35 lines
1.5 KiB
Text
35 lines
1.5 KiB
Text
# Increase the maximum connections
|
|
# The upper limit on how many connections the kernel will accept (default 4096 since kernel version 5.6):
|
|
net.core.somaxconn = 8192
|
|
|
|
# Enable TCP Fast Open
|
|
# TCP Fast Open is an extension to the transmission control protocol (TCP) that helps reduce network latency
|
|
# by enabling data to be exchanged during the sender’s initial TCP SYN [3].
|
|
# Using the value 3 instead of the default 1 allows TCP Fast Open for both incoming and outgoing connections:
|
|
net.ipv4.tcp_fastopen = 3
|
|
|
|
# Enable BBR3
|
|
# The BBR3 congestion control algorithm can help achieve higher bandwidths and lower latencies for internet traffic
|
|
net.ipv4.tcp_congestion_control = bbr
|
|
|
|
# TCP SYN cookie protection
|
|
# Helps protect against SYN flood attacks. Only kicks in when net.ipv4.tcp_max_syn_backlog is reached:
|
|
net.ipv4.tcp_syncookies = 1
|
|
|
|
# TCP Enable ECN Negotiation by default
|
|
net.ipv4.tcp_ecn = 1
|
|
|
|
# TCP Reduce performance spikes
|
|
# Refer https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
|
|
net.ipv4.tcp_timestamps = 0
|
|
|
|
# Increase netdev receive queue
|
|
# May help prevent losing packets
|
|
net.core.netdev_max_backlog = 16384
|
|
|
|
# Disable TCP slow start after idle
|
|
# Helps kill persistent single connection performance
|
|
net.ipv4.tcp_slow_start_after_idle = 0
|
|
|
|
# Protect against tcp time-wait assassination hazards, drop RST packets for sockets in the time-wait state. Not widely supported outside of Linux, but conforms to RFC:
|
|
net.ipv4.tcp_rfc1337 = 1
|