Operation and Maintenance
Nginx
How to optimize the Linux kernel of high-concurrency nginx server
How to optimize the Linux kernel of high-concurrency nginx server
The code is as follows:
# controls the use of tcp syncookies #表示开启重用。允许将time-wait sockets重新用于新的tcp连接,默认为0,表示关闭; net.ipv4.tcp_syncookies = 1 #一个布尔类型的标志,控制着当有很多的连接请求时内核的行为。启用的话,如果服务超载,内核将主动地发送rst包。 net.ipv4.tcp_abort_on_overflow = 1 #表示系统同时保持time_wait的最大数量,如果超过这个数字,time_wait将立刻被清除并打印警告信息。 #默认为180000,改为6000。对于apache、nginx等服务器,此项参数可以控制time_wait的最大数量,服务器被大量的time_wait拖死 net.ipv4.tcp_max_tw_buckets = 6000 #有选择的应答 net.ipv4.tcp_sack = 1 #该文件表示设置tcp/ip会话的滑动窗口大小是否可变。参数值为布尔值,为1时表示可变,为0时表示不可变。tcp/ip通常使用的窗口最大可达到65535 字节,对于高速网络. #该值可能太小,这时候如果启用了该功能,可以使tcp/ip滑动窗口大小增大数个数量级,从而提高数据传输的能力。 net.ipv4.tcp_window_scaling = 1 #tcp接收缓冲区 net.ipv4.tcp_rmem = 4096 87380 4194304 #tcp发送缓冲区 net.ipv4.tcp_wmem = 4096 66384 4194304 # # out of socket memory net.ipv4.tcp_mem = 94500000 915000000 927000000 #该文件表示每个套接字所允许的最大缓冲区的大小。 net.core.optmem_max = 81920 #该文件指定了发送套接字缓冲区大小的缺省值(以字节为单位)。 net.core.wmem_default = 8388608 #指定了发送套接字缓冲区大小的最大值(以字节为单位)。 net.core.wmem_max = 16777216 #指定了接收套接字缓冲区大小的缺省值(以字节为单位)。 net.core.rmem_default = 8388608 #指定了接收套接字缓冲区大小的最大值(以字节为单位)。 net.core.rmem_max = 16777216 #表示syn队列的长度,默认为1024,加大队列长度为10200000,可以容纳更多等待连接的网络连接数。 net.ipv4.tcp_max_syn_backlog = 1020000 #每个网络接口接收数据包的速率比内核处理这些包的速率快时,允许送到队列的数据包的最大数目。 net.core.netdev_max_backlog = 862144 #web 应用中listen 函数的backlog 默认会给我们内核参数的net.core.somaxconn 限制到128,而nginx 定义的ngx_listen_backlog 默认为511,所以有必要调整这个值。 net.core.somaxconn = 262144 #系统中最多有多少个tcp 套接字不被关联到任何一个用户文件句柄上。如果超过这个数字,孤儿连接将即刻被复位并打印出警告信息。 #这个限制仅仅是为了防止简单的dos 攻击,不能过分依靠它或者人为地减小这个值,更应该增加这个 net.ipv4.tcp_max_orphans = 327680 #时间戳可以避免序列号的卷绕。一个1gbps 的链路肯定会遇到以前用过的序列号。时间戳能够让内核接受这种“异常”的数据包。这里需要将其关掉。 net.ipv4.tcp_timestamps = 0 #为了打开对端的连接,内核需要发送一个syn 并附带一个回应前面一个syn 的ack。也就是所谓三次握手中的第二次握手。这个设置决定了内核放弃连接之前发送syn+ack 包的数量。 net.ipv4.tcp_synack_retries = 1 #在内核放弃建立连接之前发送syn 包的数量。www.jb51.net net.ipv4.tcp_syn_retries = 1 #表示开启tcp连接中time-wait sockets的快速回收,默认为0,表示关闭; net.ipv4.tcp_tw_recycle = 1 #表示开启重用。允许将time-wait sockets重新用于新的tcp连接,默认为0,表示关闭; net.ipv4.tcp_tw_reuse = 1 #修改系統默认的 timeout 时间。 net.ipv4.tcp_fin_timeout = 15 #表示当keepalive起用的时候,tcp发送keepalive消息的频度。缺省是2小时,建议改为20分钟。 net.ipv4.tcp_keepalive_time = 30 #表示用于向外连接的端口范围。缺省情况下很小:32768到61000,改为10000到65000。(注意:这里不要将最低值设的太低,否则可能会占用掉正常的端口!) net.ipv4.ip_local_port_range = 1024 65000 #以下可能需要加载ip_conntrack模块 modprobe ip_conntrack ,有文档说防火墙开启情况下此模块失效 #縮短established的超時時間 net.netfilter.nf_conntrack_tcp_timeout_established = 180 #conntrack_max 允许的最大跟踪连接条目,是在内核内存中netfilter可以同时处理的“任务”(连接跟踪条目) net.netfilter.nf_conntrack_max = 1048576 net.nf_conntrack_max = 1048576
The above is the detailed content of How to optimize the Linux kernel of high-concurrency nginx server. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
What computer configuration is required for vscode
Apr 15, 2025 pm 09:48 PM
VS Code system requirements: Operating system: Windows 10 and above, macOS 10.12 and above, Linux distribution processor: minimum 1.6 GHz, recommended 2.0 GHz and above memory: minimum 512 MB, recommended 4 GB and above storage space: minimum 250 MB, recommended 1 GB and above other requirements: stable network connection, Xorg/Wayland (Linux)
Linux Architecture: Unveiling the 5 Basic Components
Apr 20, 2025 am 12:04 AM
The five basic components of the Linux system are: 1. Kernel, 2. System library, 3. System utilities, 4. Graphical user interface, 5. Applications. The kernel manages hardware resources, the system library provides precompiled functions, system utilities are used for system management, the GUI provides visual interaction, and applications use these components to implement functions.
How to run java code in notepad
Apr 16, 2025 pm 07:39 PM
Although Notepad cannot run Java code directly, it can be achieved by using other tools: using the command line compiler (javac) to generate a bytecode file (filename.class). Use the Java interpreter (java) to interpret bytecode, execute the code, and output the result.
How to check the warehouse address of git
Apr 17, 2025 pm 01:54 PM
To view the Git repository address, perform the following steps: 1. Open the command line and navigate to the repository directory; 2. Run the "git remote -v" command; 3. View the repository name in the output and its corresponding address.
Where to write code in vscode
Apr 15, 2025 pm 09:54 PM
Writing code in Visual Studio Code (VSCode) is simple and easy to use. Just install VSCode, create a project, select a language, create a file, write code, save and run it. The advantages of VSCode include cross-platform, free and open source, powerful features, rich extensions, and lightweight and fast.
vscode terminal usage tutorial
Apr 15, 2025 pm 10:09 PM
vscode built-in terminal is a development tool that allows running commands and scripts within the editor to simplify the development process. How to use vscode terminal: Open the terminal with the shortcut key (Ctrl/Cmd). Enter a command or run the script. Use hotkeys (such as Ctrl L to clear the terminal). Change the working directory (such as the cd command). Advanced features include debug mode, automatic code snippet completion, and interactive command history.
How to use VSCode
Apr 15, 2025 pm 11:21 PM
Visual Studio Code (VSCode) is a cross-platform, open source and free code editor developed by Microsoft. It is known for its lightweight, scalability and support for a wide range of programming languages. To install VSCode, please visit the official website to download and run the installer. When using VSCode, you can create new projects, edit code, debug code, navigate projects, expand VSCode, and manage settings. VSCode is available for Windows, macOS, and Linux, supports multiple programming languages and provides various extensions through Marketplace. Its advantages include lightweight, scalability, extensive language support, rich features and version
laravel installation code
Apr 18, 2025 pm 12:30 PM
To install Laravel, follow these steps in sequence: Install Composer (for macOS/Linux and Windows) Install Laravel Installer Create a new project Start Service Access Application (URL: http://127.0.0.1:8000) Set up the database connection (if required)
