linux 部署nginx作为反向代理入口的内核参数/etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536
# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
#对于一个新建连接,内核要发送多少个 SYN 连接请求才决定放弃,不应该大于255,默认值是5,对应于180秒左右时间
net.ipv4.tcp_syn_retries=2
#net.ipv4.tcp_synack_retries=2
#表示当keepalive起用的时候,TCP发送keepalive消息的频度。缺省是2小时,改为300秒
net.ipv4.tcp_keepalive_time=1200
net.ipv4.tcp_orphan_retries=3
#表示SYN队列的长度,默认为1024,加大队列长度为8192,可以容纳更多等待连接的网络连接数。
net.ipv4.tcp_max_syn_backlog = 4096
#表示开启SYN Cookies。当出现SYN等待队列溢出时,启用cookies来处理,可防范少量SYN攻击。默认为0,表示关闭
net.ipv4.tcp_syncookies = 1
#表示开启重用tcp连接。允许将TIME-WAIT sockets重新用于新的TCP连接。默认为0,表示关闭
net.ipv4.tcp_tw_reuse = 1
#表示开启TCP连接中TIME-WAIT sockets的快速回收。默认为0,表示关闭
net.ipv4.tcp_tw_recycle = 1
#表示如果套接字由本端要求关闭,这个参数决定了它保持在FIN-WAIT-2状态的时间
net.ipv4.tcp_fin_timeout = 30
#减少超时前的探测次数
net.ipv4.tcp_keepalive_probes=5
#优化网络设备接收队列
net.core.netdev_max_backlog=3000
#尽快的回收TIME_WAIT状态的连接
fs.file-max = 1048576
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_mem = 786432 2097152 3145728
net.ipv4.tcp_rmem = 4096 4096 16777216
net.ipv4.tcp_wmem = 4096 4096 16777216
#连接数过多,nf_conntrack的哈希表满
net.nf_conntrack_max = 655360
net.netfilter.nf_conntrack_max = 655350
net.netfilter.nf_conntrack_tcp_timeout_established = 1200
#用于解决TCP: time wait bucket table overflow问题,占用大量端口号,使得新连接无法绑定端口
net.ipv4.tcp_max_tw_buckets = 262144
最新文章
- Beaglebone Black的启动
- C#实现随机抽奖和冒泡排序
- 解决virtualbox 虚拟机不能ping通win7
- SanDisk SecureAccess™ Software
- JDBC 基础概念
- Toolkit Pro学习--Toolbar的创建
- HDU 5818 Joint Stacks(左偏树)
- Sql Server 循环添加日期--(累加到一个字段中)
- 客户端程序通过TCP通信传送"小文件"到服务器
- 开发抓包工具 Mac charles 3.11.5 破解版 安装包
- linux-mkdir
- (转载)CSS3与页面布局学习总结(三)——BFC、定位、浮动、7种垂直居中方法
- 微信小程序 遇到的问题(新)
- Python 'xxx' codec can't decode byte xxx常见编码错
- 基准对象object中的基础类型----元组 (五)
- hdu2036
- AppFabric查询工作流实例
- Swift 柯里化
- python基本知识点
- ZooKeeper系列(8):ZooKeeper伸缩性