Results 1 to 16 of 16
-
04-07-2004, 04:54 PM #1Disabled
- Join Date
- Oct 2003
- Location
- Portugal
- Posts
- 77
HOW-TO: Tune Settings In sysctl.conf
Tunning settings in sysctl.conf really help speeding things up under heavy usage..
Basically just edit your /etc/sysctl.conf file (you will need to be root)...
Here are my settings (you may or may not have some of these already), I tried to put a short comment for each, you can google them if you need more info:
PHP Code:# Disables packet forwarding
net.ipv4.ip_forward = 0
# Enables source route verification
net.ipv4.conf.default.rp_filter = 1
# Disables the magic-sysrq key
kernel.sysrq = 0
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 25
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 3600
# Turn on the tcp_window_scaling
net.ipv4.tcp_window_scaling = 1
# Turn on the tcp_sack
net.ipv4.tcp_sack = 1
# tcp_fack should be on because of sack
net.ipv4.tcp_fack = 1
# Turn on the tcp_timestamps
net.ipv4.tcp_timestamps = 1
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1
# Don't Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
# Make more local ports available
net.ipv4.ip_local_port_range = 1024 65000
# Increase maximum amount of memory allocated to shm
kernel.shmmax = 1073741824
# Improve file system performance
vm.bdflush = 100 1200 128 512 15 5000 500 1884 2
# This will increase the amount of memory available for socket input/output queues
net.ipv4.tcp_rmem = 4096 25165824 25165824
net.core.rmem_max = 25165824
net.core.rmem_default = 25165824
net.ipv4.tcp_wmem = 4096 65536 25165824
net.core.wmem_max = 25165824
net.core.wmem_default = 65536
net.core.optmem_max = 25165824
# If you are feeling daring, you can also use these settings below, otherwise just remove them. (Should increase performance)
net.core.netdev_max_backlog = 2500
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
After you make the changes to the file, you can make them effective immediately by typing in /sbin/sysctl -p
Also, you will need to issue sysctl -w net.ipv4.route.flush=1 to flush the routing table to make some of these changes happen instantly.
Lastly, you can increase the size of the interface queue by typing /sbin/ifconfig eth0 txqueuelen 1000
-
06-13-2004, 10:11 AM #2Retired Moderator
- Join Date
- Jan 2003
- Posts
- 9,049
What distribution/Os were you using?
In any case, for those who want to see what's the difference, this is a copy I grab off a default install of RH 9.
Code:# Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Controls IP packet forwarding net.ipv4.ip_forward = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1
••• Like us on Facebook to qualify for discounts! •••
••• http://www.sprintserve.net •••
••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••
-
06-13-2004, 01:57 PM #3Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
i believe this came off of ev1 forums.
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
06-13-2004, 02:14 PM #4Retired Moderator
- Join Date
- Jan 2003
- Posts
- 9,049
Do you have a link to that? so that it can be properly credited. Thanks.
••• Like us on Facebook to qualify for discounts! •••
••• http://www.sprintserve.net •••
••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••
-
06-13-2004, 04:45 PM #5Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
07-03-2004, 10:54 AM #6Junior Guru Wannabe
- Join Date
- Feb 2004
- Location
- Delray Beach, FL
- Posts
- 77
Those settings made my server always 20-30% busy. I rolled back to original sysctl.conf and now server load shows 0.00, used to show 0.30 always.
I even asked here
It is on Dual Xeon 2.8, 2 Gb memory.
-
07-03-2004, 12:30 PM #7Retired Moderator
- Join Date
- Jan 2003
- Posts
- 9,049
If you read the thread on ev1 forums, you can see why this is so. One of which is the increased transmit buffer size which uses significantly more resources for TCP connections.
Try leaving out:
net.ipv4.tcp_rmem = 4096 25165824 25165824
net.core.rmem_max = 25165824
net.core.rmem_default = 25165824
net.ipv4.tcp_wmem = 4096 65536 25165824
net.core.wmem_max = 25165824
net.core.wmem_default = 65536••• Like us on Facebook to qualify for discounts! •••
••• http://www.sprintserve.net •••
••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••
-
07-03-2004, 02:30 PM #8Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Disables packet forwarding
net.ipv4.ip_forward=0
# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Disables the magic-sysrq key
kernel.sysrq = 0
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1
# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1
# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1
# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024
# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000
# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536
http://ipsysctl-tutorial.frozentux.n...-tutorial.htmlSteven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
05-10-2005, 11:35 AM #9Junior Guru Wannabe
- Join Date
- Jun 2003
- Posts
- 30
Hi,
is there any reason to set net.ipv4.tcp_keepalive_time to a much longer value than apache's keep alive timeout ?The largest message boards on the web!
-
05-10-2005, 07:46 PM #10Junior Guru Wannabe
- Join Date
- Feb 2004
- Location
- Delray Beach, FL
- Posts
- 77
Hi!
I have a question to smart people too
Is there any settings for UDP? I have media streaming software running which uses UDP connections, so may be I can tune it up.
-
06-07-2005, 11:54 AM #11Registered User
- Join Date
- Jun 2005
- Posts
- 8
This is what im looking for. thanks.
-
06-16-2005, 06:20 AM #12Disabled
- Join Date
- Apr 2005
- Posts
- 54
Originally posted by igorkl
Hi!
I have a question to smart people too
Is there any settings for UDP? I have media streaming software running which uses UDP connections, so may be I can tune it up.
what software you have that uses UDP ?????!?!!!
-
06-16-2005, 02:24 PM #13Disabled
- Join Date
- Apr 2005
- Posts
- 54
Originally posted by igorkl
Hi!
I have a question to smart people too
Is there any settings for UDP? I have media streaming software running which uses UDP connections, so may be I can tune it up.
what software you have that uses UDP ?????!?!!!
-
06-16-2005, 06:47 PM #14Junior Guru Wannabe
- Join Date
- Feb 2004
- Location
- Delray Beach, FL
- Posts
- 77
Pc-Center,
video streaming helix server
-
06-16-2005, 09:25 PM #15Disabled
- Join Date
- Apr 2005
- Posts
- 54
ok thanx!
do you know btw any audio streamer (compatible in players like winamp and media player) that uses udp too ???
udp technology is a lot better for streaming than tcp !!!
(about 20% faster because this protocol uses less headers and no error correction)
-
07-18-2005, 12:22 PM #16Junior Guru Wannabe
- Join Date
- Feb 2004
- Location
- Delray Beach, FL
- Posts
- 77
Pc-Center,
Helix server can stream audio files, mp3 and others, not sure if Media Player can use UDP for live media streams (At least I've never seen).
RealPlayer does use UDPwhen it can.