| |
|
开发:
C++知识库
Java知识库
JavaScript
Python
PHP知识库
人工智能
区块链
大数据
移动开发
嵌入式
开发工具
数据结构与算法
开发测试
游戏开发
网络协议
系统运维
教程: HTML教程 CSS教程 JavaScript教程 Go语言教程 JQuery教程 VUE教程 VUE3教程 Bootstrap教程 SQL数据库教程 C语言教程 C++教程 Java教程 Python教程 Python3教程 C#教程 数码: 电脑 笔记本 显卡 显示器 固态硬盘 硬盘 耳机 手机 iphone vivo oppo 小米 华为 单反 装机 图拉丁 |
-> 系统运维 -> 一文说清楚 Linux TCP 内核参数 -> 正文阅读 |
|
[系统运维]一文说清楚 Linux TCP 内核参数 |
Linux 运维中绕不开参数优化,尤其是 Naginx、Tomcat 这种 Web 应用中,需要调整很多 TCP 内核参数。不止 Web 应用,像TDengine、TiDB、MatrixDB 这些分布式数据库,同样需要调整 TCP 相关参数。 最常见的参数如下:
1.参数作用域以上参数的介绍不管是 man 还是 baidu 都很容易得到。但是参数间的相互关系,以及如何生效却少有人进行说明。 要理解参数的作用域与相互关系,需要先理解网络连接的基础概念。 以一个简单的 Web 访问为例【与参数无关的内容就不赘述了】: 1.网卡(interface)收到请求,将其转给系统接口(socket) 2.接口收到请求,开始 TCP 三次握手 作为发送syn的客户端,同样要控制syn的重试次数。由 b.接口受到ack 连接建立,接口状态为 ESTABLISHED 3.数据传输完成完成,开始 TCP 四次挥手,断开连接 客户端收到FIN后,返回ack,接口状态为 TIME_WAIT c.服务端收到客户端返回的ack后接口关闭,状态为CLOSED 4.接口将资源释放 以上整个过程,都受最大连接数限制,最大连接数由以下参数和文件控制: 对所有 TCP 连接,尝试发送的次数和间隔由以下两个参数控制: 对于 TCP 的长连接,超时时间由 2.参数简介以下是对上述参数的简单介绍(均来自kernel.org),以后会对每个参数详细解读,并说明在不同应用中的设置建议。 net.core.netdev_max_backlogMaximum number of packets, queued on the INPUT side, when the interface receives packets faster than kernel can process them. net.ipv4.tcp_max_syn_backlogMaximal number of remembered connection requests (SYN_RECV), which have not received an acknowledgment from connecting client. This is a per-listener limit. The minimal value is 128 for low memory machines, and it will increase in proportion to the memory of machine. If server suffers from overload, try increasing this number. Remember to also check /proc/sys/net/core/somaxconn A SYN_RECV request socket consumes about 304 bytes of memory. net.ipv4.tcp_syn_retriesNumber of times initial SYNs for an active TCP connection attempt will be retransmitted. Should not be higher than 127. Default value is 6, which corresponds to 63seconds till the last retransmission with the current initial RTO of 1second. With this the final timeout for an active TCP connection attempt will happen after 127seconds. net.ipv4.tcp_synack_retriesNumber of times SYNACKs for a passive TCP connection attempt will be retransmitted. Should not be higher than 255. Default value is 5, which corresponds to 31seconds till the last retransmission with the current initial RTO of 1second. With this the final timeout for a passive TCP connection will happen after 63seconds. net.core.somaxconnLimit of socket listen() backlog, known in userspace as SOMAXCONN. Defaults to 4096. (Was 128 before linux-5.4) See also tcp_max_syn_backlog for additional tuning for TCP sockets. net.ipv4.tcp_fin_timeoutThe length of time an orphaned (no longer referenced by any application) connection will remain in the FIN_WAIT_2 state before it is aborted at the local end. While a perfectly valid “receive only” state for an un-orphaned connection, an orphaned connection in FIN_WAIT_2 state could otherwise wait forever for the remote to close its end of the connection. Cf. tcp_max_orphans Default: 60 seconds net.ipv4.tcp_tw_reuseEnable reuse of TIME-WAIT sockets for new connections when it is safe from protocol viewpoint. 0 - disable 1 - global enable 2 - enable for loopback traffic only It should not be changed without advice/request of technical experts. Default: 2 net.ipv4.tcp_tw_recycleEnable fast recycling of TIME_WAIT sockets. Enabling this option is not recommended since this causes problems when working with NAT (Network Address Translation). The net.ipv4.tcp_tw_recycle has been removed from Linux?4.12 on 2017. net.ipv4.tcp_keepalive_timeHow often TCP sends out keepalive messages when keepalive is enabled. Default: 2hours. net.ipv4.tcp_max_tw_bucketsMaximal number of timewait sockets held by system simultaneously. If this number is exceeded time-wait socket is immediately destroyed and warning is printed. This limit exists only to prevent simple DoS attacks, you must not lower the limit artificially, but rather increase it (probably, after increasing installed memory), if network conditions require more than default value. net.ipv4.tcp_retries1This value influences the time, after which TCP decides, that something is wrong due to unacknowledged RTO retransmissions, and reports this suspicion to the network layer. See tcp_retries2 for more details. RFC 1122 recommends at least 3 retransmissions, which is the default. net.ipv4.tcp_retries2This value influences the timeout of an alive TCP connection, when RTO retransmissions remain unacknowledged. Given a value of N, a hypothetical TCP connection following exponential backoff with an initial RTO of TCP_RTO_MIN would retransmit N times before killing the connection at the (N+1)th RTO. The default value of 15 yields a hypothetical timeout of 924.6 seconds and is a lower bound for the effective timeout. TCP will effectively time out at the first RTO which exceeds the hypothetical timeout. RFC 1122 recommends at least 100 seconds for the timeout, which corresponds to a value of at least 8. |
|
|
上一篇文章 下一篇文章 查看所有文章 |
|
开发:
C++知识库
Java知识库
JavaScript
Python
PHP知识库
人工智能
区块链
大数据
移动开发
嵌入式
开发工具
数据结构与算法
开发测试
游戏开发
网络协议
系统运维
教程: HTML教程 CSS教程 JavaScript教程 Go语言教程 JQuery教程 VUE教程 VUE3教程 Bootstrap教程 SQL数据库教程 C语言教程 C++教程 Java教程 Python教程 Python3教程 C#教程 数码: 电脑 笔记本 显卡 显示器 固态硬盘 硬盘 耳机 手机 iphone vivo oppo 小米 华为 单反 装机 图拉丁 |
360图书馆 购物 三丰科技 阅读网 日历 万年历 2024年12日历 | -2024/12/29 9:17:28- |
|
网站联系: qq:121756557 email:121756557@qq.com IT数码 |
数据统计 |