Skip to content

Instantly share code, notes, and snippets.

@greggyNapalm
Last active May 9, 2022 07:26
Show Gist options
  • Save greggyNapalm/2282242 to your computer and use it in GitHub Desktop.
Save greggyNapalm/2282242 to your computer and use it in GitHub Desktop.
TCP/IP stack linux
# increase system IP port limits
net.ipv4.ip_local_port_range=1024 65535
# Incoming packets queue length
net.core.netdev_max_backlog=10000
# TCP socket max connections num
net.core.somaxconn=262144
# Enable syncookies
net.ipv4.tcp_syncookies=1
# SYN buffer size
net.ipv4.tcp_max_syn_backlog = 262144
# Total number of TCP sockets in TIME_WAIT state
net.ipv4.tcp_max_tw_buckets = 720000
# It enables fast recycling of TIME_WAIT sockets.
net.ipv4.tcp_tw_recycle = 1
# We need to enable this opt to make tcp_tw_reuse work
net.ipv4.tcp_timestamps = 1
# This allows reusing sockets in TIME_WAIT state for new connections when it is safe from protocol viewpoint.
net.ipv4.tcp_tw_reuse = 1
# Time to hold socket in state FIN-WAIT-2, if it was closed by our side.
net.ipv4.tcp_fin_timeout = 1
# How often TCP sends out keepalive messages when keepalive is enabled. Default: 2hours.
net.ipv4.tcp_keepalive_time = 1800
# How frequent probes are retransmitted, when a probe isn't acknowledged. Default: 75 seconds.
net.ipv4.tcp_keepalive_probes = 7
# How often TCP sends out keepalive messages when keepalive is enabled. Default: 2hours.
net.ipv4.tcp_keepalive_intvl = 30
# This will increase the amount of memory available for socket input/output queues
net.core.wmem_max = 33554432
net.core.rmem_max = 33554432
net.core.rmem_default = 8388608
net.core.wmem_default = 4194394
net.ipv4.tcp_rmem = 16384 8388608 16777216
net.ipv4.tcp_wmem = 16384 4194394 16777216
net.ipv4.tcp_mem = 262144 524288 1048576
# recommended default congestion control for high speed network is *htcp*
# check available algorithms first
net.ipv4.tcp_available_congestion_control
# @if needed modprobe tcp_htcp
net.ipv4.tcp_congestion_control=htcp
# Avoid slow start on idle connections
net.ipv4.tcp_slow_start_after_idle=0
# Specifically if you see the "Error in munmap" error on Linux you might want to increase the amount of maps available.
# Linux is limited to a maximum of 64k maps. Setting vm.max_map_count in sysctl.conf will enable you to increase this limit.
# You can inspect the number of maps your program is consuming by counting the lines in /proc/$PID/maps
vm.max_map_count = 524288
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 8
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.default.autoconf = 0
# http://www.opennet.ru/base/sys/sysctl_linux.txt.html
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment