cat /etc/sysctl.conf kernel.core_uses_pid=1 kernel.pid_max=4194303 kernel.ctrl-alt-del=1 # kernel.core_pattern = /disk/ssd00/cores/core kernel.msgmnb=65536 kernel.msgmax=65536 kernel.shmmni=4096 kernel.shmmax=8589934592 kernel.shmall=8589934592 kernel.sem=250 32000 100 128 # Increase number of incoming connections.max=65535 net.core.somaxconn=65535 net.core.rmem_default=8388608 net.core.wmem_default=8388608 net.core.rmem_max=33554432 net.core.wmem_max=33554432 net.core.dev_weight=512 net.core.optmem_max=262144 net.core.netdev_budget=1024 net.core.netdev_max_backlog=300000 net.ipv4.neigh.default.gc_thresh1=10240 net.ipv4.neigh.default.gc_thresh2=40960 net.ipv4.neigh.default.gc_thresh3=81920 # for lvs tunnel mode net.ipv4.conf.all.proxy_arp=0 # http://blog.clanzx.net/2013/10/30/arp-filter.html net.ipv4.conf.all.arp_announce=2 net.ipv4.conf.default.arp_announce=2 net.ipv4.conf.all.arp_ignore=1 net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_filter=1 net.ipv4.conf.default.arp_filter=1 net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.all.rp_filter=0 # https://mellowd.co.uk/ccie/?tag=pmtud # Warning,if MTU=9000 set 1, else 0 is good net.ipv4.tcp_mtu_probing=0 net.ipv4.ip_no_pmtu_disc=0 net.ipv4.tcp_slow_start_after_idle=0 # Do not cache metrics on closing connections net.ipv4.tcp_no_metrics_save=1 # Protect Against TCP Time-Wait net.ipv4.tcp_rfc1337=1 net.ipv4.conf.default.accept_source_route=0 net.ipv4.conf.default.accept_redirects=0 net.ipv4.conf.default.secure_redirects=0 net.ipv4.conf.all.accept_source_route=0 net.ipv4.conf.all.accept_redirects=0 net.ipv4.conf.all.secure_redirects=0 net.ipv4.ip_forward=1 net.ipv4.ip_nonlocal_bind=1 net.ipv4.ip_local_port_range=9000 65535 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.icmp_ignore_bogus_error_responses=1 net.ipv4.tcp_timestamps=0 net.ipv4.tcp_sack=1 net.ipv4.tcp_dsack=1 net.ipv4.tcp_window_scaling=1 net.ipv4.tcp_rmem=4096 102400 16777216 net.ipv4.tcp_wmem=4096 102400 16777216 net.ipv4.tcp_mem=786432 1048576 1572864 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_syn_retries=3 net.ipv4.tcp_synack_retries=3 net.ipv4.tcp_retries1=3 net.ipv4.tcp_retries2=5 net.ipv4.tcp_fin_timeout=15 net.ipv4.tcp_max_syn_backlog=262144 net.ipv4.tcp_max_orphans=262144 net.ipv4.tcp_frto=2 net.ipv4.tcp_thin_dupack=0 net.ipv4.tcp_reordering=3 net.ipv4.tcp_early_retrans=2 net.ipv4.tcp_tw_recycle=1 net.ipv4.tcp_tw_reuse=1 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_keepalive_time=30 net.ipv4.tcp_keepalive_intvl=30 net.ipv4.tcp_keepalive_probes=3 net.ipv4.tcp_max_tw_buckets=300000 net.ipv4.tcp_congestion_control=cubic # net.ipv4.netfilter.ip_conntrack_max=300000 # net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait=1 # net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait=1 # net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait=1 # net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=15 net.netfilter.nf_conntrack_max=300000 net.netfilter.nf_conntrack_tcp_timeout_close_wait=1 net.netfilter.nf_conntrack_tcp_timeout_fin_wait=1 net.netfilter.nf_conntrack_tcp_timeout_time_wait=1 net.netfilter.nf_conntrack_tcp_timeout_established=15 vm.swappiness=0 vm.dirty_writeback_centisecs=100 vm.dirty_expire_centisecs=200 vm.dirty_background_ratio=0 vm.dirty_background_bytes = 209715200 vm.dirty_ratio=40 vm.dirty_bytes = 0 vm.overcommit_memory=1 vm.overcommit_ratio=50 vm.max_map_count=262144 fs.file-max=262144 fs.aio-max-nr=1048576 fs.inotify.max_user_watches=102400 fs.inotify.max_user_instances=1024