Sysctl file optimized for more transfer speed


#Kernel sysctl configuration file for Red Hat Linux
 #
 # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
 # sysctl.conf(5) for more details.

 # Disables packet forwarding
 net.ipv4.ip_forward=0

 # Disables IP source routing
 net.ipv4.conf.all.accept_source_route = 0
 net.ipv4.conf.lo.accept_source_route = 0
 net.ipv4.conf.eth0.accept_source_route = 0
 net.ipv4.conf.default.accept_source_route = 0

 # Enable IP spoofing protection, turn on source route verification
 net.ipv4.conf.all.rp_filter = 1
 net.ipv4.conf.lo.rp_filter = 1
 net.ipv4.conf.eth0.rp_filter = 1
 net.ipv4.conf.default.rp_filter = 1

 # Disable ICMP Redirect Acceptance
 net.ipv4.conf.all.accept_redirects = 0
 net.ipv4.conf.lo.accept_redirects = 0
 net.ipv4.conf.eth0.accept_redirects = 0
 net.ipv4.conf.default.accept_redirects = 0

 # Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
 net.ipv4.conf.all.log_martians = 0
 net.ipv4.conf.lo.log_martians = 0
 net.ipv4.conf.eth0.log_martians = 0

# Disables IP source routing
 net.ipv4.conf.all.accept_source_route = 0
 net.ipv4.conf.lo.accept_source_route = 0
 net.ipv4.conf.eth0.accept_source_route = 0
 net.ipv4.conf.default.accept_source_route = 0

 # Enable IP spoofing protection, turn on source route verification
 net.ipv4.conf.all.rp_filter = 1
 net.ipv4.conf.lo.rp_filter = 1
 net.ipv4.conf.eth0.rp_filter = 1
 net.ipv4.conf.default.rp_filter = 1

 # Disable ICMP Redirect Acceptance
 net.ipv4.conf.all.accept_redirects = 0
 net.ipv4.conf.lo.accept_redirects = 0
 net.ipv4.conf.eth0.accept_redirects = 0
 net.ipv4.conf.default.accept_redirects = 0

 # Disables the magic-sysrq key
 kernel.sysrq = 0

 # Decrease the time default value for tcp_fin_timeout connection
 net.ipv4.tcp_fin_timeout = 15

 # Decrease the time default value for tcp_keepalive_time connection
 net.ipv4.tcp_keepalive_time = 1800

 # Turn off the tcp_window_scaling

 # Turn off the tcp_sack
net.ipv4.tcp_sack = 0

 # Turn off the tcp_timestamps

 # Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

 # Enable ignoring broadcasts request
 net.ipv4.icmp_echo_ignore_broadcasts = 1

 # Enable bad error message Protection
 net.ipv4.icmp_ignore_bogus_error_responses = 1

 # Log Spoofed Packets, Source Routed Packets, Redirect Packets
 net.ipv4.conf.all.log_martians = 1

 # Increases the size of the socket queue (effectively, q0).
 net.ipv4.tcp_max_syn_backlog = 1024

 # Increase the tcp-time-wait buckets pool size
 net.ipv4.tcp_max_tw_buckets = 1440000

 # Allowed local port range
 net.ipv4.ip_local_port_range = 16384 65536
 net.core.wmem_max=12582912
 net.core.rmem_max=12582912
 net.ipv4.tcp_rmem= 10240 87380 12582912
 net.ipv4.tcp_wmem= 10240 87380 12582912
 net.ipv4.tcp_window_scaling = 1
 net.ipv4.tcp_timestamps = 1
 net.ipv4.tcp_sack = 1
 net.ipv4.tcp_no_metrics_save = 1
net.core.netdev_max_backlog = 5000



 # Set the number of pages to be used.
 # Each page is normally 2MB, so a value of 40 = 80MB.

 # Increase the amount of shmem allowed per segment
 # This depends upon your memory, remember your
 kernel.shmmax = 4294967295
 kernel.shmall = 268435456




# Increase the maximum total TCP buffer-space allocatable
net.ipv4.tcp_mem = 57344 57344 65536

# Increase the maximum TCP write-buffer-space allocatable
net.ipv4.tcp_wmem = 32768 65536 524288

# Increase the maximum TCP read-buffer space allocatable
net.ipv4.tcp_rmem = 98304 196608 1572864

# Increase the maximum and default receive socket buffer size
net.core.rmem_max = 524280
net.core.rmem_default = 524280

# Increase the maximum and default send socket buffer size
net.core.wmem_max = 524280
net.core.wmem_default = 524280

# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000

# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536

Comments

Post a Comment

Popular posts from this blog

Using a Linux server to route packets between two private networks

Image
Reference: http://www.tecmint.com/setup-linux-as-router/ We want to route icmp (ping) packets from dev2 to dev4 and the other way around as well (note that both client machines are on different networks). The name of each NIC, along with its corresponding IPv4 address, is given inside square brackets. Our test environment is as follows: Client 1 : CentOS 7 [enp0s3: 192.168.0.17/24] - dev1 Router : Debian Wheezy 7.7 [eth0: 192.168.0.15/24, eth1: 10.0.0.15/24] - dev2 Client 2 : openSUSE 13.2 [enp0s3: 10.0.0.18/24] - dev4 Let’s view the routing table in dev1 (CentOS box): # ip route show and then modify it in order to use its enp0s3 NIC and the connection to 192.168.0.15 to access hosts in the 10.0.0.0/24 network: # ip route add 10.0.0.0/24 via 192.168.0.15 dev enp0s3 Which essentially reads, “Add a route to the 10.0.0.0/24 network through the enp0s3 network interface using 192.168.0.15 as gateway”. Route Network in Linux Likewise in dev4 (openSUSE box) to ping h
Read more

PHP Fatal error: Class 'JFactory' not found

I have faced this issue in Joomla site and searched the forums but none of the forums including joomla did not give solution for me. They simply suggest to check joomla version, php version compatibility and php extensions. Finally I have fixed the issue. Issue:- ---------  [26-Sep-2014 18:11:29 Europe/Berlin] PHP Fatal error: Class 'JFactory' not found in /home/test/public_html/index.php on line 31 Cause & Solution:- ----------------------- In my case, it seems file which gives the class JFactory was missed. /home/test/public_html/libraries/joomla/factory.php --->Core file for Joomla. Simply restore that file under proper path to fix the issue.
Read more

KVM & Qemu

QEMU is a powerful emulator, which means that it can emulate a variety of processor types. Xen uses QEMU for HVM guests, more specifically for the HVM guest's device model. The Xen-specific QEMU is called qemu-dm (short for QEMU device model) QEMU uses emulation; KVM uses processor extensions (intel-VT) for virtualization. Both Xen and KVM merge their various functionality to upstream QEMU, that way upstream QEMU can be used directly to accomplish Xen device model emulation, etc. Xen is unique in that it has paravirtualized guests that don't require hardware virtualization. Both Xen and KVM have paravirtualized device drivers that can run on top of the HVM guests. The QEMU hypervisor is very similar to the KVM hypervisor. Both are controlled through libvirt, both support the same feature set, and all virtual machine images that are compatible with KVM are also compatible with QEMU. The main difference is that QEMU does not support native virtualization. Consequently, QEMU has
Read more