[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Sysctl on the proxy servers

I'd like to discuss this at the meeting today, here are the optimizations as they stand for our proxy boxes. Its ticket #222:

# Kernel sysctl configuration file for Red Hat Linux
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 1

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Ensure connection tracking isn't limiting our connections

# Allow higher than default file descriptors

# How many pages to free at a time
vm.page-cluster = 7

# Try to always keep this amount free
vm.min_free_kbytes = 10000

# Allow system to be a swappier than normal when it needs to be for caching server
vm.swappiness = 60

# Security, protects against TIME WAIT attacks
net.ipv4.tcp_rfc1337 = 1

# Security, protects against SYN floods
net.ipv4.tcp_syncookies = 1

# Lower keep alive time on the edge proxies
net.ipv4.tcp_keepalive_time = 300

# Limit tcp orphans
#net.ipv4.tcp_max_orphans = 1000

# Give the network stack access to more memory for queueing
net.core.rmem_default = 262144
net.core.rmem_max = 262144

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]