調整Linux TCP參數 提升伺服器性能
用netstat -ant|grep TIME_WAIT|wc -l查看發現有700多的等待請求,原來是TCP/IP 棧引起的。
對於多數人來說,配置 TCP/IP 棧是邪惡的魔術,但是如果您運行高負載的 Web 服務器,那麼有選擇地更改 Red Hat 的一些缺省值能明顯提高系統響應速度。TCP/IP 配置值被存儲在 /proc/sys/net/ipv4 目錄中,通常可以是某個值或用「0」(關)和「1」(開)來分別表示禁用和啟用。linux缺省值如下:
tcp_fin_timeout 180
tcp_keepalive_time 7200
tcp_window_scaling 1
tcp_sack 1
tcp_timestamps 1
在下面的設置中,更改某些值能增加服務器可處理的 TCP/IP 連接的數量,縮短服務器在終止失效連接前的等待時間,禁用一些不必要的 IP 擴展。把這些設置添加到 /etc/sysctl.conf 文件,然後重新啟動網絡守護程序( /etc/rc.d/init.d/network restart )。
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 30
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800
# Turn off tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
#Turn off tcp_timestamps
net.ipv4.tcp_timestamps = 0
加到/etc/rc.local
代碼:
echo "30">/proc/sys/net/ipv4/tcp_fin_timeout
echo "1800">/proc/sys/net/ipv4/tcp_keepalive_time
echo "0">/proc/sys/net/ipv4/tcp_window_scaling
echo "0">/proc/sys/net/ipv4/tcp_sack
echo "0">/proc/sys/net/ipv4/tcp_timestamps
通過以上修改,TIME_WAIT明顯減少!
---------------------------------------------------------
Securing and Optimizing Linux: RedHat Edition -A Hands on Guide
Prev Chapter 6. Linux General Optimization Next
6.13. Better manage your TCP/IP resources
This hack just make the time default values for TCP/IP connection lower so that more connections can be handled by time on your TCP/IP protocol. The following will decrease the amount of time your Linux box will try take to finish closing a connection and the amount of time before it will kill a stale connection. This will also turn off some IP extensions that aren't needed. The default setup for the TCP/IP parameters we'll change under Red Hat Linux are:
*
For the tcp_fin_timeout 180
*
For the tcp_keepalive_time 7200
*
For the tcp_window_scaling 1
*
For the tcp_sack 1
*
For the tcp_timestamps 1
To adjust the new TCP/IP values, type the following commands on your terminal:
[root@deep] /#echo 30 >/proc/sys/net/ipv4/tcp_fin_timeout
[root@deep] /#echo 1800 >/proc/sys/net/ipv4/tcp_keepalive_time
[root@deep] /#echo 0 >/proc/sys/net/ipv4/tcp_window_scaling
[root@deep] /#echo 0 >/proc/sys/net/ipv4/tcp_sack
[root@deep] /#echo 0 >/proc/sys/net/ipv4/tcp_timestamps
Execute the above commands and put them in your /etc/rc.d/rc.local file so you don't need to type them again each time your system reboots.
Version 6.2 only
Edit the /etc/sysctl.conf file and add the following lines:
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 30
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0
You must restart your network for the change to take effect. The command to manually restart the network is the following:
[root@deep] /# /etc/rc.d/init.d/network restart
Setting network parameters [ OK ] Bringing up interface lo [ OK ] Bringing up interface eth0 [ OK ] Bringing up interface eth1 [ OK ]