从之前那篇【在CentOS 7上搭建与优化shadowsocks】里面摘出来的,CentOS 7的权限设置太烦人了……
shadowsocks服务器的TCP优化
编辑limits.conf
vi /etc/security/limits.conf
添加下面两行
* soft nofile 51200
* hard nofile 51200
保存退出
设置ulimit
ulimit -n 51200
查看可用的算法。是否有hybla,如果没有,将下文的hybla替换为cubic(反正我是没有…)
sysctl net.ipv4.tcp_available_congestion_control
把sysctl.conf备份到root目录
cp /etc/sysctl.conf /root/
修改sysctl.conf文件
vi /etc/sysctl.conf
将内容替换如下
fs.file-max = 51200
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 4096
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_congestion_control = hybla
保存退出
注意一下,如果不支持hybla算法的话记得将上面那句的hybla替换为你的VPS支持的算法
开启hybla算法(openVZ就别想了,乖乖把hybla替换掉吧)
/sbin/modprobe tcp_hybla
使其生效
sysctl -p