Amazon LinuxとCentOS6.3のカーネルパラメータメモ
Amazon LinuxはCentOSをベースとしてAWSで改造したAMIということなので、カーネルパラメータで違いがあるのか調べてみたのでメモ。
- kernel
--- centos.txt 2014-01-03 13:14:00.000000000 +0900 +++ amazonlinux.txt 2014-01-03 13:14:37.000000000 +0900 @@ -1,662 +1,672 @@ -kernel.sched_child_runs_first = 0 -kernel.sched_min_granularity_ns = 1000000 -kernel.sched_latency_ns = 5000000 -kernel.sched_wakeup_granularity_ns = 1000000 -kernel.sched_tunable_scaling = 1 -kernel.sched_features = 3183 -kernel.sched_migration_cost = 500000 -kernel.sched_nr_migrate = 32 -kernel.sched_time_avg = 1000 -kernel.sched_shares_window = 10000000 -kernel.timer_migration = 1 -kernel.sched_rt_period_us = 1000000 -kernel.sched_rt_runtime_us = 950000 -kernel.sched_compat_yield = 0 -kernel.sched_autogroup_enabled = 0 -kernel.sched_cfs_bandwidth_slice_us = 5000 -kernel.panic = 0 -kernel.exec-shield = 1 -kernel.core_uses_pid = 1 +kernel.acct = 4 2 30 +kernel.acpi_video_flags = 0 +kernel.auto_msgmni = 1 +kernel.blk_iopoll = 1 +kernel.bootloader_type = 144 +kernel.bootloader_version = 0 +kernel.cad_pid = 1 +kernel.cap_last_cap = 35 +kernel.compat-log = 1 kernel.core_pattern = core kernel.core_pipe_limit = 0 -kernel.tainted = 0 -kernel.real-root-dev = 0 -kernel.print-fatal-signals = 0 +kernel.core_uses_pid = 1 kernel.ctrl-alt-del = 0 -kernel.ftrace_enabled = 1 -kernel.stack_tracer_enabled = 0 +kernel.dmesg_restrict = 0 +kernel.domainname = (none) kernel.ftrace_dump_on_oops = 0 +kernel.ftrace_enabled = 1 +kernel.hostname = tp-store.gu3.jp +kernel.hotplug = +kernel.hung_task_check_count = 4194304 +kernel.hung_task_panic = 0 +kernel.hung_task_timeout_secs = 120 +kernel.hung_task_warnings = 10 +kernel.io_delay_type = 0 +kernel.keys.gc_delay = 300 +kernel.keys.maxbytes = 20000 +kernel.keys.maxkeys = 200 +kernel.keys.root_maxbytes = 20000 +kernel.keys.root_maxkeys = 200 +kernel.kptr_restrict = 0 +kernel.kstack_depth_to_print = 12 +kernel.latencytop = 0 +kernel.max_lock_depth = 1024 kernel.modprobe = /sbin/modprobe kernel.modules_disabled = 0 -kernel.kexec_load_disabled = 0 -kernel.hotplug = -kernel.acct = 4 2 30 -kernel.sysrq = 0 -kernel.cad_pid = 1 -kernel.threads-max = 26168 -kernel.random.poolsize = 4096 -kernel.random.entropy_avail = 134 -kernel.random.read_wakeup_threshold = 64 -kernel.random.write_wakeup_threshold = 128 -kernel.random.boot_id = 305b5dca-900c-424b-b71a-9fca6fc4bf73 -kernel.random.uuid = d726081b-c648-4005-89ea-3d4e6ebef3a2 -kernel.usermodehelper.bset = 4294967295 4294967295 -kernel.usermodehelper.inheritable = 4294967295 4294967295 -kernel.overflowuid = 65534 +kernel.msgmax = 65536 +kernel.msgmnb = 65536 +kernel.msgmni = 14906 +kernel.ngroups_max = 65536 +kernel.ns_last_pid = 26622 +kernel.osrelease = 3.4.68-59.97.amzn1.x86_64 +kernel.ostype = Linux kernel.overflowgid = 65534 +kernel.overflowuid = 65534 +kernel.panic = 0 +kernel.panic_on_io_nmi = 0 +kernel.panic_on_oops = 0 +kernel.panic_on_stackoverflow = 0 +kernel.panic_on_unrecovered_nmi = 0 +kernel.perf_event_max_sample_rate = 100000 +kernel.perf_event_mlock_kb = 516 +kernel.perf_event_paranoid = 1 kernel.pid_max = 32768 -kernel.panic_on_oops = 1 -kernel.printk = 7 4 1 7 +kernel.poweroff_cmd = /sbin/poweroff +kernel.print-fatal-signals = 0 +kernel.printk = 8 4 1 7 +kernel.printk_delay = 0 kernel.printk_ratelimit = 5 kernel.printk_ratelimit_burst = 10 -kernel.printk_delay = 0 -kernel.dmesg_restrict = 0 -kernel.kptr_restrict = 1 -kernel.ngroups_max = 65536 -kernel.watchdog = 1 -kernel.watchdog_thresh = 60 -kernel.softlockup_panic = 0 -kernel.nmi_watchdog = 1 -kernel.unknown_nmi_panic = 0 -kernel.panic_on_unrecovered_nmi = 0 -kernel.panic_on_io_nmi = 0 -kernel.bootloader_type = 144 -kernel.bootloader_version = 0 -kernel.kstack_depth_to_print = 12 -kernel.io_delay_type = 0 +kernel.pty.max = 4096 +kernel.pty.nr = 1 +kernel.pty.reserve = 1024 +kernel.random.boot_id = f57263af-5474-411a-b0a8-4099d23bccf5 +kernel.random.entropy_avail = 158 +kernel.random.poolsize = 4096 +kernel.random.read_wakeup_threshold = 64 +kernel.random.uuid = daac8771-a28d-4d07-a33c-4dbe1cfe5ea1 +kernel.random.write_wakeup_threshold = 128 kernel.randomize_va_space = 2 -kernel.acpi_video_flags = 0 -kernel.hung_task_panic = 0 -kernel.hung_task_check_count = 4194304 -kernel.hung_task_timeout_secs = 120 -kernel.hung_task_warnings = 0 -kernel.compat-log = 1 -kernel.max_lock_depth = 1024 -kernel.poweroff_cmd = /sbin/poweroff -kernel.keys.maxkeys = 200 -kernel.keys.maxbytes = 20000 -kernel.keys.root_maxkeys = 200 -kernel.keys.root_maxbytes = 20000 -kernel.keys.gc_delay = 300 -kernel.slow-work.min-threads = 2 -kernel.slow-work.max-threads = 4 -kernel.slow-work.vslow-percentage = 50 -kernel.perf_event_paranoid = 1 -kernel.perf_event_mlock_kb = 516 -kernel.perf_event_max_sample_rate = 100000 -kernel.blk_iopoll = 1 -kernel.vsyscall64 = 1 -kernel.ostype = Linux -kernel.osrelease = 2.6.32-279.el6.x86_64 -kernel.version = #1 SMP Fri Jun 22 12:19:21 UTC 2012 -kernel.hostname = ghe-backup.gu3.jp -kernel.domainname = (none) -kernel.shmmax = 68719476736 +kernel.real-root-dev = 0 +kernel.sched_cfs_bandwidth_slice_us = 5000 +kernel.sched_child_runs_first = 0 +kernel.sched_domain.cpu0.domain0.busy_factor = 64 +kernel.sched_domain.cpu0.domain0.busy_idx = 0 +kernel.sched_domain.cpu0.domain0.cache_nice_tries = 0 +kernel.sched_domain.cpu0.domain0.flags = 687 +kernel.sched_domain.cpu0.domain0.forkexec_idx = 0 +kernel.sched_domain.cpu0.domain0.idle_idx = 0 +kernel.sched_domain.cpu0.domain0.imbalance_pct = 110 +kernel.sched_domain.cpu0.domain0.max_interval = 2 +kernel.sched_domain.cpu0.domain0.min_interval = 1 +kernel.sched_domain.cpu0.domain0.name = SIBLING +kernel.sched_domain.cpu0.domain0.newidle_idx = 0 +kernel.sched_domain.cpu0.domain0.wake_idx = 0 +kernel.sched_domain.cpu1.domain0.busy_factor = 64 +kernel.sched_domain.cpu1.domain0.busy_idx = 0 +kernel.sched_domain.cpu1.domain0.cache_nice_tries = 0 +kernel.sched_domain.cpu1.domain0.flags = 687 +kernel.sched_domain.cpu1.domain0.forkexec_idx = 0 +kernel.sched_domain.cpu1.domain0.idle_idx = 0 +kernel.sched_domain.cpu1.domain0.imbalance_pct = 110 +kernel.sched_domain.cpu1.domain0.max_interval = 2 +kernel.sched_domain.cpu1.domain0.min_interval = 1 +kernel.sched_domain.cpu1.domain0.name = SIBLING +kernel.sched_domain.cpu1.domain0.newidle_idx = 0 +kernel.sched_domain.cpu1.domain0.wake_idx = 0 +kernel.sched_domain.cpu2.domain0.busy_factor = 64 +kernel.sched_domain.cpu2.domain0.busy_idx = 0 +kernel.sched_domain.cpu2.domain0.cache_nice_tries = 0 +kernel.sched_domain.cpu2.domain0.flags = 687 +kernel.sched_domain.cpu2.domain0.forkexec_idx = 0 +kernel.sched_domain.cpu2.domain0.idle_idx = 0 +kernel.sched_domain.cpu2.domain0.imbalance_pct = 110 +kernel.sched_domain.cpu2.domain0.max_interval = 2 +kernel.sched_domain.cpu2.domain0.min_interval = 1 +kernel.sched_domain.cpu2.domain0.name = SIBLING +kernel.sched_domain.cpu2.domain0.newidle_idx = 0 +kernel.sched_domain.cpu2.domain0.wake_idx = 0 +kernel.sched_domain.cpu3.domain0.busy_factor = 64 +kernel.sched_domain.cpu3.domain0.busy_idx = 0 +kernel.sched_domain.cpu3.domain0.cache_nice_tries = 0 +kernel.sched_domain.cpu3.domain0.flags = 687 +kernel.sched_domain.cpu3.domain0.forkexec_idx = 0 +kernel.sched_domain.cpu3.domain0.idle_idx = 0 +kernel.sched_domain.cpu3.domain0.imbalance_pct = 110 +kernel.sched_domain.cpu3.domain0.max_interval = 2 +kernel.sched_domain.cpu3.domain0.min_interval = 1 +kernel.sched_domain.cpu3.domain0.name = SIBLING +kernel.sched_domain.cpu3.domain0.newidle_idx = 0 +kernel.sched_domain.cpu3.domain0.wake_idx = 0 +kernel.sched_latency_ns = 18000000 +kernel.sched_migration_cost = 500000 +kernel.sched_min_granularity_ns = 2250000 +kernel.sched_nr_migrate = 32 +kernel.sched_rt_period_us = 1000000 +kernel.sched_rt_runtime_us = 950000 +kernel.sched_shares_window = 10000000 +kernel.sched_time_avg = 1000 +kernel.sched_tunable_scaling = 1 +kernel.sched_wakeup_granularity_ns = 3000000 +kernel.sem = 250 32000 32 128 +kernel.shm_rmid_forced = 0 kernel.shmall = 4294967296 +kernel.shmmax = 68719476736 kernel.shmmni = 4096 -kernel.shm_rmid_forced = 0 -kernel.msgmax = 65536 -kernel.msgmni = 3303 -kernel.msgmnb = 65536 -kernel.sem = 250 32000 32 128 -kernel.auto_msgmni = 1 -kernel.pty.max = 4096 -kernel.pty.nr = 226 +kernel.sysrq = 0 +kernel.tainted = 0 +kernel.threads-max = 118895 +kernel.timer_migration = 1 +kernel.unknown_nmi_panic = 0 +kernel.usermodehelper.bset = 4294967295 4294967295 +kernel.usermodehelper.inheritable = 4294967295 4294967295 +kernel.version = #1 SMP Tue Nov 5 07:40:09 UTC 2013
- fs
+fs.aio-max-nr = 65536 +fs.aio-nr = 0 +fs.binfmt_misc.status = enabled +fs.dentry-state = 274017 268087 45 0 0 0 +fs.dir-notify-enable = 1 +fs.epoll.max_user_watches = 1558384 +fs.file-max = 760892 +fs.file-nr = 352 0 760892 +fs.inode-nr = 165082 3086 +fs.inode-state = 165082 3086 0 0 0 0 0 +fs.inotify.max_queued_events = 16384 +fs.inotify.max_user_instances = 128 +fs.inotify.max_user_watches = 8192 +fs.lease-break-time = 45 +fs.leases-enable = 1 +fs.mqueue.msg_max = 10 +fs.mqueue.msgsize_max = 8192 +fs.mqueue.queues_max = 256 +fs.nr_open = 1048576 +fs.overflowgid = 65534 +fs.overflowuid = 65534 +fs.pipe-max-size = 1048576 +fs.quota.allocated_dquots = 0 +fs.quota.cache_hits = 0 +fs.quota.drops = 0 +fs.quota.free_dquots = 0 +fs.quota.lookups = 0 +fs.quota.reads = 0 +fs.quota.syncs = 2 +fs.quota.writes = 0 +fs.suid_dumpable = 0 -fs.inode-nr = 23837 7421 -fs.inode-state = 23837 7421 0 0 0 0 0 -fs.file-nr = 448 0 164720 -fs.file-max = 164720 -fs.nr_open = 1048576 -fs.dentry-state = 17408 12437 45 0 0 0 -fs.overflowuid = 65534 -fs.overflowgid = 65534 -fs.leases-enable = 1 -fs.dir-notify-enable = 1 -fs.lease-break-time = 45 -fs.aio-nr = 0 -fs.aio-max-nr = 65536 -fs.inotify.max_user_instances = 128 -fs.inotify.max_user_watches = 8192 -fs.inotify.max_queued_events = 16384 -fs.epoll.max_user_watches = 342999 -fs.suid_dumpable = 0 -fs.binfmt_misc.status = enabled -fs.quota.lookups = 0 -fs.quota.drops = 0 -fs.quota.reads = 0 -fs.quota.writes = 0 -fs.quota.cache_hits = 0 -fs.quota.allocated_dquots = 0 -fs.quota.free_dquots = 0 -fs.quota.syncs = 4 -fs.quota.warnings = 1 -fs.mqueue.queues_max = 256 -fs.mqueue.msg_max = 10 -fs.mqueue.msgsize_max = 8192 -fs.mqueue.msg_default = 10 -fs.mqueue.msgsize_default = 8192
-vm.overcommit_memory = 0 -vm.panic_on_oom = 0 -vm.oom_kill_allocating_task = 0 -vm.extfrag_threshold = 500 -vm.oom_dump_tasks = 1 -vm.would_have_oomkilled = 0 -vm.overcommit_ratio = 50 -vm.page-cluster = 3 -vm.dirty_background_ratio = 10 -vm.dirty_background_bytes = 0 -vm.dirty_ratio = 20 -vm.dirty_bytes = 0 -vm.dirty_writeback_centisecs = 500 -vm.dirty_expire_centisecs = 3000 -vm.nr_pdflush_threads = 0 -vm.swappiness = 60 -vm.nr_hugepages = 0 -vm.nr_hugepages_mempolicy = 0 -vm.hugetlb_shm_group = 0 -vm.hugepages_treat_as_movable = 0 -vm.nr_overcommit_hugepages = 0 -vm.lowmem_reserve_ratio = 256 256 32 -vm.drop_caches = 0 -vm.min_free_kbytes = 5235 -vm.extra_free_kbytes = 0 -vm.percpu_pagelist_fraction = 0 -vm.max_map_count = 65530 -vm.laptop_mode = 0 -vm.block_dump = 0 -vm.vfs_cache_pressure = 100 -vm.legacy_va_layout = 0 -vm.zone_reclaim_mode = 0 -vm.min_unmapped_ratio = 1 -vm.min_slab_ratio = 5 -vm.stat_interval = 1 -vm.mmap_min_addr = 4096 -vm.numa_zonelist_order = default -vm.scan_unevictable_pages = 0 -vm.memory_failure_early_kill = 0 -vm.memory_failure_recovery = 1 +vm.block_dump = 0 +vm.dirty_background_bytes = 0 +vm.dirty_background_ratio = 10 +vm.dirty_bytes = 0 +vm.dirty_expire_centisecs = 3000 +vm.dirty_ratio = 20 +vm.dirty_writeback_centisecs = 500 +vm.drop_caches = 0 +vm.extfrag_threshold = 500 +vm.hugepages_treat_as_movable = 0 +vm.hugetlb_shm_group = 0 +vm.laptop_mode = 0 +vm.legacy_va_layout = 0 +vm.lowmem_reserve_ratio = 256 256 32 +vm.max_map_count = 65530 +vm.min_free_kbytes = 11129 +vm.min_slab_ratio = 5 +vm.min_unmapped_ratio = 1 +vm.mmap_min_addr = 4096 +vm.nr_hugepages = 0 +vm.nr_hugepages_mempolicy = 0 +vm.nr_overcommit_hugepages = 0 +vm.nr_pdflush_threads = 0 +vm.numa_zonelist_order = default +vm.oom_dump_tasks = 1 +vm.oom_kill_allocating_task = 0 +vm.overcommit_memory = 0 +vm.overcommit_ratio = 50 +vm.page-cluster = 3 +vm.panic_on_oom = 0 +vm.percpu_pagelist_fraction = 0 +vm.scan_unevictable_pages = 0 +vm.stat_interval = 1 +vm.swappiness = 60 +vm.vfs_cache_pressure = 100 +vm.zone_reclaim_mode = 0
- net
-net.netfilter.nf_log.0 = NONE -net.netfilter.nf_log.1 = NONE -net.netfilter.nf_log.2 = NONE -net.netfilter.nf_log.3 = NONE -net.netfilter.nf_log.4 = NONE -net.netfilter.nf_log.5 = NONE -net.netfilter.nf_log.6 = NONE -net.netfilter.nf_log.7 = NONE -net.netfilter.nf_log.8 = NONE -net.netfilter.nf_log.9 = NONE -net.netfilter.nf_log.10 = NONE -net.netfilter.nf_log.11 = NONE -net.netfilter.nf_log.12 = NONE -net.netfilter.nf_conntrack_generic_timeout = 600 -net.netfilter.nf_conntrack_frag6_timeout = 60 -net.netfilter.nf_conntrack_frag6_low_thresh = 196608 -net.netfilter.nf_conntrack_frag6_high_thresh = 262144 -net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120 -net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60 -net.netfilter.nf_conntrack_tcp_timeout_established = 432000 -net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120 -net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60 -net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30 -net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120 -net.netfilter.nf_conntrack_tcp_timeout_close = 10 -net.netfilter.nf_conntrack_tcp_timeout_max_retrans = 300 -net.netfilter.nf_conntrack_tcp_timeout_unacknowledged = 300 -net.netfilter.nf_conntrack_tcp_loose = 1 -net.netfilter.nf_conntrack_tcp_be_liberal = 0 -net.netfilter.nf_conntrack_tcp_max_retrans = 3 -net.netfilter.nf_conntrack_udp_timeout = 30 -net.netfilter.nf_conntrack_udp_timeout_stream = 180 -net.netfilter.nf_conntrack_icmpv6_timeout = 30 -net.netfilter.nf_conntrack_acct = 0 -net.netfilter.nf_conntrack_events = 1 -net.netfilter.nf_conntrack_events_retry_timeout = 15 -net.netfilter.nf_conntrack_max = 65536 -net.netfilter.nf_conntrack_count = 0 -net.netfilter.nf_conntrack_buckets = 16384 -net.netfilter.nf_conntrack_checksum = 1 -net.netfilter.nf_conntrack_log_invalid = 0 -net.netfilter.nf_conntrack_expect_max = 256 -net.core.somaxconn = 128 -net.core.xfrm_aevent_etime = 10 -net.core.xfrm_aevent_rseqth = 2 -net.core.xfrm_larval_drop = 1 -net.core.xfrm_acq_expires = 30 -net.core.wmem_max = 131071 -net.core.rmem_max = 131071 -net.core.wmem_default = 229376 -net.core.rmem_default = 229376 net.core.dev_weight = 64 -net.core.netdev_max_backlog = 1000 -net.core.message_cost = 5 net.core.message_burst = 10 +net.core.message_cost = 5 +net.core.netdev_budget = 300 +net.core.netdev_max_backlog = 1000 +net.core.netdev_tstamp_prequeue = 1 net.core.optmem_max = 20480 +net.core.rmem_default = 212992 +net.core.rmem_max = 131071 net.core.rps_sock_flow_entries = 0 -net.core.netdev_budget = 300 +net.core.somaxconn = 128 net.core.warnings = 1 -net.ipv4.route.gc_thresh = 65536 -net.ipv4.route.max_size = 1048576 -net.ipv4.route.gc_min_interval = 0 -net.ipv4.route.gc_min_interval_ms = 500 -net.ipv4.route.gc_timeout = 300 -net.ipv4.route.gc_interval = 60 -net.ipv4.route.redirect_load = 20 -net.ipv4.route.redirect_number = 9 -net.ipv4.route.redirect_silence = 20480 -net.ipv4.route.error_cost = 1000 -net.ipv4.route.error_burst = 5000 -net.ipv4.route.gc_elasticity = 8 -net.ipv4.route.mtu_expires = 600 -net.ipv4.route.min_pmtu = 552 -net.ipv4.route.min_adv_mss = 256 -net.ipv4.route.secret_interval = 600 -net.ipv4.neigh.default.mcast_solicit = 3 -net.ipv4.neigh.default.ucast_solicit = 3 -net.ipv4.neigh.default.app_solicit = 0 -net.ipv4.neigh.default.retrans_time = 99 -net.ipv4.neigh.default.base_reachable_time = 30 -net.ipv4.neigh.default.delay_first_probe_time = 5 -net.ipv4.neigh.default.gc_stale_time = 60 -net.ipv4.neigh.default.unres_qlen = 3 -net.ipv4.neigh.default.proxy_qlen = 64 -net.ipv4.neigh.default.anycast_delay = 99 -net.ipv4.neigh.default.proxy_delay = 79 -net.ipv4.neigh.default.locktime = 99 -net.ipv4.neigh.default.retrans_time_ms = 1000 -net.ipv4.neigh.default.base_reachable_time_ms = 30000 -net.ipv4.neigh.default.gc_interval = 30 -net.ipv4.neigh.default.gc_thresh1 = 128 -net.ipv4.neigh.default.gc_thresh2 = 512 -net.ipv4.neigh.default.gc_thresh3 = 1024 -net.ipv4.neigh.lo.mcast_solicit = 3 -net.ipv4.neigh.lo.ucast_solicit = 3 -net.ipv4.neigh.lo.app_solicit = 0 -net.ipv4.neigh.lo.retrans_time = 99 -net.ipv4.neigh.lo.base_reachable_time = 30 -net.ipv4.neigh.lo.delay_first_probe_time = 5 -net.ipv4.neigh.lo.gc_stale_time = 60 -net.ipv4.neigh.lo.unres_qlen = 3 -net.ipv4.neigh.lo.proxy_qlen = 64 -net.ipv4.neigh.lo.anycast_delay = 99 -net.ipv4.neigh.lo.proxy_delay = 79 -net.ipv4.neigh.lo.locktime = 99 -net.ipv4.neigh.lo.retrans_time_ms = 1000 -net.ipv4.neigh.lo.base_reachable_time_ms = 30000 -net.ipv4.neigh.eth0.mcast_solicit = 3 -net.ipv4.neigh.eth0.ucast_solicit = 3 -net.ipv4.neigh.eth0.app_solicit = 0 -net.ipv4.neigh.eth0.retrans_time = 99 -net.ipv4.neigh.eth0.base_reachable_time = 30 -net.ipv4.neigh.eth0.delay_first_probe_time = 5 -net.ipv4.neigh.eth0.gc_stale_time = 60 -net.ipv4.neigh.eth0.unres_qlen = 3 -net.ipv4.neigh.eth0.proxy_qlen = 64 -net.ipv4.neigh.eth0.anycast_delay = 99 -net.ipv4.neigh.eth0.proxy_delay = 79 -net.ipv4.neigh.eth0.locktime = 99 -net.ipv4.neigh.eth0.retrans_time_ms = 1000 -net.ipv4.neigh.eth0.base_reachable_time_ms = 30000 -net.ipv4.tcp_timestamps = 1 -net.ipv4.tcp_window_scaling = 1 -net.ipv4.tcp_sack = 1 -net.ipv4.tcp_retrans_collapse = 1 -net.ipv4.ip_default_ttl = 64 -net.ipv4.ip_no_pmtu_disc = 0 -net.ipv4.ip_nonlocal_bind = 0 -net.ipv4.tcp_syn_retries = 5 -net.ipv4.tcp_synack_retries = 5 -net.ipv4.tcp_max_orphans = 131072 -net.ipv4.tcp_max_tw_buckets = 131072 -net.ipv4.ip_dynaddr = 0 -net.ipv4.tcp_keepalive_time = 7200 -net.ipv4.tcp_keepalive_probes = 9 -net.ipv4.tcp_keepalive_intvl = 75 -net.ipv4.tcp_retries1 = 3 -net.ipv4.tcp_retries2 = 15 -net.ipv4.tcp_fin_timeout = 60 -net.ipv4.tcp_syncookies = 1 -net.ipv4.tcp_tw_recycle = 0 -net.ipv4.tcp_abort_on_overflow = 0 -net.ipv4.tcp_stdurg = 0 -net.ipv4.tcp_rfc1337 = 0 -net.ipv4.tcp_max_syn_backlog = 1024 -net.ipv4.ip_local_port_range = 32768 61000 -net.ipv4.ip_local_reserved_ports = -net.ipv4.igmp_max_memberships = 20 -net.ipv4.igmp_max_msf = 10 -net.ipv4.inet_peer_threshold = 65664 -net.ipv4.inet_peer_minttl = 120 -net.ipv4.inet_peer_maxttl = 600 -net.ipv4.inet_peer_gc_mintime = 10 -net.ipv4.inet_peer_gc_maxtime = 120 -net.ipv4.tcp_orphan_retries = 0 -net.ipv4.tcp_fack = 1 -net.ipv4.tcp_reordering = 3 -net.ipv4.tcp_ecn = 2 -net.ipv4.tcp_dsack = 1 -net.ipv4.tcp_mem = 156960 209280 313920 -net.ipv4.tcp_wmem = 4096 16384 4194304 -net.ipv4.tcp_rmem = 4096 87380 4194304 -net.ipv4.tcp_app_win = 31 -net.ipv4.tcp_adv_win_scale = 2 -net.ipv4.tcp_tw_reuse = 0 -net.ipv4.tcp_frto = 2 -net.ipv4.tcp_frto_response = 0 -net.ipv4.tcp_low_latency = 0 -net.ipv4.tcp_no_metrics_save = 0 -net.ipv4.tcp_moderate_rcvbuf = 1 -net.ipv4.tcp_tso_win_divisor = 3 -net.ipv4.tcp_congestion_control = cubic -net.ipv4.tcp_abc = 0 -net.ipv4.tcp_mtu_probing = 0 -net.ipv4.tcp_base_mss = 512 -net.ipv4.tcp_workaround_signed_windows = 0 -net.ipv4.tcp_dma_copybreak = 4096 -net.ipv4.tcp_slow_start_after_idle = 1 -net.ipv4.cipso_cache_enable = 1 +net.core.wmem_default = 212992 +net.core.wmem_max = 131071 +net.core.xfrm_acq_expires = 30 +net.core.xfrm_aevent_etime = 10 +net.core.xfrm_aevent_rseqth = 2 +net.core.xfrm_larval_drop = 1 net.ipv4.cipso_cache_bucket_size = 10 +net.ipv4.cipso_cache_enable = 1 net.ipv4.cipso_rbm_optfmt = 0 net.ipv4.cipso_rbm_strictvalid = 1 -net.ipv4.tcp_available_congestion_control = cubic reno -net.ipv4.tcp_allowed_congestion_control = cubic reno -net.ipv4.tcp_max_ssthresh = 0 -net.ipv4.tcp_thin_linear_timeouts = 0 -net.ipv4.tcp_thin_dupack = 0 -net.ipv4.udp_mem = 156960 209280 313920 -net.ipv4.udp_rmem_min = 4096 -net.ipv4.udp_wmem_min = 4096 -net.ipv4.conf.all.forwarding = 0 -net.ipv4.conf.all.mc_forwarding = 0 +net.ipv4.conf.all.accept_local = 0 net.ipv4.conf.all.accept_redirects = 1 -net.ipv4.conf.all.secure_redirects = 1 -net.ipv4.conf.all.shared_media = 1 -net.ipv4.conf.all.rp_filter = 0 -net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.all.accept_source_route = 0 -net.ipv4.conf.all.src_valid_mark = 0 -net.ipv4.conf.all.proxy_arp = 0 -net.ipv4.conf.all.medium_id = 0 -net.ipv4.conf.all.bootp_relay = 0 -net.ipv4.conf.all.log_martians = 0 -net.ipv4.conf.all.tag = 0 -net.ipv4.conf.all.arp_filter = 0 +net.ipv4.conf.all.arp_accept = 0 net.ipv4.conf.all.arp_announce = 0 +net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.arp_ignore = 0 -net.ipv4.conf.all.arp_accept = 0 net.ipv4.conf.all.arp_notify = 0 -net.ipv4.conf.all.proxy_arp_pvlan = 0 -net.ipv4.conf.all.disable_xfrm = 0 +net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.disable_policy = 0 +net.ipv4.conf.all.disable_xfrm = 0 net.ipv4.conf.all.force_igmp_version = 0 +net.ipv4.conf.all.forwarding = 0 +net.ipv4.conf.all.log_martians = 0 +net.ipv4.conf.all.mc_forwarding = 0 +net.ipv4.conf.all.medium_id = 0 net.ipv4.conf.all.promote_secondaries = 0 -net.ipv4.conf.all.accept_local = 0 -net.ipv4.conf.default.forwarding = 0 -net.ipv4.conf.default.mc_forwarding = 0 -net.ipv4.conf.default.accept_redirects = 1 -net.ipv4.conf.default.secure_redirects = 1 -net.ipv4.conf.default.shared_media = 1 -net.ipv4.conf.default.rp_filter = 1 -net.ipv4.conf.default.send_redirects = 1 -net.ipv4.conf.default.accept_source_route = 0 -net.ipv4.conf.default.src_valid_mark = 0 -net.ipv4.conf.default.proxy_arp = 0 -net.ipv4.conf.default.medium_id = 0 -net.ipv4.conf.default.bootp_relay = 0 -net.ipv4.conf.default.log_martians = 0 -net.ipv4.conf.default.tag = 0 -net.ipv4.conf.default.arp_filter = 0 +net.ipv4.conf.all.proxy_arp = 0 +net.ipv4.conf.all.proxy_arp_pvlan = 0 +net.ipv4.conf.all.rp_filter = 0 +net.ipv4.conf.all.secure_redirects = 1 +net.ipv4.conf.all.send_redirects = 1 +net.ipv4.conf.all.shared_media = 1 +net.ipv4.conf.all.src_valid_mark = 0 +net.ipv4.conf.all.tag = 0 +net.ipv4.conf.default.accept_local = 0 +net.ipv4.conf.default.accept_redirects = 1 +net.ipv4.conf.default.accept_source_route = 0 +net.ipv4.conf.default.arp_accept = 0 net.ipv4.conf.default.arp_announce = 0 +net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.arp_ignore = 0 -net.ipv4.conf.default.arp_accept = 0 net.ipv4.conf.default.arp_notify = 0 -net.ipv4.conf.default.proxy_arp_pvlan = 0 -net.ipv4.conf.default.disable_xfrm = 0 +net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.default.disable_policy = 0 +net.ipv4.conf.default.disable_xfrm = 0 net.ipv4.conf.default.force_igmp_version = 0 +net.ipv4.conf.default.forwarding = 0 +net.ipv4.conf.default.log_martians = 0 +net.ipv4.conf.default.mc_forwarding = 0 +net.ipv4.conf.default.medium_id = 0 net.ipv4.conf.default.promote_secondaries = 0 -net.ipv4.conf.default.accept_local = 0 -net.ipv4.conf.lo.forwarding = 0 -net.ipv4.conf.lo.mc_forwarding = 0 -net.ipv4.conf.lo.accept_redirects = 1 -net.ipv4.conf.lo.secure_redirects = 1 -net.ipv4.conf.lo.shared_media = 1 -net.ipv4.conf.lo.rp_filter = 1 -net.ipv4.conf.lo.send_redirects = 1 -net.ipv4.conf.lo.accept_source_route = 0 -net.ipv4.conf.lo.src_valid_mark = 0 -net.ipv4.conf.lo.proxy_arp = 0 -net.ipv4.conf.lo.medium_id = 0 -net.ipv4.conf.lo.bootp_relay = 0 -net.ipv4.conf.lo.log_martians = 0 -net.ipv4.conf.lo.tag = 0 -net.ipv4.conf.lo.arp_filter = 0 -net.ipv4.conf.lo.arp_announce = 0 -net.ipv4.conf.lo.arp_ignore = 0 -net.ipv4.conf.lo.arp_accept = 0 -net.ipv4.conf.lo.arp_notify = 0 -net.ipv4.conf.lo.proxy_arp_pvlan = 0 -net.ipv4.conf.lo.disable_xfrm = 1 -net.ipv4.conf.lo.disable_policy = 1 -net.ipv4.conf.lo.force_igmp_version = 0 -net.ipv4.conf.lo.promote_secondaries = 0 -net.ipv4.conf.lo.accept_local = 0 -net.ipv4.conf.eth0.forwarding = 0 -net.ipv4.conf.eth0.mc_forwarding = 0 +net.ipv4.conf.default.proxy_arp = 0 +net.ipv4.conf.default.proxy_arp_pvlan = 0 +net.ipv4.conf.default.rp_filter = 1 +net.ipv4.conf.default.secure_redirects = 1 +net.ipv4.conf.default.send_redirects = 1 +net.ipv4.conf.default.shared_media = 1 +net.ipv4.conf.default.src_valid_mark = 0 +net.ipv4.conf.default.tag = 0 +net.ipv4.conf.eth0.accept_local = 0 net.ipv4.conf.eth0.accept_redirects = 1 -net.ipv4.conf.eth0.secure_redirects = 1 -net.ipv4.conf.eth0.shared_media = 1 -net.ipv4.conf.eth0.rp_filter = 1 -net.ipv4.conf.eth0.send_redirects = 1 net.ipv4.conf.eth0.accept_source_route = 0 -net.ipv4.conf.eth0.src_valid_mark = 0 -net.ipv4.conf.eth0.proxy_arp = 0 -net.ipv4.conf.eth0.medium_id = 0 -net.ipv4.conf.eth0.bootp_relay = 0 -net.ipv4.conf.eth0.log_martians = 0 -net.ipv4.conf.eth0.tag = 0 -net.ipv4.conf.eth0.arp_filter = 0 +net.ipv4.conf.eth0.arp_accept = 0 net.ipv4.conf.eth0.arp_announce = 0 +net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.arp_ignore = 0 -net.ipv4.conf.eth0.arp_accept = 0 net.ipv4.conf.eth0.arp_notify = 0 -net.ipv4.conf.eth0.proxy_arp_pvlan = 0 -net.ipv4.conf.eth0.disable_xfrm = 0 +net.ipv4.conf.eth0.bootp_relay = 0 net.ipv4.conf.eth0.disable_policy = 0 +net.ipv4.conf.eth0.disable_xfrm = 0 net.ipv4.conf.eth0.force_igmp_version = 0 +net.ipv4.conf.eth0.forwarding = 0 +net.ipv4.conf.eth0.log_martians = 0 +net.ipv4.conf.eth0.mc_forwarding = 0 +net.ipv4.conf.eth0.medium_id = 0 net.ipv4.conf.eth0.promote_secondaries = 0 -net.ipv4.conf.eth0.accept_local = 0 -net.ipv4.ip_forward = 0 -net.ipv4.xfrm4_gc_thresh = 524288 -net.ipv4.ipfrag_high_thresh = 262144 -net.ipv4.ipfrag_low_thresh = 196608 -net.ipv4.ipfrag_time = 30 +net.ipv4.conf.eth0.proxy_arp = 0 +net.ipv4.conf.eth0.proxy_arp_pvlan = 0 +net.ipv4.conf.eth0.rp_filter = 1 +net.ipv4.conf.eth0.secure_redirects = 1 +net.ipv4.conf.eth0.send_redirects = 1 +net.ipv4.conf.eth0.shared_media = 1 +net.ipv4.conf.eth0.src_valid_mark = 0 +net.ipv4.conf.eth0.tag = 0 +net.ipv4.conf.lo.accept_local = 0 +net.ipv4.conf.lo.accept_redirects = 1 +net.ipv4.conf.lo.accept_source_route = 0 +net.ipv4.conf.lo.arp_accept = 0 +net.ipv4.conf.lo.arp_announce = 0 +net.ipv4.conf.lo.arp_filter = 0 +net.ipv4.conf.lo.arp_ignore = 0 +net.ipv4.conf.lo.arp_notify = 0 +net.ipv4.conf.lo.bootp_relay = 0 +net.ipv4.conf.lo.disable_policy = 1 +net.ipv4.conf.lo.disable_xfrm = 1 +net.ipv4.conf.lo.force_igmp_version = 0 +net.ipv4.conf.lo.forwarding = 0 +net.ipv4.conf.lo.log_martians = 0 +net.ipv4.conf.lo.mc_forwarding = 0 +net.ipv4.conf.lo.medium_id = 0 +net.ipv4.conf.lo.promote_secondaries = 0 +net.ipv4.conf.lo.proxy_arp = 0 +net.ipv4.conf.lo.proxy_arp_pvlan = 0 +net.ipv4.conf.lo.rp_filter = 1 +net.ipv4.conf.lo.secure_redirects = 1 +net.ipv4.conf.lo.send_redirects = 1 +net.ipv4.conf.lo.shared_media = 1 +net.ipv4.conf.lo.src_valid_mark = 0 +net.ipv4.conf.lo.tag = 0 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 -net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_errors_use_inbound_ifaddr = 0 +net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_ratelimit = 1000 net.ipv4.icmp_ratemask = 6168 -net.ipv4.rt_cache_rebuild_count = 4 -net.ipv4.ipfrag_secret_interval = 600 +net.ipv4.igmp_max_memberships = 20 +net.ipv4.igmp_max_msf = 10 +net.ipv4.inet_peer_maxttl = 600 +net.ipv4.inet_peer_minttl = 120 +net.ipv4.inet_peer_threshold = 65664 +net.ipv4.ip_default_ttl = 64 +net.ipv4.ip_dynaddr = 0 +net.ipv4.ip_forward = 0 +net.ipv4.ip_local_port_range = 32768 61000 +net.ipv4.ip_local_reserved_ports = +net.ipv4.ip_no_pmtu_disc = 0 +net.ipv4.ip_nonlocal_bind = 0 +net.ipv4.ipfrag_high_thresh = 262144 +net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ipfrag_max_dist = 64 -net.ipv6.neigh.default.mcast_solicit = 3 -net.ipv6.neigh.default.ucast_solicit = 3 -net.ipv6.neigh.default.app_solicit = 0 -net.ipv6.neigh.default.delay_first_probe_time = 5 -net.ipv6.neigh.default.gc_stale_time = 60 -net.ipv6.neigh.default.unres_qlen = 3 -net.ipv6.neigh.default.proxy_qlen = 64 -net.ipv6.neigh.default.anycast_delay = 99 -net.ipv6.neigh.default.proxy_delay = 79 -net.ipv6.neigh.default.locktime = 0 -net.ipv6.neigh.default.retrans_time_ms = 1000 -net.ipv6.neigh.default.base_reachable_time_ms = 30000 -net.ipv6.neigh.default.gc_interval = 30 -net.ipv6.neigh.default.gc_thresh1 = 128 -net.ipv6.neigh.default.gc_thresh2 = 512 -net.ipv6.neigh.default.gc_thresh3 = 1024 -net.ipv6.neigh.lo.mcast_solicit = 3 -net.ipv6.neigh.lo.ucast_solicit = 3 -net.ipv6.neigh.lo.app_solicit = 0 -net.ipv6.neigh.lo.delay_first_probe_time = 5 -net.ipv6.neigh.lo.gc_stale_time = 60 -net.ipv6.neigh.lo.unres_qlen = 3 -net.ipv6.neigh.lo.proxy_qlen = 64 -net.ipv6.neigh.lo.anycast_delay = 99 -net.ipv6.neigh.lo.proxy_delay = 79 -net.ipv6.neigh.lo.locktime = 0 -net.ipv6.neigh.lo.retrans_time_ms = 1000 -net.ipv6.neigh.lo.base_reachable_time_ms = 30000 -net.ipv6.neigh.eth0.mcast_solicit = 3 -net.ipv6.neigh.eth0.ucast_solicit = 3 -net.ipv6.neigh.eth0.app_solicit = 0 -net.ipv6.neigh.eth0.delay_first_probe_time = 5 -net.ipv6.neigh.eth0.gc_stale_time = 60 -net.ipv6.neigh.eth0.unres_qlen = 3 -net.ipv6.neigh.eth0.proxy_qlen = 64 -net.ipv6.neigh.eth0.anycast_delay = 99 -net.ipv6.neigh.eth0.proxy_delay = 79 -net.ipv6.neigh.eth0.locktime = 0 -net.ipv6.neigh.eth0.retrans_time_ms = 1000 -net.ipv6.neigh.eth0.base_reachable_time_ms = 30000 -net.ipv6.xfrm6_gc_thresh = 2048 -net.ipv6.conf.all.forwarding = 0 -net.ipv6.conf.all.hop_limit = 64 -net.ipv6.conf.all.mtu = 1280 -net.ipv6.conf.all.accept_ra = 1 -net.ipv6.conf.all.accept_redirects = 1 -net.ipv6.conf.all.autoconf = 1 -net.ipv6.conf.all.dad_transmits = 1 -net.ipv6.conf.all.router_solicitations = 3 -net.ipv6.conf.all.router_solicitation_interval = 4 -net.ipv6.conf.all.router_solicitation_delay = 1 -net.ipv6.conf.all.force_mld_version = 0 -net.ipv6.conf.all.use_tempaddr = 0 -net.ipv6.conf.all.temp_valid_lft = 604800 -net.ipv6.conf.all.temp_prefered_lft = 86400 -net.ipv6.conf.all.regen_max_retry = 5 -net.ipv6.conf.all.max_desync_factor = 600 -net.ipv6.conf.all.max_addresses = 16 +net.ipv4.ipfrag_secret_interval = 600 +net.ipv4.ipfrag_time = 30 +net.ipv4.neigh.default.anycast_delay = 100 +net.ipv4.neigh.default.app_solicit = 0 +net.ipv4.neigh.default.base_reachable_time = 30 +net.ipv4.neigh.default.base_reachable_time_ms = 30000 +net.ipv4.neigh.default.delay_first_probe_time = 5 +net.ipv4.neigh.default.gc_interval = 30 +net.ipv4.neigh.default.gc_stale_time = 60 +net.ipv4.neigh.default.gc_thresh1 = 128 +net.ipv4.neigh.default.gc_thresh2 = 512 +net.ipv4.neigh.default.gc_thresh3 = 1024 +net.ipv4.neigh.default.locktime = 100 +net.ipv4.neigh.default.mcast_solicit = 3 +net.ipv4.neigh.default.proxy_delay = 80 +net.ipv4.neigh.default.proxy_qlen = 64 +net.ipv4.neigh.default.retrans_time = 100 +net.ipv4.neigh.default.retrans_time_ms = 1000 +net.ipv4.neigh.default.ucast_solicit = 3 +net.ipv4.neigh.default.unres_qlen = 32 +net.ipv4.neigh.default.unres_qlen_bytes = 65536 +net.ipv4.neigh.eth0.anycast_delay = 100 +net.ipv4.neigh.eth0.app_solicit = 0 +net.ipv4.neigh.eth0.base_reachable_time = 30 +net.ipv4.neigh.eth0.base_reachable_time_ms = 30000 +net.ipv4.neigh.eth0.delay_first_probe_time = 5 +net.ipv4.neigh.eth0.gc_stale_time = 60 +net.ipv4.neigh.eth0.locktime = 100 +net.ipv4.neigh.eth0.mcast_solicit = 3 +net.ipv4.neigh.eth0.proxy_delay = 80 +net.ipv4.neigh.eth0.proxy_qlen = 64 +net.ipv4.neigh.eth0.retrans_time = 100 +net.ipv4.neigh.eth0.retrans_time_ms = 1000 +net.ipv4.neigh.eth0.ucast_solicit = 3 +net.ipv4.neigh.eth0.unres_qlen = 32 +net.ipv4.neigh.eth0.unres_qlen_bytes = 65536 +net.ipv4.neigh.lo.anycast_delay = 100 +net.ipv4.neigh.lo.app_solicit = 0 +net.ipv4.neigh.lo.base_reachable_time = 30 +net.ipv4.neigh.lo.base_reachable_time_ms = 30000 +net.ipv4.neigh.lo.delay_first_probe_time = 5 +net.ipv4.neigh.lo.gc_stale_time = 60 +net.ipv4.neigh.lo.locktime = 100 +net.ipv4.neigh.lo.mcast_solicit = 3 +net.ipv4.neigh.lo.proxy_delay = 80 +net.ipv4.neigh.lo.proxy_qlen = 64 +net.ipv4.neigh.lo.retrans_time = 100 +net.ipv4.neigh.lo.retrans_time_ms = 1000 +net.ipv4.neigh.lo.ucast_solicit = 3 +net.ipv4.neigh.lo.unres_qlen = 32 +net.ipv4.neigh.lo.unres_qlen_bytes = 65536 +net.ipv4.ping_group_range = 1 0 +net.ipv4.route.error_burst = 1250 +net.ipv4.route.error_cost = 250 +net.ipv4.route.gc_elasticity = 8 +net.ipv4.route.gc_interval = 60 +net.ipv4.route.gc_min_interval = 0 +net.ipv4.route.gc_min_interval_ms = 500 +net.ipv4.route.gc_thresh = 262144 +net.ipv4.route.gc_timeout = 300 +net.ipv4.route.max_size = 4194304 +net.ipv4.route.min_adv_mss = 256 +net.ipv4.route.min_pmtu = 552 +net.ipv4.route.mtu_expires = 600 +net.ipv4.route.redirect_load = 5 +net.ipv4.route.redirect_number = 9 +net.ipv4.route.redirect_silence = 5120 +net.ipv4.rt_cache_rebuild_count = 4 +net.ipv4.tcp_abc = 0 +net.ipv4.tcp_abort_on_overflow = 0 +net.ipv4.tcp_adv_win_scale = 1 +net.ipv4.tcp_allowed_congestion_control = cubic reno +net.ipv4.tcp_app_win = 31 +net.ipv4.tcp_available_congestion_control = cubic reno +net.ipv4.tcp_base_mss = 512 +net.ipv4.tcp_challenge_ack_limit = 100 +net.ipv4.tcp_congestion_control = cubic +net.ipv4.tcp_cookie_size = 0 +net.ipv4.tcp_dsack = 1 +net.ipv4.tcp_ecn = 2 +net.ipv4.tcp_fack = 1 +net.ipv4.tcp_fin_timeout = 60 +net.ipv4.tcp_frto = 2 +net.ipv4.tcp_frto_response = 0 +net.ipv4.tcp_keepalive_intvl = 75 +net.ipv4.tcp_keepalive_probes = 9 +net.ipv4.tcp_keepalive_time = 7200 +net.ipv4.tcp_low_latency = 0 +net.ipv4.tcp_max_orphans = 262144 +net.ipv4.tcp_max_ssthresh = 0 +net.ipv4.tcp_max_syn_backlog = 2048 +net.ipv4.tcp_max_tw_buckets = 262144 +net.ipv4.tcp_mem = 181038 241384 362076 +net.ipv4.tcp_moderate_rcvbuf = 1 +net.ipv4.tcp_mtu_probing = 0 +net.ipv4.tcp_no_metrics_save = 0 +net.ipv4.tcp_orphan_retries = 0 +net.ipv4.tcp_reordering = 3 +net.ipv4.tcp_retrans_collapse = 1 +net.ipv4.tcp_retries1 = 3 +net.ipv4.tcp_retries2 = 15 +net.ipv4.tcp_rfc1337 = 0 +net.ipv4.tcp_rmem = 4096 87380 6291456 +net.ipv4.tcp_sack = 1 +net.ipv4.tcp_slow_start_after_idle = 1 +net.ipv4.tcp_stdurg = 0 +net.ipv4.tcp_syn_retries = 5 +net.ipv4.tcp_synack_retries = 5 +net.ipv4.tcp_syncookies = 1 +net.ipv4.tcp_thin_dupack = 0 +net.ipv4.tcp_thin_linear_timeouts = 0 +net.ipv4.tcp_timestamps = 1 +net.ipv4.tcp_tso_win_divisor = 3 +net.ipv4.tcp_tw_recycle = 0 +net.ipv4.tcp_tw_reuse = 0 +net.ipv4.tcp_window_scaling = 1 +net.ipv4.tcp_wmem = 4096 20480 4194304 +net.ipv4.tcp_workaround_signed_windows = 0 +net.ipv4.udp_mem = 181428 241905 362856 +net.ipv4.udp_rmem_min = 4096 +net.ipv4.udp_wmem_min = 4096 +net.ipv4.xfrm4_gc_thresh = 2097152 +net.ipv6.bindv6only = 0 +net.ipv6.conf.all.accept_dad = 1 +net.ipv6.conf.all.accept_ra = 0 net.ipv6.conf.all.accept_ra_defrtr = 1 net.ipv6.conf.all.accept_ra_pinfo = 1 -net.ipv6.conf.all.accept_ra_rtr_pref = 1 -net.ipv6.conf.all.router_probe_interval = 60 net.ipv6.conf.all.accept_ra_rt_info_max_plen = 0 -net.ipv6.conf.all.proxy_ndp = 0 +net.ipv6.conf.all.accept_ra_rtr_pref = 1 +net.ipv6.conf.all.accept_redirects = 0 net.ipv6.conf.all.accept_source_route = 0 -net.ipv6.conf.all.optimistic_dad = 0 -net.ipv6.conf.all.mc_forwarding = 0 +net.ipv6.conf.all.autoconf = 1 +net.ipv6.conf.all.dad_transmits = 1 net.ipv6.conf.all.disable_ipv6 = 0 -net.ipv6.conf.all.accept_dad = 1 -net.ipv6.conf.default.forwarding = 0 -net.ipv6.conf.default.hop_limit = 64 -net.ipv6.conf.default.mtu = 1280 -net.ipv6.conf.default.accept_ra = 1 -net.ipv6.conf.default.accept_redirects = 1 -net.ipv6.conf.default.autoconf = 1 -net.ipv6.conf.default.dad_transmits = 1 -net.ipv6.conf.default.router_solicitations = 3 -net.ipv6.conf.default.router_solicitation_interval = 4 -net.ipv6.conf.default.router_solicitation_delay = 1 -net.ipv6.conf.default.force_mld_version = 0 -net.ipv6.conf.default.use_tempaddr = 0 -net.ipv6.conf.default.temp_valid_lft = 604800 -net.ipv6.conf.default.temp_prefered_lft = 86400 -net.ipv6.conf.default.regen_max_retry = 5 -net.ipv6.conf.default.max_desync_factor = 600 -net.ipv6.conf.default.max_addresses = 16 +net.ipv6.conf.all.force_mld_version = 0 +net.ipv6.conf.all.force_tllao = 0 +net.ipv6.conf.all.forwarding = 0 +net.ipv6.conf.all.hop_limit = 64 +net.ipv6.conf.all.max_addresses = 16 +net.ipv6.conf.all.max_desync_factor = 600 +net.ipv6.conf.all.mc_forwarding = 0 +net.ipv6.conf.all.mtu = 1280 +net.ipv6.conf.all.optimistic_dad = 0 +net.ipv6.conf.all.proxy_ndp = 0 +net.ipv6.conf.all.regen_max_retry = 3 +net.ipv6.conf.all.router_probe_interval = 60 +net.ipv6.conf.all.router_solicitation_delay = 1 +net.ipv6.conf.all.router_solicitation_interval = 4 +net.ipv6.conf.all.router_solicitations = 3 +net.ipv6.conf.all.temp_prefered_lft = 86400 +net.ipv6.conf.all.temp_valid_lft = 604800 +net.ipv6.conf.all.use_tempaddr = 0 +net.ipv6.conf.default.accept_dad = 1 +net.ipv6.conf.default.accept_ra = 0 net.ipv6.conf.default.accept_ra_defrtr = 1 net.ipv6.conf.default.accept_ra_pinfo = 1 -net.ipv6.conf.default.accept_ra_rtr_pref = 1 -net.ipv6.conf.default.router_probe_interval = 60 net.ipv6.conf.default.accept_ra_rt_info_max_plen = 0 -net.ipv6.conf.default.proxy_ndp = 0 +net.ipv6.conf.default.accept_ra_rtr_pref = 1 +net.ipv6.conf.default.accept_redirects = 0 net.ipv6.conf.default.accept_source_route = 0 -net.ipv6.conf.default.optimistic_dad = 0 -net.ipv6.conf.default.mc_forwarding = 0 +net.ipv6.conf.default.autoconf = 1 +net.ipv6.conf.default.dad_transmits = 1 net.ipv6.conf.default.disable_ipv6 = 0 -net.ipv6.conf.default.accept_dad = 1 -net.ipv6.conf.lo.forwarding = 0 -net.ipv6.conf.lo.hop_limit = 64 -net.ipv6.conf.lo.mtu = 16436 -net.ipv6.conf.lo.accept_ra = 1 -net.ipv6.conf.lo.accept_redirects = 1 -net.ipv6.conf.lo.autoconf = 1 -net.ipv6.conf.lo.dad_transmits = 1 -net.ipv6.conf.lo.router_solicitations = 3 -net.ipv6.conf.lo.router_solicitation_interval = 4 -net.ipv6.conf.lo.router_solicitation_delay = 1 -net.ipv6.conf.lo.force_mld_version = 0 -net.ipv6.conf.lo.use_tempaddr = -1 -net.ipv6.conf.lo.temp_valid_lft = 604800 -net.ipv6.conf.lo.temp_prefered_lft = 86400 -net.ipv6.conf.lo.regen_max_retry = 5 -net.ipv6.conf.lo.max_desync_factor = 600 -net.ipv6.conf.lo.max_addresses = 16 -net.ipv6.conf.lo.accept_ra_defrtr = 1 -net.ipv6.conf.lo.accept_ra_pinfo = 1 -net.ipv6.conf.lo.accept_ra_rtr_pref = 1 -net.ipv6.conf.lo.router_probe_interval = 60 -net.ipv6.conf.lo.accept_ra_rt_info_max_plen = 0 -net.ipv6.conf.lo.proxy_ndp = 0 -net.ipv6.conf.lo.accept_source_route = 0 -net.ipv6.conf.lo.optimistic_dad = 0 -net.ipv6.conf.lo.mc_forwarding = 0 -net.ipv6.conf.lo.disable_ipv6 = 0 -net.ipv6.conf.lo.accept_dad = -1 -net.ipv6.conf.eth0.forwarding = 0 -net.ipv6.conf.eth0.hop_limit = 64 -net.ipv6.conf.eth0.mtu = 1500 -net.ipv6.conf.eth0.accept_ra = 1 -net.ipv6.conf.eth0.accept_redirects = 1 -net.ipv6.conf.eth0.autoconf = 1 -net.ipv6.conf.eth0.dad_transmits = 1 -net.ipv6.conf.eth0.router_solicitations = 3 -net.ipv6.conf.eth0.router_solicitation_interval = 4 -net.ipv6.conf.eth0.router_solicitation_delay = 1 -net.ipv6.conf.eth0.force_mld_version = 0 -net.ipv6.conf.eth0.use_tempaddr = 0 -net.ipv6.conf.eth0.temp_valid_lft = 604800 -net.ipv6.conf.eth0.temp_prefered_lft = 86400 -net.ipv6.conf.eth0.regen_max_retry = 5 -net.ipv6.conf.eth0.max_desync_factor = 600 -net.ipv6.conf.eth0.max_addresses = 16 +net.ipv6.conf.default.force_mld_version = 0 +net.ipv6.conf.default.force_tllao = 0 +net.ipv6.conf.default.forwarding = 0 +net.ipv6.conf.default.hop_limit = 64 +net.ipv6.conf.default.max_addresses = 16 +net.ipv6.conf.default.max_desync_factor = 600 +net.ipv6.conf.default.mc_forwarding = 0 +net.ipv6.conf.default.mtu = 1280 +net.ipv6.conf.default.optimistic_dad = 0 +net.ipv6.conf.default.proxy_ndp = 0 +net.ipv6.conf.default.regen_max_retry = 3 +net.ipv6.conf.default.router_probe_interval = 60 +net.ipv6.conf.default.router_solicitation_delay = 1 +net.ipv6.conf.default.router_solicitation_interval = 4 +net.ipv6.conf.default.router_solicitations = 3 +net.ipv6.conf.default.temp_prefered_lft = 86400 +net.ipv6.conf.default.temp_valid_lft = 604800 +net.ipv6.conf.default.use_tempaddr = 0 +net.ipv6.conf.eth0.accept_dad = 1 +net.ipv6.conf.eth0.accept_ra = 0 net.ipv6.conf.eth0.accept_ra_defrtr = 1 net.ipv6.conf.eth0.accept_ra_pinfo = 1 -net.ipv6.conf.eth0.accept_ra_rtr_pref = 1 -net.ipv6.conf.eth0.router_probe_interval = 60 net.ipv6.conf.eth0.accept_ra_rt_info_max_plen = 0 -net.ipv6.conf.eth0.proxy_ndp = 0 +net.ipv6.conf.eth0.accept_ra_rtr_pref = 1 +net.ipv6.conf.eth0.accept_redirects = 0 net.ipv6.conf.eth0.accept_source_route = 0 -net.ipv6.conf.eth0.optimistic_dad = 0 -net.ipv6.conf.eth0.mc_forwarding = 0 +net.ipv6.conf.eth0.autoconf = 1 +net.ipv6.conf.eth0.dad_transmits = 1 net.ipv6.conf.eth0.disable_ipv6 = 0 -net.ipv6.conf.eth0.accept_dad = 1 +net.ipv6.conf.eth0.force_mld_version = 0 +net.ipv6.conf.eth0.force_tllao = 0 +net.ipv6.conf.eth0.forwarding = 0 +net.ipv6.conf.eth0.hop_limit = 64 +net.ipv6.conf.eth0.max_addresses = 16 +net.ipv6.conf.eth0.max_desync_factor = 600 +net.ipv6.conf.eth0.mc_forwarding = 0 +net.ipv6.conf.eth0.mtu = 9001 +net.ipv6.conf.eth0.optimistic_dad = 0 +net.ipv6.conf.eth0.proxy_ndp = 0 +net.ipv6.conf.eth0.regen_max_retry = 3 +net.ipv6.conf.eth0.router_probe_interval = 60 +net.ipv6.conf.eth0.router_solicitation_delay = 1 +net.ipv6.conf.eth0.router_solicitation_interval = 4 +net.ipv6.conf.eth0.router_solicitations = 3 +net.ipv6.conf.eth0.temp_prefered_lft = 86400 +net.ipv6.conf.eth0.temp_valid_lft = 604800 +net.ipv6.conf.eth0.use_tempaddr = 0 +net.ipv6.conf.lo.accept_dad = -1 +net.ipv6.conf.lo.accept_ra = 0 +net.ipv6.conf.lo.accept_ra_defrtr = 1 +net.ipv6.conf.lo.accept_ra_pinfo = 1 +net.ipv6.conf.lo.accept_ra_rt_info_max_plen = 0 +net.ipv6.conf.lo.accept_ra_rtr_pref = 1 +net.ipv6.conf.lo.accept_redirects = 0 +net.ipv6.conf.lo.accept_source_route = 0 +net.ipv6.conf.lo.autoconf = 1 +net.ipv6.conf.lo.dad_transmits = 1 +net.ipv6.conf.lo.disable_ipv6 = 0 +net.ipv6.conf.lo.force_mld_version = 0 +net.ipv6.conf.lo.force_tllao = 0 +net.ipv6.conf.lo.forwarding = 0 +net.ipv6.conf.lo.hop_limit = 64 +net.ipv6.conf.lo.max_addresses = 16 +net.ipv6.conf.lo.max_desync_factor = 600 +net.ipv6.conf.lo.mc_forwarding = 0 +net.ipv6.conf.lo.mtu = 16436 +net.ipv6.conf.lo.optimistic_dad = 0 +net.ipv6.conf.lo.proxy_ndp = 0 +net.ipv6.conf.lo.regen_max_retry = 3 +net.ipv6.conf.lo.router_probe_interval = 60 +net.ipv6.conf.lo.router_solicitation_delay = 1 +net.ipv6.conf.lo.router_solicitation_interval = 4 +net.ipv6.conf.lo.router_solicitations = 3 +net.ipv6.conf.lo.temp_prefered_lft = 86400 +net.ipv6.conf.lo.temp_valid_lft = 604800 +net.ipv6.conf.lo.use_tempaddr = -1 +net.ipv6.icmp.ratelimit = 1000 net.ipv6.ip6frag_high_thresh = 262144 net.ipv6.ip6frag_low_thresh = 196608 +net.ipv6.ip6frag_secret_interval = 600 net.ipv6.ip6frag_time = 60 -net.ipv6.route.gc_thresh = 1024 -net.ipv6.route.max_size = 4096 +net.ipv6.mld_max_msf = 64 +net.ipv6.neigh.default.anycast_delay = 100 +net.ipv6.neigh.default.app_solicit = 0 +net.ipv6.neigh.default.base_reachable_time_ms = 30000 +net.ipv6.neigh.default.delay_first_probe_time = 5 +net.ipv6.neigh.default.gc_interval = 30 +net.ipv6.neigh.default.gc_stale_time = 60 +net.ipv6.neigh.default.gc_thresh1 = 128 +net.ipv6.neigh.default.gc_thresh2 = 512 +net.ipv6.neigh.default.gc_thresh3 = 1024 +net.ipv6.neigh.default.locktime = 0 +net.ipv6.neigh.default.mcast_solicit = 3 +net.ipv6.neigh.default.proxy_delay = 80 +net.ipv6.neigh.default.proxy_qlen = 64 +net.ipv6.neigh.default.retrans_time_ms = 1000 +net.ipv6.neigh.default.ucast_solicit = 3 +net.ipv6.neigh.default.unres_qlen = 32 +net.ipv6.neigh.default.unres_qlen_bytes = 65536 +net.ipv6.neigh.eth0.anycast_delay = 100 +net.ipv6.neigh.eth0.app_solicit = 0 +net.ipv6.neigh.eth0.base_reachable_time_ms = 30000 +net.ipv6.neigh.eth0.delay_first_probe_time = 5 +net.ipv6.neigh.eth0.gc_stale_time = 60 +net.ipv6.neigh.eth0.locktime = 0 +net.ipv6.neigh.eth0.mcast_solicit = 3 +net.ipv6.neigh.eth0.proxy_delay = 80 +net.ipv6.neigh.eth0.proxy_qlen = 64 +net.ipv6.neigh.eth0.retrans_time_ms = 1000 +net.ipv6.neigh.eth0.ucast_solicit = 3 +net.ipv6.neigh.eth0.unres_qlen = 32 +net.ipv6.neigh.eth0.unres_qlen_bytes = 65536 +net.ipv6.neigh.lo.anycast_delay = 100 +net.ipv6.neigh.lo.app_solicit = 0 +net.ipv6.neigh.lo.base_reachable_time_ms = 30000 +net.ipv6.neigh.lo.delay_first_probe_time = 5 +net.ipv6.neigh.lo.gc_stale_time = 60 +net.ipv6.neigh.lo.locktime = 0 +net.ipv6.neigh.lo.mcast_solicit = 3 +net.ipv6.neigh.lo.proxy_delay = 80 +net.ipv6.neigh.lo.proxy_qlen = 64 +net.ipv6.neigh.lo.retrans_time_ms = 1000 +net.ipv6.neigh.lo.ucast_solicit = 3 +net.ipv6.neigh.lo.unres_qlen = 32 +net.ipv6.neigh.lo.unres_qlen_bytes = 65536 +net.ipv6.route.gc_elasticity = 9 +net.ipv6.route.gc_interval = 30 net.ipv6.route.gc_min_interval = 0 +net.ipv6.route.gc_min_interval_ms = 500 +net.ipv6.route.gc_thresh = 1024 net.ipv6.route.gc_timeout = 60 -net.ipv6.route.gc_interval = 30 -net.ipv6.route.gc_elasticity = 0 +net.ipv6.route.max_size = 4096 +net.ipv6.route.min_adv_mss = 1220 net.ipv6.route.mtu_expires = 600 -net.ipv6.route.min_adv_mss = 1 -net.ipv6.route.gc_min_interval_ms = 500 -net.ipv6.icmp.ratelimit = 1000 -net.ipv6.bindv6only = 0 -net.ipv6.ip6frag_secret_interval = 600 -net.ipv6.mld_max_msf = 64 -net.nf_conntrack_max = 65536 +net.ipv6.xfrm6_gc_thresh = 2048 +net.netfilter.nf_log.0 = NONE +net.netfilter.nf_log.1 = NONE +net.netfilter.nf_log.10 = NONE +net.netfilter.nf_log.11 = NONE +net.netfilter.nf_log.12 = NONE +net.netfilter.nf_log.2 = NONE +net.netfilter.nf_log.3 = NONE +net.netfilter.nf_log.4 = NONE +net.netfilter.nf_log.5 = NONE +net.netfilter.nf_log.6 = NONE +net.netfilter.nf_log.7 = NONE +net.netfilter.nf_log.8 = NONE +net.netfilter.nf_log.9 = NONE net.unix.max_dgram_qlen = 10
- other
+abi.vsyscall32 = 1 +crypto.fips_enabled = 0 +debug.exception-trace = 1 +debug.kprobes-optimization = 1 +dev.raid.speed_limit_max = 200000 +dev.raid.speed_limit_min = 1000 +dev.scsi.logging_level = 0 -debug.exception-trace = 1 -debug.kprobes-optimization = 1 -dev.scsi.logging_level = 0 -dev.raid.speed_limit_min = 1000 -dev.raid.speed_limit_max = 200000 -dev.mac_hid.mouse_button_emulation = 0 -dev.mac_hid.mouse_button2_keycode = 97 -dev.mac_hid.mouse_button3_keycode = 100 -abi.vsyscall32 = 1 -crypto.fips_enabled = 0
うーん、システム全体だと、チューニング点が多すぎるので、気になったときに思い出すぐらいでよいのだろうか。。。
各パラメータについて、もう少し調べてみないと駄目かなあ。
ユーザのカーネルパラメータ制限としては、以下の感じ。
--- centos.txt 2014-01-03 13:47:46.000000000 +0900 +++ amazonlinux.txt 2014-01-03 13:48:22.000000000 +0900 @@ -2,15 +2,15 @@ data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited -pending signals (-i) 13084 +pending signals (-i) 59447 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 -stack size (kbytes, -s) 10240 +stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited -max user processes (-u) 1024 +max user processes (-u) 59447 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
max user processesの値が最初から1024以上に設定されているのは安心できるので、
Appサーバとしては特に問題なく使えそうな気がする。ひとまず、デフォルトのまま様子見。
