六 Linux 内核优化

 提升服务器的文件句柄打开打开
vi /etc/security/limits.conf

增加
*    soft    nofile    65536
*    hard   nofile    65536


vi /etc/sysctl.conf

在末尾增加以下内容：

# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  32768
net.core.somaxconn = 32768

net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800

#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024  65535
fs.file-max=655350

内核生效命令
sysctl -p

 

error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key error: "net.bridge.bridge-nf-call-iptables" is an unknown key error: "net.bridge.bridge-nf-call-arptables" is an unknown key

当我们执行sysctl -p时，报错说key未知。这是因为我们没有加载bridge模块，需要手工加载。解决过程如下：

lsmod|grep bridge
modprobe bridge
lsmod|grep bridge

运行以上命令再生效内核就不会报错了