{"id":253,"date":"2015-11-21T19:15:57","date_gmt":"2015-11-21T13:15:57","guid":{"rendered":"https:\/\/avalon.land\/blog\/?p=253"},"modified":"2015-12-04T09:25:51","modified_gmt":"2015-12-04T03:25:51","slug":"sysctl-tuning-and-strong-optimization","status":"publish","type":"post","link":"https:\/\/avalon.land\/blog\/networking\/sysctl-tuning-and-strong-optimization\/","title":{"rendered":"sysctl tuning and strong optimization"},"content":{"rendered":"<p>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0434\u043b\u044f \u044f\u0434\u0440\u0430 >= 3.2 (\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u0438 \u0434\u043b\u044f 2.6 \u043f\u043e\u0434\u043e\u0439\u0434\u0443\u0442) \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 (router\/nat\/web\/etc). \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u0442\u043e xeon E5420, 8G RAM.<br \/>\n<!--more--><\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n# SWAP usage\r\nvm.swappiness = 60\r\n# Controls the maximum size of a message, in bytes\r\nkernel.msgmnb = 65536\r\n# Controls the default maxmimum size of a mesage queue\r\nkernel.msgmax = 65536\r\n# Controls the maximum shared segment size, in bytes\r\nkernel.shmmax = 4194349056\r\n# Controls the maximum number of shared memory segments, in pages\r\nkernel.shmall = 1024011\r\n\r\n##################\r\n### NETWORKING ###\r\n##################\r\n\r\n# Max sockets who wait for connections\r\nnet.core.somaxconn = 16384\r\n# Max queue packets\r\nnet.core.netdev_max_backlog = 8192\r\n# Disable ipv6\r\nnet.ipv6.conf.all.disable_ipv6 = 1\r\n# Ignore ICMP broadcasts\r\nnet.ipv4.icmp_echo_ignore_broadcasts = 1\r\n# Cisco ARP problem solving\r\nnet.ipv4.conf.lo.arp_ignore = 1\r\nnet.ipv4.conf.lo.arp_announce = 1\r\nnet.ipv4.conf.all.arp_ignore = 1\r\nnet.ipv4.conf.all.arp_announce = 1\r\n# Tunneling and packet forwarding for IPv4\r\nnet.ipv4.conf.all.rp_filter = 0\r\nnet.ipv4.conf.default.rp_filter = 0\r\nnet.ipv4.ip_forward = 1\r\n# Max oprhan sockets without handle\r\nnet.ipv4.tcp_max_orphans = 65536\r\n# Count fails before destroy TCP-connection, closed local\r\nnet.ipv4.tcp_orphan_retries = 0\r\n# Time through which sockets in state FIN-WAIT-2 will be closed\r\nnet.ipv4.tcp_fin_timeout = 10\r\n# Max connections without confirmation\r\nnet.ipv4.tcp_max_syn_backlog = 4096\r\n# How often check SO_KEEPALIVE state connections\r\nnet.ipv4.tcp_keepalive_time = 1800\r\n# Retries count transmit SYNACK packets before drop connection\r\nnet.ipv4.tcp_synack_retries = 2\r\n# Enable tcp_congestion_control\r\nnet.ipv4.tcp_timestamps = 1\r\n# Protocol used to control the load networks\r\nnet.ipv4.tcp_congestion_control = htcp\r\n# What ports we can use\r\nnet.ipv4.ip_local_port_range = 1024 65535\r\n# TIME_WAIT sockets quick utilization\r\nnet.ipv4.tcp_tw_recycle = 1\r\n# We can reuse TIME_WAIT sockets\r\nnet.ipv4.tcp_tw_reuse = 1\r\n# (tcp_keepalive_intvl * tcp_keepalive_probes) before connection will be disconnected when there is no response\r\nnet.ipv4.tcp_keepalive_probes = 3\r\nnet.ipv4.tcp_keepalive_intvl = 15\r\n# We do not use SACK in out TCP stack\r\nnet.ipv4.tcp_sack = 0\r\n# And D-SACK too\r\nnet.ipv4.tcp_dsack = 0\r\n\r\n#\r\n# Before use conntrack, we must load this module in our core!\r\n# https:\/\/www.kernel.org\/doc\/Documentation\/networking\/nf_conntrack-sysctl.txt\r\n#\r\n\r\n# Default for generic timeout (Def 600)\r\nnet.netfilter.nf_conntrack_generic_timeout = 30\r\n# Time out for established connection (Def 432000 (5 days))\r\nnet.netfilter.nf_conntrack_tcp_timeout_established = 300\r\n# Timeout for SYN packets (Def 120)\r\nnet.netfilter.nf_conntrack_tcp_timeout_syn_sent = 30\r\nnet.netfilter.nf_conntrack_tcp_timeout_syn_recv = 30\r\n# Timeout for TIME_WAIT connections (Def 120)\r\nnet.netfilter.nf_conntrack_tcp_timeout_time_wait = 30\r\n# Timeout for FIN_WAIT connections (Def 120)\r\nnet.netfilter.nf_conntrack_tcp_timeout_fin_wait = 30\r\n# Timeout for CLOSE_WAIT connections (Def 60)\r\nnet.netfilter.nf_conntrack_tcp_timeout_close_wait = 15\r\n# Max count our connections (sysctl net.netfilter.nf_conntrack_count)\r\nnet.netfilter.nf_conntrack_expect_max = 4096\r\nnet.netfilter.nf_conntrack_max = 1048576\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0434\u043b\u044f \u044f\u0434\u0440\u0430 >= 3.2 (\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u0438 \u0434\u043b\u044f 2.6 \u043f\u043e\u0434\u043e\u0439\u0434\u0443\u0442) \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 (router\/nat\/web\/etc). \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u0442\u043e xeon E5420, 8G<\/p>\n<div class=\"more-link-wrapper\"><a class=\"more-link\" href=\"https:\/\/avalon.land\/blog\/networking\/sysctl-tuning-and-strong-optimization\/\">Continue reading<span class=\"screen-reader-text\">sysctl tuning and strong optimization<\/span><\/a><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,10],"tags":[],"class_list":["post-253","post","type-post","status-publish","format-standard","hentry","category-it","category-networking","entry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/posts\/253","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/comments?post=253"}],"version-history":[{"count":5,"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/posts\/253\/revisions"}],"predecessor-version":[{"id":256,"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/posts\/253\/revisions\/256"}],"wp:attachment":[{"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/media?parent=253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/categories?post=253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/avalon.land\/blog\/wp-json\/wp\/v2\/tags?post=253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}