一篇微调linux内核设置的好文

请勿在未经授权的情况下上传任何涉及著作权侵权的文档,除非文档完全由您个人创作 "版权提示"页面可帮助您确定您的文档是否侵犯了他人的版权 点击上传文档即表示您确认该文档不违反文档分享的使用条款,并且您拥有该文档的所有版权或者上传文档的授权

# Linux kernel tweaking for performance and security on a busy Linux
# server with a decent amount of memory.
#
# This file should be saved as /etc/sysctl.conf
# You can source it manually if your system has booted by using:
# sysctl -e -p /etc/sysctl.conf
#
# Paul Day, paul (at) bur.st
#
# Last updated 02/03/05 and tested on 2.6.9
#

# Increase RPC slots
sunrpc.tcp_slot_table_entries = 32
sunrpc.udp_slot_table_entries = 32
# Increase size of RPC datagram queue length
net.unix.max_dgram_qlen = 50
# Log spoofed, source routed and redirects
net.ipv4.conf.default.log_martians = 1
# Don't accept source routes
net.ipv4.conf.default.accept_source_route = 0
# Don't send redirects
net.ipv4.conf.default.send_redirects = 0
# Source route verification on - incoming packets must match outgoing routing
net.ipv4.conf.default.rp_filter = 1
# Don't accept redirects
net.ipv4.conf.default.accept_redirects = 0
# Don't forward source routes
net.ipv4.conf.default.mc_forwarding = 0
# Disable forwarding
net.ipv4.conf.default.forwarding = 0
# Log spoofed, source routed and redirects
net.ipv4.conf.all.log_martians = 1
# Don't relay bootp
net.ipv4.conf.all.bootp_relay = 0
# Don't proxy arp for anyone
net.ipv4.conf.all.proxy_arp = 0
# Don't accept source route packets
net.ipv4.conf.all.accept_source_route = 0
# Don't send redirects
net.ipv4.conf.all.send_redirects = 0
# Source route verification on - incoming packets must match outgoing routing
net.ipv4.conf.all.rp_filter = 1
# Don't accept redirects
net.ipv4.conf.all.accept_redirects = 0
# Don't forward source routes
net.ipv4.conf.all.mc_forwarding = 0
# Don't enable forwarding
net.ipv4.conf.all.forwarding = 0
# Don't allow the arp table to become bigger than this
net.ipv4.neigh.default.gc_thresh3 = 2048
# Tell the gc when to become aggressive with arp table cleaning.
# Adjust this based on size of the LAN. 256 is suitable for most
net.ipv4.neigh.default.gc_thresh2 = 1024
# Adjust where the gc will leave arp table alone - set to 32.
net.ipv4.neigh.default.gc_thresh1 = 32
# Adjust to arp table gc to clean-up more often
net.ipv4.neigh.default.gc_interval = 30
# Increase TCP
net.ipv4.neigh.default.proxy_qlen = 96
net.ipv4.neigh.default.unres_qlen = 6
# Increase size of socket buffers
net.ipv4.tcp_rmem = 4096 98304 349520
net.ipv4.tcp_wmem = 4096 65535 262142
net.ipv4.tcp_mem = 98304 262142 393216
# Turn off sack
net.ipv4.tcp_dsack = 0
# Don't use ECN because too many sites have wacky routers that can't handle it`
net.ipv4.tcp_ecn = 0
net.ipv4.tcp_reordering = 3
# Turn off sack/fack
net.ipv4.tcp_fack = 0
# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1
# Ignore broadcasts pings, could become part of a Smurf
net.ipv4.icmp_echo_ignore_


broadcasts = 1
# But don't ignore directed pings
net.ipv4.icmp_echo_ignore_all = 0
# Widen local port range
net.ipv4.ip_local_port_range = 3

Word文档免费下载Word文档免费下载:一篇微调linux内核设置的好文 (共2页,当前第1页)

一篇微调linux内核设置的好文相关文档

最新文档

返回顶部