Optimize Linux Sysctl.conf Parameters

Posted on February 21, 2014 at 12:24 am

After doing some research, I tested various parameters on the file /etc/sysctl.conf and I encountered various errors like “name lookup timed out”, “connection timed out” and “999 INKApi Error” while using web server like Nginx or Lighttpd under 1000+ concurrent connections. What should be taken into consideration is that some shared hosting and dedicated servers do not allow to change parameters in sysctl.conf related to routing, ICMP requests, and so on. I would recommend to use only the following tweaks on /etc/sysctl.conf file:

# Safe optimizations
fs.file-max = 150000
kernel.pid_max = 4194303
net.core.netdev_max_backlog = 3240000
net.core.somaxconn = 50000
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_syncookies = 1
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_window_scaling = 1	
net.ipv4.tcp_max_syn_backlog = 3240000
 
# Testing optimizations
net.ipv4.tcp_fin_timeout = 120
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_retries2 = 8
 
# Disable IPv6 addrconf
net.ipv6.conf.eth0.autoconf=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.all.accept_ra = 0

For the changes to take effect type:

sysctl -p

Here is a screenshot of the concurrent connections test:

References and useful links:

Linux Network Tuning for 2013
sysctl – Kernel Optimization – /etc/sysctl.conf
Kernel sysctl configuration file for Linux
sysctl.conf – tweaking for high concurrancy & security
Testing Performance > How-To

Updated on April 29, 2017 at 6:47 pm

Query Admin

System Administration Tips, Security, Internet

Optimize Linux Sysctl.conf Parameters

Receive updates via email

Other Posts

Updated Posts