tangye1234
commented
7 years ago 这个问题,应该是linux的一些tcp的配置,使用shadowsocks的优化配置,似乎可以解决一部分问题,剩下的就是负载了。
Closed tangye1234 closed 7 years ago
tangye1234
commented
7 years ago 这个问题,应该是linux的一些tcp的配置,使用shadowsocks的优化配置,似乎可以解决一部分问题,剩下的就是负载了。
xjdrew
commented
7 years ago 把配置贴一下,看看是哪些参数。
tangye1234
commented
7 years ago # forward ip packet
net.ipv4.ip_forward=1
# max open files
fs.file-max = 51200
# max read buffer
net.core.rmem_max = 67108864
# max write buffer
net.core.wmem_max = 67108864
# default read buffer
net.core.rmem_default = 65536
# default write buffer
net.core.wmem_default = 65536
# max processor input queue
net.core.netdev_max_backlog = 4096
# max backlog
net.core.somaxconn = 4096
# resist SYN flood attacks
net.ipv4.tcp_syncookies = 1
# reuse timewait sockets when safe
net.ipv4.tcp_tw_reuse = 1
# turn off fast timewait sockets recycling
net.ipv4.tcp_tw_recycle = 0
# short FIN timeout
net.ipv4.tcp_fin_timeout = 30
# short keepalive time
net.ipv4.tcp_keepalive_time = 1200
# outbound port range
net.ipv4.ip_local_port_range = 10000 65000
# max SYN backlog
net.ipv4.tcp_max_syn_backlog = 4096
# max timewait sockets held by system simultaneously
net.ipv4.tcp_max_tw_buckets = 5000
# turn on TCP Fast Open on both client and server side
net.ipv4.tcp_fastopen = 3
# TCP receive buffer
net.ipv4.tcp_rmem = 4096 87380 67108864
# TCP write buffer
net.ipv4.tcp_wmem = 4096 65536 67108864
# turn on path MTU discovery
net.ipv4.tcp_mtu_probing = 1同时ulimit -n 51200
目前为止,kone的dns效率不错,而且路由瓶颈也能解决,但是,kone作为一个超大的socks5代理服务器,感觉,针对那么包进行封包、解包的性能受到限制了。