系统参数:
[root@hk tmp]# uname -mx86_64[root@hk tmp]# cat /etc/redhat-release CentOS release 6.6 (Final)
优化参数:
[root@hk /]# tail -20 /etc/sysctl.conf net.ipv4.tcp_fin_timeout = 2net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_tw_recycle = 1net.ipv4.tcp_syncookies = 1net.ipv4.tcp_keepalive_time =600net.ipv4.ip_local_port_range = 4000 65000net.ipv4.tcp_max_syn_backlog = 16384net.ipv4.tcp_max_tw_buckets = 36000net.ipv4.route.gc_timeout = 100net.ipv4.tcp_syn_retries = 1net.ipv4.tcp_synack_retries = 1net.core.somaxconn = 16384net.core.netdev_max_backlog = 16384net.ipv4.tcp_max_orphans = 16384net.ipv4.ip_conntrack_max = 25000000net.ipv4.netfilter.ip_conntrack_max = 25000000net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120[root@hk /]# sysctl -p net.ipv4.ip_forward = 0net.ipv4.tcp_syncookies = 1error: permission denied on key 'net.bridge.bridge-nf-call-ip6tables'error: permission denied on key 'net.bridge.bridge-nf-call-iptables'error: permission denied on key 'net.bridge.bridge-nf-call-arptables'error: permission denied on key 'net.ipv4.tcp_fin_timeout'error: permission denied on key 'net.ipv4.tcp_tw_reuse'error: permission denied on key 'net.ipv4.tcp_tw_recycle'net.ipv4.tcp_syncookies = 1error: permission denied on key 'net.ipv4.tcp_keepalive_time'error: permission denied on key 'net.ipv4.ip_local_port_range'error: permission denied on key 'net.ipv4.tcp_max_syn_backlog'error: permission denied on key 'net.ipv4.tcp_max_tw_buckets'error: permission denied on key 'net.ipv4.route.gc_timeout'error: permission denied on key 'net.ipv4.tcp_syn_retries'error: permission denied on key 'net.ipv4.tcp_synack_retries'net.core.somaxconn = 16384error: permission denied on key 'net.core.netdev_max_backlog'error: permission denied on key 'net.ipv4.tcp_max_orphans'error: "net.ipv4.ip_conntrack_max" is an unknown keyerror: "net.ipv4.netfilter.ip_conntrack_max" is an unknown keyerror: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established" is an unknown keyerror: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait" is an unknown keyerror: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait" is an unknown keyerror: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait" is an unknown key
解决方法:咋就这样呢,很明显不对好嘛!!!
[root@hk /]# tail -2 /etc/rc.local modprobe nf_conntrackmodprobe bridge[root@hk /]# mv /sbin/modprobe /tmp/[root@hk /]# mv /sbin/sysctl /tmp/[root@hk /]# ln -s /bin/true /sbin/modprobe [root@hk /]# ln -s /bin/true /sbin/sysctl
粤公网安备44010602000283号
全部评论