優化Linux內核參數
vi /etc/sysctl.conf
在末尾增加如下文本
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_max_syn_backlog = 65536
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535使配置立即生效:
/sbin/sysctl -p
防ddos***
Sysctl 修改
vi /etc/rc.local
加入如下文本
sysctl kern.ipc.maxsockets=100000 ##增加併發的socket,對
於ddos很有用
sysctl kern.ipc.somaxconn=65535 ##打開文件數
sysctl net.inet.tcp.msl=2500 ##timeout時間
Linux內核參數