linux网络参数解析

linux网络参数主要位于下面两个目录下:/proc/sys/net/core/和/proc/sys/net/ipv4/, 下面分别对这两个目录下常用的几个网络参数做下说明:

 

1./proc/sys/net/core/

 

$ /proc/sys/net/core/somaxconn
listen()的默认参数,挂起请求的最大数量.默认是128.对繁忙的服务器,增加该值有助于网络性能, 可参考的优化值:2048

 

$ /proc/sys/net/core/wmem_max
最大socket写buffer,可参考的优化值:131071

 

$ /proc/sys/net/core/rmem_max
最大socket读buffer,可参考的优化值:131071

 

$ /proc/sys/net/core/netdev_max_backlog
进入包的最大设备队列.默认是300,对重负载服务器而言,该值太低,可参考的优化值:1000

 

$ /proc/sys/net/core/optmem_max
socket buffer的最大初始化值,默认10K,可参考的优化值:20480

 

2./proc/sys/net/ipv4/

 

$/proc/sys/net/ipv4/tcp_tw_recycle

加快回收TIME-WAIT套接字.0:关闭;1:开启

 

$/proc/sys/net/ipv4/tcp_tw_reuse

复用TIME_WAIT状态socket的开关，如果开启，客户端在调用connect调用时，会自动复用TIME_WAIT状态的端口.0:关闭;1:开启

  

$/proc/sys/net/ipv4/tcp_max_tw_buckets

The tcp_max_tw_buckets variable tells the system the maximum number of sockets in TIME-WAIT to be held simultaneously. If this number is exceeded, the exceeding sockets are destroyed and a warning message is printed to you. The reason for this limit to exist is to get rid of really simple DoS attacks.

The tcp_max_tw_buckets variable takes an integer value which tells the system at which point to start destroying timewait sockets. The default value is set to 180000. This may sound much, but it is not. If anything, you should possibly need to increase this value if you start receiving errors due to this setting.

 

$ /proc/sys/net/ipv4/tcp_wmem
TCP写buffer,可参考的优化值: 4096    16384   131072

$ /proc/sys/net/ipv4/tcp_rmem
TCP读buffer,可参考的优化值: 4096    87380   174760

$ /proc/sys/net/ipv4/tcp_mem
同样有3个值,意思是:
net.ipv4.tcp_mem[0]:低于此值,TCP没有内存压力.
net.ipv4.tcp_mem[1]:在此值下,进入内存压力阶段.
net.ipv4.tcp_mem[2]:高于此值,TCP拒绝分配socket.
上述内存单位是页,而不是字节.
可参考的优化值是:196608  262144  393216

 

$ /proc/sys/net/ipv4/tcp_max_syn_backlog
进入SYN包的最大请求队列.默认1024.对重负载服务器而言,可适当调高.

 

$ /proc/sys/net/ipv4/tcp_retries2
TCP失败重传次数,默认值15,意味着重传15次才彻底放弃.可减少到5,以尽早释放内核资源.

 

$ /proc/sys/net/ipv4/tcp_keepalive_time
$ /proc/sys/net/ipv4/tcp_keepalive_intvl
$ /proc/sys/net/ipv4/tcp_keepalive_probes
这3个参数与TCP KeepAlive有关.默认值是:
tcp_keepalive_time = 7200 seconds (2 hours)
tcp_keepalive_probes = 9
tcp_keepalive_intvl = 75 seconds
意思是如果某个TCP连接在idle 2个小时后,内核才发起probe.如果probe 9次(每次75秒)不成功,内核才彻底放弃,认为该连接已失效.对服务器而言,显然上述值太大. 可调整到:
/proc/sys/net/ipv4/tcp_keepalive_time  1800
/proc/sys/net/ipv4/tcp_keepalive_intvl  30
/proc/sys/net/ipv4/tcp_keepalive_probes  3

$ proc/sys/net/ipv4/ip_local_port_range
指定端口范围的一个配置,默认是32768   61000,已够大.