在使用国外服务器的时候,尤其是针对国内访问不佳的情况下,需要调整它的吞吐量和并发量的情况下来降低丢包率等问题,本文就针对Debian12系统下的一些优化,让其系统发挥最佳的效果。当然,如果是因为国际网络的问题丢包,那么只能自行挑选好的回国线路。我们这里只是针对服务器的TCP无法发挥最大效果的前提下进行的一系列调整和优化。主要针对的是自建CDN的WEB源站和节点的优化。如果你的WEB站使用了大厂的CDN而非自建的话,那么你的源站可以使用我们的节点配置优化来调整的。
源站sysctl文件的配置(针对于网站、图片等):
net.core.default_qdisc = fq net.ipv4.tcp_congestion_control = bbr net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.rmem_default = 524288 net.core.wmem_default = 524288 net.ipv4.tcp_rmem = 4096 131072 16777216 net.ipv4.tcp_wmem = 4096 16384 16777216 net.ipv4.tcp_mem = 1572864 2097152 4194304 net.ipv4.tcp_fastopen = 0 net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0 net.ipv4.tcp_low_latency = 1 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_autocorking = 1 net.core.somaxconn = 16384 net.core.netdev_max_backlog = 32768 net.ipv4.tcp_max_syn_backlog = 8192 net.core.optmem_max = 131072 net.core.dev_weight = 1024 net.core.dev_weight_tx_bias = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_tw_reuse = 0 net.ipv4.tcp_max_tw_buckets = 262144 net.ipv4.ip_local_port_range = 10000 65535 net.ipv4.tcp_max_orphans = 32768 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_syn_retries = 3 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_retries2 = 8 net.ipv4.tcp_orphan_retries = 2 net.ipv4.tcp_mtu_probing = 1 net.ipv4.tcp_base_mss = 1024 net.ipv4.tcp_mtu_probe_floor = 1280 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_fack = 0 net.ipv4.tcp_early_retrans = 1 net.ipv4.tcp_recovery = 1 net.ipv4.tcp_no_metrics_save = 0 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_notsent_lowat = 16384 net.ipv4.tcp_pacing_ss_ratio = 200 net.ipv4.tcp_pacing_ca_ratio = 120 net.ipv4.tcp_comp_sack_nr = 3 fs.file-max = 1048576 fs.nr_open = 1048576 fs.inotify.max_user_instances = 1024 fs.inotify.max_user_watches = 262144 fs.aio-max-nr = 65536 kernel.pid_max = 65536 kernel.threads-max = 65536 vm.max_map_count = 262144 vm.swappiness = 10 vm.dirty_ratio = 20 vm.dirty_background_ratio = 10 vm.vfs_cache_pressure = 100 vm.min_free_kbytes = 65536 vm.dirty_expire_centisecs = 3000 vm.dirty_writeback_centisecs = 500 net.ipv4.ip_forward = 1 kernel.printk = 4 4 1 7 net.ipv4.tcp_syncookies = 1 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_ratelimit = 100 net.ipv4.icmp_ratemask = 0 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.all.log_martians = 1 net.ipv4.conf.default.log_martians = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.all.secure_redirects = 0 net.ipv4.conf.default.secure_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 net.ipv6.conf.default.accept_redirects = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv6.conf.default.accept_source_route = 0 net.ipv6.conf.all.accept_ra = 0 net.ipv6.conf.default.accept_ra = 0 net.ipv4.tcp_rfc1337 = 1
自建CDN节点sysctl文件的配置(针对于高并发设计):
net.core.default_qdisc = fq net.ipv4.tcp_congestion_control = bbr net.core.rmem_max = 134217728 net.core.wmem_max = 134217728 net.core.rmem_default = 4194304 net.core.wmem_default = 4194304 net.ipv4.tcp_rmem = 4096 87380 134217728 net.ipv4.tcp_wmem = 4096 65536 134217728 net.ipv4.tcp_mem = 8388608 12582912 16777216 net.ipv4.tcp_fastopen = 3 net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0 net.ipv4.tcp_low_latency = 1 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_autocorking = 1 net.core.somaxconn = 16384 net.core.netdev_max_backlog = 32768 net.ipv4.tcp_max_syn_backlog = 8192 net.core.optmem_max = 131072 net.core.dev_weight = 1024 net.core.dev_weight_tx_bias = 1 net.ipv4.tcp_fin_timeout = 15 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_max_tw_buckets = 3000000 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.tcp_max_orphans = 1048576 net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp_keepalive_intvl = 15 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_syn_retries = 2 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_retries1 = 2 net.ipv4.tcp_retries2 = 5 net.ipv4.tcp_orphan_retries = 2 net.ipv4.tcp_mtu_probing = 1 net.ipv4.tcp_base_mss = 1024 net.ipv4.tcp_mtu_probe_floor = 1280 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_early_retrans = 1 net.ipv4.tcp_recovery = 1 net.ipv4.tcp_no_metrics_save = 1 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_notsent_lowat = 16384 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_pacing_ss_ratio = 200 net.ipv4.tcp_pacing_ca_ratio = 120 net.ipv4.tcp_comp_sack_nr = 3 fs.file-max = 4194304 fs.nr_open = 209715200 fs.inotify.max_user_instances = 1024 fs.inotify.max_user_watches = 262144 fs.aio-max-nr = 1048576 kernel.pid_max = 4194304 kernel.threads-max = 4194304 vm.max_map_count = 1048576 vm.swappiness = 5 vm.dirty_ratio = 40 vm.dirty_background_ratio = 10 vm.vfs_cache_pressure = 50 vm.min_free_kbytes = 1048576 vm.dirty_expire_centisecs = 3000 vm.dirty_writeback_centisecs = 500 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv4.ip_forward = 1 net.ipv6.conf.all.forwarding = 0 kernel.printk = 3 3 3 3 kernel.printk_ratelimit = 0 kernel.printk_ratelimit_burst = 0 net.ipv4.tcp_syncookies = 1 net.ipv4.icmp_echo_ignore_all = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_ratelimit = 0 net.ipv4.icmp_ratemask = 0 net.ipv4.conf.all.rp_filter = 2 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.all.secure_redirects = 0 net.ipv4.conf.default.secure_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 net.ipv6.conf.default.accept_redirects = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv6.conf.default.accept_source_route = 0 net.ipv6.conf.all.accept_ra = 0 net.ipv6.conf.default.accept_ra = 0 net.ipv4.tcp_rfc1337 = 1
自建CDN节点sysctl文件的配置(针对于NVME硬盘设计):
net.ipv4.tcp_congestion_control = bbr net.core.default_qdisc = fq net.core.rmem_max = 134217728 net.core.wmem_max = 134217728 net.core.rmem_default = 4194304 net.core.wmem_default = 4194304 net.ipv4.tcp_rmem = 4096 87380 134217728 net.ipv4.tcp_wmem = 4096 65536 134217728 net.ipv4.tcp_mem = 8388608 12582912 16777216 net.ipv4.tcp_fastopen = 1 net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0 net.ipv4.tcp_low_latency = 1 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_autocorking = 1 net.core.somaxconn = 16384 net.core.netdev_max_backlog = 32768 net.ipv4.tcp_max_syn_backlog = 8192 net.core.optmem_max = 131072 net.core.dev_weight = 1024 net.core.dev_weight_tx_bias = 1 net.ipv4.tcp_fin_timeout = 15 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_max_tw_buckets = 3000000 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.tcp_max_orphans = 1048576 net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp_keepalive_intvl = 15 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_syn_retries = 2 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_retries1 = 2 net.ipv4.tcp_retries2 = 5 net.ipv4.tcp_orphan_retries = 2 net.ipv4.tcp_mtu_probing = 1 net.ipv4.tcp_base_mss = 1024 net.ipv4.tcp_mtu_probe_floor = 1280 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_early_retrans = 1 net.ipv4.tcp_recovery = 1 net.ipv4.tcp_no_metrics_save = 1 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_notsent_lowat = 16384 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_pacing_ss_ratio = 200 net.ipv4.tcp_pacing_ca_ratio = 120 net.ipv4.tcp_comp_sack_nr = 3 fs.file-max = 4194304 fs.nr_open = 209715200 fs.inotify.max_user_instances = 1024 fs.inotify.max_user_watches = 262144 fs.aio-max-nr = 1048576 kernel.pid_max = 4194304 kernel.threads-max = 4194304 vm.max_map_count = 1048576 vm.swappiness = 5 vm.dirty_ratio = 5 vm.dirty_background_ratio = 2 vm.vfs_cache_pressure = 50 vm.min_free_kbytes = 1048576 vm.dirty_expire_centisecs = 1000 vm.dirty_writeback_centisecs = 500 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv4.ip_forward = 1 net.ipv6.conf.all.forwarding = 0 kernel.printk = 3 3 3 3 kernel.printk_ratelimit = 0 kernel.printk_ratelimit_burst = 0 net.ipv4.tcp_syncookies = 1 net.ipv4.icmp_echo_ignore_all = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_ratelimit = 0 net.ipv4.icmp_ratemask = 0 net.ipv4.conf.all.rp_filter = 2 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.all.secure_redirects = 0 net.ipv4.conf.default.secure_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 net.ipv6.conf.default.accept_redirects = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv6.conf.default.accept_source_route = 0 net.ipv6.conf.all.accept_ra = 0 net.ipv6.conf.default.accept_ra = 0 net.ipv4.tcp_rfc1337 = 1