少的交換
- m" h, a/ C l1 `) j" v* a
vm.swappiness = 10
, A9 f! C7 E7 F& u% e" Z
vm.dirty_ratio = 60
+ w* x$ A9 _& j# z/ ~
vm.dirty_background_ratio = 2
$ X" v$ n% W T' X* { O7 d
0 G9 G/ I! ~8 `, b$ _; H. P! k
7 N2 F* N& P8 O9 _9 M* F( a
### 一般的網路安全選項 ###
+ B) {% L+ [; _, F" e. e
4 P# \4 m* u8 s3 q$ O7 y+ _) Y) b
5 B3 ]8 `% }; O# Y+ n+ ^
# 被動(passive)TCP連接的SYNACKs次數
8 N: B: h4 `# v9 a; o( O* a
net.ipv4.tcp_synack_retries = 2
3 K* |; s1 [+ @+ g$ q+ \5 g
4 h4 y; E% ^5 G/ P
( ~' u$ W0 R U4 X
# 允許本機網路連接阜範圍
7 j2 h0 H% E8 r$ P1 @3 z) g# O
net.ipv4.ip_local_port_range = 2000 65535
; m, ?0 `: C3 c" i! G: j; E
4 t! d. U3 i2 W- ^0 `
& n. ]2 r! v f
# 反制TCP Time-Wait的保護
8 E4 ~3 d3 X9 G8 W( |
net.ipv4.tcp_rfc1337 = 1
- ]' o2 w! i+ E$ A3 n
* @6 D0 W e8 O
`6 I! j5 k! G+ V5 h0 `: Z
# 降低對 tcp_fin_timeout connection 時間的預設值
# s: [3 Y1 z. X7 @
net.ipv4.tcp_fin_timeout = 15
" {( r) u/ H: p; A1 }
0 \* a0 g) y0 D3 y% f; T
3 P0 B8 i/ s) k4 ~! V( \! p5 ?
# 降低連線存活時間的預設值
/ l! i. S3 G6 @2 N+ ~
net.ipv4.tcp_keepalive_time = 300
' g% l! f) w: d6 a D- }
net.ipv4.tcp_keepalive_probes = 5
; a8 {2 O3 m3 h, V0 `, ~
net.ipv4.tcp_keepalive_intvl = 15
3 N+ f( e, n0 [. X# j' G, P
) x; K _2 O- x* r
6 s+ r8 ?! Y$ g8 t6 E4 u& {
### 調整網路效能 ###
* @6 A( m1 }. l! c$ B2 O* V
, ?, A6 C, ?. O7 L# g
2 r( B$ h# t' _3 X( d& R) y
# 預設的Socket接收緩存
, B; I7 v2 Y4 j/ o# F
net.core.rmem_default = 31457280
1 v4 m1 M; o: [# }; {
5 P8 _% L. h; _" s) y
% g- r" \5 ?( r6 U7 \0 U% I( N8 Q
# 最大的Socket接收緩存
3 o5 e& }8 q. J6 \/ S
net.core.rmem_max = 12582912
4 x- y7 Z( ^- d+ O- Q6 d- y
# ^4 h- _6 f6 j5 u* a) l
" }% S7 i: t, |& m5 D' F# E# g
# 預設的Socket傳送緩存
" T, h' B- ]; O/ ]
net.core.wmem_default = 31457280
- V2 K$ V0 h5 w! j D$ m
; s: D; a0 b5 ?/ r$ V
7 ]3 @8 P4 T/ W9 r4 F+ `0 \& ?
# 最大的Socket傳送緩存
! \: |7 l. Z, L( I n0 l
net.core.wmem_max = 12582912
' I0 `2 D/ A$ q% j7 R
L- K. C/ T! ~/ B' t( y$ h b' Q" P
) Z6 C* T7 T* N
# 加大網路連入數
# s6 e# N% b/ {
net.core.somaxconn = 4096
6 E$ S M) ~. Q
. q0 ~: S$ g0 E! J9 Y/ }
: O- ]4 ?' N4 i7 R* u: O
# 加大網路連入的backlog
" z; m: l( E, W9 f4 \/ f
net.core.netdev_max_backlog = 65536
5 @1 m2 G9 K2 D" P0 ~0 f& ?
4 Q* C+ K' O) d- q: B
8 m% J: s# m, M, w& o
# 加大記憶體緩存的最大量
' {4 b. a0 Z+ T) u
net.core.optmem_max = 25165824
9 ^- j2 V# ?! K. |" N7 Q9 U" |
! M- T1 d8 ?4 g, f
' f5 |% N3 e+ Z" V: `
# Increase the maximum total buffer-space allocatable加大可定址緩存空間的最大總量
3 x& I. s( h6 ?1 ?! `& q! ?
# This is measured in units of pages (4096 bytes)
& l$ b; ?# [+ b" S* H3 @% c
net.ipv4.tcp_mem = 65536 131072 262144
) H) K/ e& z! M4 ^5 T3 x: I7 [8 J
net.ipv4.udp_mem = 65536 131072 262144
3 |6 x. L- C2 W; i# D( z# `; _
+ n$ }" e3 |! W/ d0 F# K
# \* c/ `, N0 g+ S3 `
# 加大讀取緩存可定址空間
- N6 @, T9 O6 d% D& X/ v3 [7 U, Z
net.ipv4.tcp_rmem = 8192 87380 16777216
' U6 Z' l, ]3 H3 N9 s
net.ipv4.udp_rmem_min = 16384
) `2 d0 ^( D) ~5 e. E- _' X
* X7 X# G3 P" ^# X
, `1 _5 R( z: `, M6 p5 E/ |
# 加大寫入緩存可定址空間
2 H+ V; u, v9 F5 l* j
net.ipv4.tcp_wmem = 8192 65536 16777216
6 c6 s# J) u2 E0 k; e
net.ipv4.udp_wmem_min = 16384
% G1 \% Q% H% j3 y+ k% g. m! T `
' h$ Q6 Y1 d7 U' @" C
7 |* k' N1 o# O! x- a
# 加大tcp-time-wait桶子池區數量以預防簡易的DOS攻擊
/ k7 F* h6 W8 r
net.ipv4.tcp_max_tw_buckets = 1440000
# [0 b4 @+ @1 c& w- J7 [4 u9 A* M) k
net.ipv4.tcp_tw_recycle = 1
" R( N% V$ d. b8 }2 j, N0 w! h
net.ipv4.tcp_tw_reuse = 1
4 j% v6 [1 P* j3 `& |+ ]
% U4 V9 j6 P0 ]. `" L" d3 |; ?
0 Q9 }( W4 t5 m0 v6 @6 b
存檔以生效
4 a e/ C/ `7 Z# P1 \, z
#sysctl -p 載入已變更
% ~9 y2 g( ?( Q L6 t C5 o5 F
+ [( r' Y7 |# H) I
參考來源:
k6 {% s- q2 u, b$ r( m! y
& L4 b+ J! U0 e0 y
https://easyengine.io/tutorials/linux/sysctl-conf/
; t+ B6 M' v5 P. K' g
2 K1 j3 u% i4 {" A
9 S% \. l+ [) L \. @. p' j) W( A
, `0 r2 b2 w4 K2 A' j
& n: c6 _4 L2 K9 W/ ]
歡迎光臨 52AV手機A片王|52AV.ONE (https://www.52av.one/)
Powered by Discuz! X3.2