Home > Article > System Tutorial > Methods and prerequisites for modifying the maximum number of TCP connections and UDP numbers in Linux systems
Methods and prerequisites for modifying the maximum number of TCP connections and UDP numbers in Linux systems
- 王林Original
- 2024-07-16 14:25:32641browse
Change the maximum number of TCP connections and UDP limits in Linux system
Prerequisite: Have Root permission
The default configuration of the system is sufficient for daily use, and when performing wide-concurrency network programming, if the number of connections is exceeded, an error will be reported when the maximum number of open files is exceeded, and new connections cannot be created (the maximum number of processes is exceeded). Resource allocation error
1. Modify the role of ulimit in limiting the maximum number of user processes and the maximum number of files
ulimit: Display (or set) the limit (limit) of resources that the user can use in the Chinese Linux operating system Linux space. This limit is divided into soft limit (current limit) and hard limit (upper limit), where the hard limit is the upper limit of the soft limit. Limit, the system resources used by the application during operation do not exceed the corresponding soft limit, and any catching up will cause the process to be terminated.
-<span class="token operator">></span> <span class="token function">ulimit</span> -a <span class="token comment"># -a 列出所有当前资源极限</span> core <span class="token function">file</span> size<span class="token punctuation">(</span>blocks, -c<span class="token punctuation">)</span> 0 <span class="token comment">#-c 设置core文件的最大值.单位:blocks</span> data seg size <span class="token punctuation">(</span>kbytes, -d<span class="token punctuation">)</span> unlimited <span class="token comment">#-d 设置一个进程的数据段的最大值.单位:kbytes</span> scheduling priority <span class="token punctuation">(</span>-e<span class="token punctuation">)</span> 0 <span class="token comment">#</span> <span class="token function">file</span> size <span class="token punctuation">(</span>blocks, -f<span class="token punctuation">)</span> unlimited <span class="token comment">#-f Shell 创建文件的文件大小的最大值,单位:blocks</span> pending signals <span class="token punctuation">(</span>-i<span class="token punctuation">)</span> 385862 <span class="token comment">#</span> max locked memory <span class="token punctuation">(</span>kbytes, -l<span class="token punctuation">)</span> unlimited <span class="token comment">#-l 可以锁住的物理内存的最大值</span> max memory size <span class="token punctuation">(</span>kbytes, -m<span class="token punctuation">)</span> unlimited <span class="token comment">#-m 可以使用的常驻内存的最大值,单位:kbytes</span> <span class="token function">open</span> files<span class="token punctuation">(</span>-n<span class="token punctuation">)</span> 300000 <span class="token comment">#-n 每个进程可以同时打开的最大文件数</span> pipe size<span class="token punctuation">(</span>512 bytes, -p<span class="token punctuation">)</span> 8 <span class="token comment">#-p 设置管道的最大值,单位为block,1block=512bytes</span> POSIX message queues <span class="token punctuation">(</span>bytes, -q<span class="token punctuation">)</span> 819200 <span class="token comment">#</span> real-time priority<span class="token punctuation">(</span>-r<span class="token punctuation">)</span> 0 <span class="token comment">#</span> stack size<span class="token punctuation">(</span>kbytes, -s<span class="token punctuation">)</span> 8192 <span class="token comment">#-s 指定堆栈的最大值:单位:kbytes</span> cpu <span class="token function">time</span> <span class="token punctuation">(</span>seconds, -t<span class="token punctuation">)</span> unlimited <span class="token comment">#-t 指定每个进程所使用的秒数,单位:seconds</span> max user processes<span class="token punctuation">(</span>-u<span class="token punctuation">)</span> 655360 <span class="token comment">#-u 可以运行的最大并发进程数</span> virtual memory<span class="token punctuation">(</span>kbytes, -v<span class="token punctuation">)</span> unlimited <span class="token comment">#-v Shell可使用的最大的虚拟内存,单位:kbytes</span> <span class="token function">file</span> locks<span class="token punctuation">(</span>-x<span class="token punctuation">)</span> unlimited <span class="token comment">#</span>
Change the maximum number of threads and maximum number of files limits
-<span class="token operator">></span> vim /etc/security/limits.conf <span class="token comment"># 添加如下的行</span> * soft noproc 65535 * hard noproc 65535 * soft nofile 65535 * hard nofile 65535
Among them:
For the limit on the maximum number of open files, you only need to modify the previous parameters The limit on the number of linux tcp connections, but for the limit on the maximum number of user threads, you also need to change the following files according to different systems
Operation under centos7 system
In the centos7 system, the value of nproc under ulimit is controlled through /etc/security/limits.d/20-nproc.conf
-<span class="token operator">></span> <span class="token function">cat</span> /etc/security/limits.d/20-nproc.conf *softnproc 1024 root softnproc unlimited
You need to edit the /etc/security/limits.d/20-nproc.conf file to increase the limit value
2. Set system resource limits for this user
Add the following content to the /etc/pam.d/login file:
-<span class="token operator">></span> <span class="token function">sudo</span> vim /etc/pam.d/login <span class="token comment"># 加入如下内容</span> session required /lib/security/pam_limits.so
This tells Linux that after the user completes the system login, the pam_limits.so module should be called to set the system’s maximum limit on the number of various resources that the user can use (including the limit on the maximum number of files that the user can open), and pam_limits.so Modules will read configuration from the /etc/security/limits.conf file to set this limit value. Save this file after making changes.
3. Modify the network kernel’s restrictions on TCP/UDP connections
When compiling a client communication processing program that supports high concurrent TCP connections on Linux, sometimes you will find that although the system has lifted the limit on the number of files users can open at the same time, there will still be problems when the number of concurrent TCP connections drops to a certain number. It also fails to successfully establish a new TCP connection.
Linux内核编译时默认设置的本地端标语范围可能太小,因而须要更改此本地端口范围限制。
内核参数的优化
更改/etc/sysctl.conf文件,/etc/sysctl.conf是拿来控制linux网路的配置文件,对于依赖网路的程序(如web服务器和cache服务器)十分重要
-<span class="token operator">></span> <span class="token function">sudo</span> vim /etc/sysctl.conf <span class="token comment"># 将原内容批注并写入如下内容</span> net.ipv4.ip_local_port_range <span class="token operator">=</span> 1024 65535 net.core.rmem_max <span class="token operator">=</span> 16777216 net.core.wmem_max <span class="token operator">=</span> 16777216 net.ipv4.tcp_rmem <span class="token operator">=</span> 4096 87380 16777216 net.ipv4.tcp_wmem <span class="token operator">=</span> 4096 65536 16777216 net.ipv4.tcp_fin_timeout <span class="token operator">=</span> 10 net.ipv4.tcp_tw_recycle <span class="token operator">=</span> 1 net.ipv4.tcp_timestamps <span class="token operator">=</span> 0 net.ipv4.tcp_window_scaling <span class="token operator">=</span> 0 net.ipv4.tcp_sack <span class="token operator">=</span> 0 net.core.netdev_max_backlog <span class="token operator">=</span> 30000 net.ipv4.tcp_no_metrics_save <span class="token operator">=</span> 1 net.core.somaxconn <span class="token operator">=</span> 10240 net.ipv4.tcp_syncookies <span class="token operator">=</span> 0 net.ipv4.tcp_max_orphans <span class="token operator">=</span> 262144 net.ipv4.tcp_max_syn_backlog <span class="token operator">=</span> 262144 net.ipv4.tcp_synack_retries <span class="token operator">=</span> 2 net.ipv4.tcp_syn_retries <span class="token operator">=</span> 2
更改完之后执行:
sysctl -p /etc/sysctl.conf
sysctl -w net.ipv4.route.flush<span class="token operator">=</span>1
致使配置生效(亲测对TCP和UDP都适用)
至此操作完成。假如没有生效linux tcp连接数限制,这么就reboot。
The above is the detailed content of Methods and prerequisites for modifying the maximum number of TCP connections and UDP numbers in Linux systems. For more information, please follow other related articles on the PHP Chinese website!