# sysctl settings are defined through files in # /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/. # # Vendors settings live in /usr/lib/sysctl.d/. # To override a whole file, create a new file with the same in # /etc/sysctl.d/ and put new settings there. To override # only specific settings, add a file with a lexically later # name in /etc/sysctl.d/ and put new settings there. # # For more information, see sysctl.conf(5) and sysctl.d(5). fs.file-max = 1056768 fs.suid_dumpable = 1 kernel.sysrq = 1 kernel.randomize_va_space = 2 kernel.msgmnb = 65536 kernel.msgmax = 65536 net.core.rmem_default = 524288 net.core.rmem_max = 16777216 net.core.wmem_default = 524288 net.core.wmem_max = 16777216 net.core.optmem_max = 524288 # (The Adapter Queue) The netdev_max_backlog is a queue within the Linux kernel where traffic is stored after reception from the NIC, but before processing by the protocol stacks (IP, TCP, etc) net.core.netdev_max_backlog = 300000 net.core.netdev_budget = 600 net.core.somaxconn = 1056768 #TCP Timestamps also provide Protection Against Wrapped Sequence Numbers as the TCP header defines a Sequence Number as a 32-bit field. net.ipv4.tcp_timestamps = 1 net.ipv4.tcp_tw_reuse=1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_mem = 1048576 2097152 25165824 net.ipv4.tcp_wmem = 524288 1048576 12582912 net.ipv4.tcp_rmem = 524288 1048576 12582912 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp_keepalive_probes = 5 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_syncookies = 0 net.ipv4.tcp_max_syn_backlog = 524288 net.ipv4.tcp_syn_retries = 2 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.tcp_fin_timeout = 15 net.ipv4.ip_forward = 1 net.ipv4.ip_local_port_range=10000 65535 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.all.log_martians = 1 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.tcp_slow_start_after_idle = 0