#TCP SYN队列长度,增加并发连接数
net.ipv4.tcp_max_syn_backlog=8192

#TCP KeepAlive连接侦测时间,使系统处理更多连接
net.ipv4.tcp_keepalive_time=1800

#FIN-WAIT-2连接状态时间,使系统处理更多连接
net.ipv4.tcp_fin_timeout=30

#TIME-WAIT套接字重用功能
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_tw_reuse=1

#TCP SYN Cookies选项。有助于服务器免受syncflood***
net.ipv4.tcp_syncookies=1

#关闭源路由
net.ipv4.conf.lo.accept_source_route=0
net.ipv4.conf.all.accept_source_route=0
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.eth0.accept_source_route=0

#关闭安全重定向
net.ipv4.conf.lo.secure_redirects=0
net.ipv4.conf.all.secure_redirects=0
net.ipv4.conf.default.secure_redirects=0
net.ipv4.conf.eth0.secure_redirects=0

#关闭重定向
net.ipv4.conf.lo.accept_redirects=0
net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.default.accept_redirects=0
net.ipv4.conf.eth0.accept_redirects=0

#关闭ICMP重定向
net.ipv4.conf.lo.send_redirects=0
net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.eth0.send_redirects=0
net.ipv4.conf.default.send_redirects=0

#关闭代理ARP
net.ipv4.conf.lo.proxy_arp=0
net.ipv4.conf.all.proxy_arp=0
net.ipv4.conf.default.proxy_arp=0
net.ipv4.conf.eth0.proxy_arp=0

#优化系统套接字缓冲区
net.core.rmem_max=16777216
net.core.wmem_max=16777216

#优化TCP接收/发送缓冲区
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216

#优化网络设备接收队列
net.core.netdev_max_backlog=3000