ORACLE相关的内核参数详解
1、kernel.sem
[[email protected] ~]# cat /proc/sys/kernel/sem
250 32000 100 142
[[email protected] ~]# ipcs -sl
------ Semaphore Limits --------
max number of arrays = 142
max semaphores per array = 250
max semaphores system wide = 32000
max ops per semop call = 100
semaphore max value = 32767
NAME | DESCRIPTION | MIN VALUE
-------+--------------------------------------------------+----------
SEMMSL | maximum number of semaphores in a semphore set | 250
SEMMNS | maximum number of semphores in the system | 32000
SEMOPM | maximum number of operations per semop(P) call | 100
SEMMNI | maximum number of semaphore sets in system | 128
SEMMSL:10+ processes
四个数字:第1个数字应约大于Oracle进程数,第2个数字建议是第1和第4个数字的乘积。这个参数能够满足大部分使用,但对于连接数较高(比如单节点8000个连接)可以设置为:
10000 1280000 512 1024
1.1 信号量Semaphore介绍
信号量(Semaphore)和Mutex类似,表示可用资源的数量,和Mutex不同的是这个数量可以大于1。
本文介绍的是POSIX semaphore库函数,详见sem_overview(7),这种信号量不仅可用于同一进程的线程间同步,也可用于不同进程间的同步。
相关函数:
int sem_init(sem_t *sem, intpshared, unsigned int value);
int sem_wait(sem_t *sem);
int sem_trywait(sem_t *sem);
int sem_post(sem_t * sem);
int sem_destroy(sem_t * sem);
semaphore变量的类型为sem_t
sem_init()初始化一个semaphore变量,value参数表示可用资源的数量,pshared参数为0表示信号量用于同一进程的线程间同步。
在用完semaphore变量之后应该调用sem_destroy()释放与semaphore相关的资源。
调用sem_wait()可以获得资源,使semaphore的值减1,如果调用sem_wait()时semaphore的值已经是0,则挂起等待。如果不希望挂起等待,可以调用sem_trywait()。调用sem_post()可以释放资源,使semaphore的值加1,同时唤醒挂起等待的线程。
# cat /proc/sys/kernel/shmmax
# cat /proc/sys/kernel/shmmni
kernel.shmmax = 2147483648
kernel.shmmni = 100
NAME | DESCRIPTION | MIN VALUE
-------+--------------------------------------------------+-------------
SHMMAX | maximum bytes in one shared memory segment| 4294967295
SHMMNI | maximum count of shared memorysegments | 4096
SHMSEG | maximum count of shared memorysegments per proc | TBD
SHMALL | maximum total shared memorysystem-wide | 2097152
2、kernel.shmmni
shmmni:共享内存段的最大数量,一般是够用的
kernel.shmmni 默认为4096
3、fs.file-max
fs.file-max:设置 系统所有进程一共可以打开的文件数量
cat /proc/sys/fs/file-max
该参数建议值:fs.file-max = 6815744
4、fs.aio-max-nr
系统范围内异步IO并发请求的最大个数
fs.aio-max-nr = 1048576
5、net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range:指定区间端口的总数
net.ipv4.ip_local_port_range = 9000 65500
#让TIME_WAIT状态可以重用,这样即使TIME_WAIT占满了所有端口,也不会拒绝新的请求造成障碍
echo "1" >/proc/sys/net/ipv4/tcp_tw_reuse
#让TIME_WAIT尽快回收,我也不知是多久,观察大概是一秒钟
echo "1" >/proc/sys/net/ipv4/tcp_tw_recycle
6、net.core.rmem_default
net.core.rmem_default表示套接字接收缓冲区大小的缺省值
/proc/sys/net/core/rmem_default
/proc/sys/net/core/rmem_max
使用udp接收数据时:
若没有调用setsockopt设置系统接收缓存,则接收缓存的大小为rmem_default.
若程序调用setsockopt设置系统接收缓存,设置值不能超过rmem_max.
系统会为每个udp socket申请一份缓存空间,而不是共用同一份缓存.
即每个udp socket都会有一个rmem_default大小的缓存空间(假设没有setsockopt设置).
oracle建议的最小值为:
net.core.rmem_default = 262144
7、net.core.rmem_max
net.core.rmem_max:表示套接字接收缓冲区大小的最大值。
oracle建议的最小值为:
net.core.rmem_max = 4194304
8、net.core.wmem_default
cat /proc/sys/net/core/wmem_default
net.core.wmem_default :udp socket默认的用于发送缓冲区大小的缺省值
net.core.wmem_default = 262144
9、net.core.wmem_max
net.core.wmem_max :udp socket默认的用于发送缓冲区大小的最大值
net.core.wmem_max = 1048576
linux 释放cache内存
echo 1 > /proc/sys/vm/drop_caches
limit限制
[[email protected] ~]$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 257380
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1024
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[[email protected] ~]# su - oracle
[[email protected] ~]$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 15984
max locked memory (kbytes, -l) 50000000
max memory size (kbytes, -m) unlimited
open files (-n) 65536
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 16384
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[[email protected] ~]$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 802816
max locked memory (kbytes, -l) 74136141
max memory size (kbytes, -m) unlimited
open files (-n) 65536
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 131072
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
2、sysctl -a
2.1 默认配置
kernel.sched_child_runs_first = 0
kernel.sched_min_granularity_ns = 4000000
kernel.sched_latency_ns = 20000000
kernel.sched_wakeup_granularity_ns =4000000
kernel.sched_shares_ratelimit = 1000000
kernel.sched_shares_thresh = 4
kernel.sched_features = 32611451
kernel.sched_migration_cost = 500000
kernel.sched_nr_migrate = 32
kernel.sched_time_avg = 1000
kernel.timer_migration = 1
kernel.sched_rt_period_us = 1000000
kernel.sched_rt_runtime_us = 950000
kernel.sched_compat_yield = 1
kernel.panic = 0
kernel.core_uses_pid = 1
kernel.core_pattern =|/usr/libexec/abrt-hook-ccpp %s %c %p %u %g %t e
kernel.core_pipe_limit = 4
kernel.tainted = 512
kernel.latencytop = 0
kernel.real-root-dev = 0
kernel.print-fatal-signals = 0
kernel.ctrl-alt-del = 0
kernel.ftrace_enabled = 1
kernel.stack_tracer_enabled = 0
kernel.ftrace_dump_on_oops = 0
kernel.modprobe = /sbin/modprobe
kernel.modules_disabled = 0
kernel.hotplug =
kernel.sg-big-buff = 32768
kernel.acct = 4 2 30
kernel.sysrq = 0
error: permission denied on key‘kernel.cad_pid‘
kernel.threads-max = 514761
kernel.random.poolsize = 4096
kernel.random.entropy_avail = 3474
kernel.random.read_wakeup_threshold = 64
kernel.random.write_wakeup_threshold = 128
kernel.random.boot_id =dfdbf1c1-7dcb-462a-a311-9109eb51e12a
kernel.random.uuid =6ce1f1b9-b09b-4372-a913-086d113eedbc
kernel.overflowuid = 65534
kernel.overflowgid = 65534
kernel.pid_max = 32768
kernel.panic_on_oops = 1
kernel.printk = 4 4 1 7
kernel.printk_ratelimit = 5
kernel.printk_ratelimit_burst = 10
kernel.printk_delay = 0
kernel.ngroups_max = 65536
kernel.unknown_nmi_panic = 0
kernel.nmi_watchdog = 0
kernel.panic_on_unrecovered_nmi = 0
kernel.panic_on_io_nmi = 0
kernel.bootloader_type = 113
kernel.bootloader_version = 1
kernel.kstack_depth_to_print = 12
kernel.io_delay_type = 0
kernel.randomize_va_space = 2
kernel.acpi_video_flags = 0
kernel.softlockup_panic = 0
kernel.softlockup_thresh = 60
kernel.hung_task_panic = 0
kernel.hung_task_check_count = 4194304
kernel.hung_task_timeout_secs = 120
kernel.hung_task_warnings = 0
kernel.compat-log = 1
kernel.max_lock_depth = 1024
kernel.poweroff_cmd = /sbin/poweroff
kernel.keys.maxkeys = 200
kernel.keys.maxbytes = 20000
kernel.keys.root_maxkeys = 200
kernel.keys.root_maxbytes = 20000
kernel.keys.gc_delay = 300
kernel.slow-work.min-threads = 2
kernel.slow-work.max-threads = 32
kernel.slow-work.vslow-percentage = 50
kernel.perf_event_paranoid = 1
kernel.perf_event_mlock_kb = 516
kernel.perf_event_max_sample_rate = 100000
kernel.blk_iopoll = 1
kernel.vsyscall64 = 1
kernel.ostype = Linux
kernel.osrelease =2.6.32-300.3.1.el6uek.x86_64
kernel.version = #1 SMP Fri Dec 9 18:57:35EST 2011
kernel.hostname = db1
kernel.domainname = (none)
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
kernel.shmmni = 4096
kernel.msgmax = 65536
kernel.msgmni = 32768
kernel.msgmnb = 65536
kernel.sem = 250 32000 32 128
kernel.auto_msgmni = 1
kernelNaNy.max = 4096
kernelNaNy.nr = 1050
kernel.sched_domain.cpu0.domain0.min_interval= 1
kernel.sched_domain.cpu0.domain0.max_interval= 4
kernel.sched_domain.cpu0.domain0.busy_idx =2
kernel.sched_domain.cpu0.domain0.idle_idx =0
kernel.sched_domain.cpu0.domain0.newidle_idx= 0
kernel.sched_domain.cpu0.domain0.wake_idx =0
kernel.sched_domain.cpu0.domain0.forkexec_idx= 0
kernel.sched_domain.cpu0.domain0.busy_factor= 64
kernel.sched_domain.cpu0.domain0.imbalance_pct= 125
kernel.sched_domain.cpu0.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu0.domain0.flags =4655
kernel.sched_domain.cpu0.domain0.name = MC
kernel.sched_domain.cpu0.domain1.min_interval= 8
kernel.sched_domain.cpu0.domain1.max_interval= 32
kernel.sched_domain.cpu0.domain1.busy_idx =3
kernel.sched_domain.cpu0.domain1.idle_idx =2
kernel.sched_domain.cpu0.domain1.newidle_idx= 0
kernel.sched_domain.cpu0.domain1.wake_idx =0
kernel.sched_domain.cpu0.domain1.forkexec_idx= 0
kernel.sched_domain.cpu0.domain1.busy_factor= 32
kernel.sched_domain.cpu0.domain1.imbalance_pct= 125
kernel.sched_domain.cpu0.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu0.domain1.flags =1071
kernel.sched_domain.cpu0.domain1.name =NODE
kernel.sched_domain.cpu1.domain0.min_interval= 1
kernel.sched_domain.cpu1.domain0.max_interval= 4
kernel.sched_domain.cpu1.domain0.busy_idx =2
kernel.sched_domain.cpu1.domain0.idle_idx =0
kernel.sched_domain.cpu1.domain0.newidle_idx= 0
kernel.sched_domain.cpu1.domain0.wake_idx =0
kernel.sched_domain.cpu1.domain0.forkexec_idx= 0
kernel.sched_domain.cpu1.domain0.busy_factor= 64
kernel.sched_domain.cpu1.domain0.imbalance_pct= 125
kernel.sched_domain.cpu1.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu1.domain0.flags =4655
kernel.sched_domain.cpu1.domain0.name = MC
kernel.sched_domain.cpu1.domain1.min_interval= 8
kernel.sched_domain.cpu1.domain1.max_interval= 32
kernel.sched_domain.cpu1.domain1.busy_idx =3
kernel.sched_domain.cpu1.domain1.idle_idx =2
kernel.sched_domain.cpu1.domain1.newidle_idx= 0
kernel.sched_domain.cpu1.domain1.wake_idx =0
kernel.sched_domain.cpu1.domain1.forkexec_idx= 0
kernel.sched_domain.cpu1.domain1.busy_factor= 32
kernel.sched_domain.cpu1.domain1.imbalance_pct= 125
kernel.sched_domain.cpu1.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu1.domain1.flags =1071
kernel.sched_domain.cpu1.domain1.name =NODE
kernel.sched_domain.cpu2.domain0.min_interval= 1
kernel.sched_domain.cpu2.domain0.max_interval= 4
kernel.sched_domain.cpu2.domain0.busy_idx =2
kernel.sched_domain.cpu2.domain0.idle_idx =0
kernel.sched_domain.cpu2.domain0.newidle_idx= 0
kernel.sched_domain.cpu2.domain0.wake_idx =0
kernel.sched_domain.cpu2.domain0.forkexec_idx= 0
kernel.sched_domain.cpu2.domain0.busy_factor= 64
kernel.sched_domain.cpu2.domain0.imbalance_pct= 125
kernel.sched_domain.cpu2.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu2.domain0.flags =4655
kernel.sched_domain.cpu2.domain0.name = MC
kernel.sched_domain.cpu2.domain1.min_interval= 8
kernel.sched_domain.cpu2.domain1.max_interval= 32
kernel.sched_domain.cpu2.domain1.busy_idx =3
kernel.sched_domain.cpu2.domain1.idle_idx =2
kernel.sched_domain.cpu2.domain1.newidle_idx= 0
kernel.sched_domain.cpu2.domain1.wake_idx =0
kernel.sched_domain.cpu2.domain1.forkexec_idx= 0
kernel.sched_domain.cpu2.domain1.busy_factor= 32
kernel.sched_domain.cpu2.domain1.imbalance_pct= 125
kernel.sched_domain.cpu2.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu2.domain1.flags =1071
kernel.sched_domain.cpu2.domain1.name =NODE
kernel.sched_domain.cpu3.domain0.min_interval= 1
kernel.sched_domain.cpu3.domain0.max_interval= 4
kernel.sched_domain.cpu3.domain0.busy_idx =2
kernel.sched_domain.cpu3.domain0.idle_idx =0
kernel.sched_domain.cpu3.domain0.newidle_idx= 0
kernel.sched_domain.cpu3.domain0.wake_idx =0
kernel.sched_domain.cpu3.domain0.forkexec_idx= 0
kernel.sched_domain.cpu3.domain0.busy_factor= 64
kernel.sched_domain.cpu3.domain0.imbalance_pct= 125
kernel.sched_domain.cpu3.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu3.domain0.flags =4655
kernel.sched_domain.cpu3.domain0.name = MC
kernel.sched_domain.cpu3.domain1.min_interval= 8
kernel.sched_domain.cpu3.domain1.max_interval= 32
kernel.sched_domain.cpu3.domain1.busy_idx =3
kernel.sched_domain.cpu3.domain1.idle_idx =2
kernel.sched_domain.cpu3.domain1.newidle_idx= 0
kernel.sched_domain.cpu3.domain1.wake_idx =0
kernel.sched_domain.cpu3.domain1.forkexec_idx= 0
kernel.sched_domain.cpu3.domain1.busy_factor= 32
kernel.sched_domain.cpu3.domain1.imbalance_pct= 125
kernel.sched_domain.cpu3.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu3.domain1.flags =1071
kernel.sched_domain.cpu3.domain1.name =NODE
kernel.sched_domain.cpu4.domain0.min_interval= 1
kernel.sched_domain.cpu4.domain0.max_interval= 4
kernel.sched_domain.cpu4.domain0.busy_idx =2
kernel.sched_domain.cpu4.domain0.idle_idx =0
kernel.sched_domain.cpu4.domain0.newidle_idx= 0
kernel.sched_domain.cpu4.domain0.wake_idx =0
kernel.sched_domain.cpu4.domain0.forkexec_idx= 0
kernel.sched_domain.cpu4.domain0.busy_factor= 64
kernel.sched_domain.cpu4.domain0.imbalance_pct= 125
kernel.sched_domain.cpu4.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu4.domain0.flags =4655
kernel.sched_domain.cpu4.domain0.name = MC
kernel.sched_domain.cpu4.domain1.min_interval= 8
kernel.sched_domain.cpu4.domain1.max_interval= 32
kernel.sched_domain.cpu4.domain1.busy_idx =3
kernel.sched_domain.cpu4.domain1.idle_idx =2
kernel.sched_domain.cpu4.domain1.newidle_idx= 0
kernel.sched_domain.cpu4.domain1.wake_idx =0
kernel.sched_domain.cpu4.domain1.forkexec_idx= 0
kernel.sched_domain.cpu4.domain1.busy_factor= 32
kernel.sched_domain.cpu4.domain1.imbalance_pct= 125
kernel.sched_domain.cpu4.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu4.domain1.flags =1071
kernel.sched_domain.cpu4.domain1.name =NODE
kernel.sched_domain.cpu5.domain0.min_interval= 1
kernel.sched_domain.cpu5.domain0.max_interval= 4
kernel.sched_domain.cpu5.domain0.busy_idx =2
kernel.sched_domain.cpu5.domain0.idle_idx =0
kernel.sched_domain.cpu5.domain0.newidle_idx= 0
kernel.sched_domain.cpu5.domain0.wake_idx =0
kernel.sched_domain.cpu5.domain0.forkexec_idx= 0
kernel.sched_domain.cpu5.domain0.busy_factor= 64
kernel.sched_domain.cpu5.domain0.imbalance_pct= 125
kernel.sched_domain.cpu5.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu5.domain0.flags =4655
kernel.sched_domain.cpu5.domain0.name = MC
kernel.sched_domain.cpu5.domain1.min_interval= 8
kernel.sched_domain.cpu5.domain1.max_interval= 32
kernel.sched_domain.cpu5.domain1.busy_idx =3
kernel.sched_domain.cpu5.domain1.idle_idx =2
kernel.sched_domain.cpu5.domain1.newidle_idx= 0
kernel.sched_domain.cpu5.domain1.wake_idx =0
kernel.sched_domain.cpu5.domain1.forkexec_idx= 0
kernel.sched_domain.cpu5.domain1.busy_factor= 32
kernel.sched_domain.cpu5.domain1.imbalance_pct= 125
kernel.sched_domain.cpu5.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu5.domain1.flags =1071
kernel.sched_domain.cpu5.domain1.name =NODE
kernel.sched_domain.cpu6.domain0.min_interval= 1
kernel.sched_domain.cpu6.domain0.max_interval= 4
kernel.sched_domain.cpu6.domain0.busy_idx =2
kernel.sched_domain.cpu6.domain0.idle_idx =0
kernel.sched_domain.cpu6.domain0.newidle_idx= 0
kernel.sched_domain.cpu6.domain0.wake_idx =0
kernel.sched_domain.cpu6.domain0.forkexec_idx= 0
kernel.sched_domain.cpu6.domain0.busy_factor= 64
kernel.sched_domain.cpu6.domain0.imbalance_pct= 125
kernel.sched_domain.cpu6.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu6.domain0.flags =4655
kernel.sched_domain.cpu6.domain0.name = MC
kernel.sched_domain.cpu6.domain1.min_interval= 8
kernel.sched_domain.cpu6.domain1.max_interval= 32
kernel.sched_domain.cpu6.domain1.busy_idx =3
kernel.sched_domain.cpu6.domain1.idle_idx =2
kernel.sched_domain.cpu6.domain1.newidle_idx= 0
kernel.sched_domain.cpu6.domain1.wake_idx =0
kernel.sched_domain.cpu6.domain1.forkexec_idx= 0
kernel.sched_domain.cpu6.domain1.busy_factor= 32
kernel.sched_domain.cpu6.domain1.imbalance_pct= 125
kernel.sched_domain.cpu6.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu6.domain1.flags =1071
kernel.sched_domain.cpu6.domain1.name =NODE
kernel.sched_domain.cpu7.domain0.min_interval= 1
kernel.sched_domain.cpu7.domain0.max_interval= 4
kernel.sched_domain.cpu7.domain0.busy_idx =2
kernel.sched_domain.cpu7.domain0.idle_idx =0
kernel.sched_domain.cpu7.domain0.newidle_idx= 0
kernel.sched_domain.cpu7.domain0.wake_idx =0
kernel.sched_domain.cpu7.domain0.forkexec_idx= 0
kernel.sched_domain.cpu7.domain0.busy_factor= 64
kernel.sched_domain.cpu7.domain0.imbalance_pct= 125
kernel.sched_domain.cpu7.domain0.cache_nice_tries= 1
kernel.sched_domain.cpu7.domain0.flags =4655
kernel.sched_domain.cpu7.domain0.name = MC
kernel.sched_domain.cpu7.domain1.min_interval= 8
kernel.sched_domain.cpu7.domain1.max_interval= 32
kernel.sched_domain.cpu7.domain1.busy_idx =3
kernel.sched_domain.cpu7.domain1.idle_idx =2
kernel.sched_domain.cpu7.domain1.newidle_idx= 0
kernel.sched_domain.cpu7.domain1.wake_idx =0
kernel.sched_domain.cpu7.domain1.forkexec_idx= 0
kernel.sched_domain.cpu7.domain1.busy_factor= 32
kernel.sched_domain.cpu7.domain1.imbalance_pct= 125
kernel.sched_domain.cpu7.domain1.cache_nice_tries= 2
kernel.sched_domain.cpu7.domain1.flags =1071
kernel.sched_domain.cpu7.domain1.name =NODE
vm.overcommit_memory = 0
vm.panic_on_oom = 0
vm.oom_kill_allocating_task = 0
vm.oom_dump_tasks = 0
vm.overcommit_ratio = 50
vm.page-cluster = 3
vm.dirty_background_ratio = 10
vm.dirty_background_bytes = 0
vm.dirty_ratio = 20
vm.dirty_bytes = 0
vm.dirty_writeback_centisecs = 500
vm.dirty_expire_centisecs = 3000
vm.nr_pdflush_threads = 0
vm.swappiness = 60
vm.nr_hugepages = 0
vm.hugetlb_shm_group = 0
vm.hugepages_treat_as_movable = 0
vm.nr_overcommit_hugepages = 0
vm.lowmem_reserve_ratio = 256 256 32
vm.drop_caches = 0
vm.min_free_kbytes = 22991
vm.percpu_pagelist_fraction = 0
vm.max_map_count = 65530
vm.laptop_mode = 0
vm.block_dump = 0
vm.vfs_cache_pressure = 100
vm.legacy_va_layout = 0
vm.zone_reclaim_mode = 0
vm.min_unmapped_ratio = 1
vm.min_slab_ratio = 5
vm.stat_interval = 1
vm.mmap_min_addr = 4096
vm.numa_zonelist_order = default
vm.scan_unevictable_pages = 0
fs.inode-nr = 154650 22116
fs.inode-state = 154650 22116 0 0 0 0 0
fs.file-nr = 8096 0 6815744
fs.file-max = 6815744
fs.nr_open = 1048576
fs.dentry-state = 187669 177721 45 0 0 0
fs.overflowuid = 65534
fs.overflowgid = 65534
fs.leases-enable = 1
fs.dir-notify-enable = 1
fs.lease-break-time = 45
fs.aio-nr = 61935
fs.aio-max-nr = 65536
fs.inotify.max_user_instances = 128
fs.inotify.max_user_watches = 8192
fs.inotify.max_queued_events = 16384
fs.epoll.max_user_watches = 6747074
fs.suid_dumpable = 0
fs.binfmt_misc.status = enabled
fs.quota.lookups = 0
fs.quota.drops = 0
fs.quota.reads = 0
fs.quota.writes = 0
fs.quota.cache_hits = 0
fs.quota.allocated_dquots = 0
fs.quota.free_dquots = 0
fs.quota.syncs = 40
fs.mqueue.queues_max = 256
fs.mqueue.msg_max = 10
fs.mqueue.msgsize_max = 8192
debug.exception-trace = 1
dev.scsi.logging_level = 0
dev.raid.speed_limit_min = 1000
dev.raid.speed_limit_max = 200000
dev.hpet.max-user-freq = 64
dev.mac_hid.mouse_button_emulation = 0
dev.mac_hid.mouse_button2_keycode = 97
dev.mac_hid.mouse_button3_keycode = 100
dev.cdrom.info = CD-ROM information, Id:cdrom.c 3.20 2003/12/17
dev.cdrom.info =
dev.cdrom.info = drive name:
dev.cdrom.info = drive speed:
dev.cdrom.info = drive # of slots:
dev.cdrom.info = Can close tray:
dev.cdrom.info = Can open tray:
dev.cdrom.info = Can lock tray:
dev.cdrom.info = Can change speed:
dev.cdrom.info = Can select disk:
dev.cdrom.info = Can read multisession:
dev.cdrom.info = Can read MCN:
dev.cdrom.info = Reports media changed:
dev.cdrom.info = Can play audio:
dev.cdrom.info = Can write CD-R:
dev.cdrom.info = Can write CD-RW:
dev.cdrom.info = Can read DVD:
dev.cdrom.info = Can write DVD-R:
dev.cdrom.info = Can write DVD-RAM:
dev.cdrom.info = Can read MRW:
dev.cdrom.info = Can write MRW:
dev.cdrom.info = Can write RAM:
dev.cdrom.info =
dev.cdrom.info =
dev.cdrom.autoclose = 1
dev.cdrom.autoeject = 0
dev.cdrom.debug = 0
dev.cdrom.lock = 1
dev.cdrom.check_media = 0
net.netfilter.nf_log.0 = NONE
net.netfilter.nf_log.1 = NONE
net.netfilter.nf_log.2 = NONE
net.netfilter.nf_log.3 = NONE
net.netfilter.nf_log.4 = NONE
net.netfilter.nf_log.5 = NONE
net.netfilter.nf_log.6 = NONE
net.netfilter.nf_log.7 = NONE
net.netfilter.nf_log.8 = NONE
net.netfilter.nf_log.9 = NONE
net.netfilter.nf_log.10 = NONE
net.netfilter.nf_log.11 = NONE
net.netfilter.nf_log.12 = NONE
net.netfilter.nf_conntrack_generic_timeout= 600
net.netfilter.nf_conntrack_tcp_timeout_syn_sent= 120
net.netfilter.nf_conntrack_tcp_timeout_syn_recv= 60
net.netfilter.nf_conntrack_tcp_timeout_established= 432000
net.netfilter.nf_conntrack_tcp_timeout_fin_wait= 120
net.netfilter.nf_conntrack_tcp_timeout_close_wait= 60
net.netfilter.nf_conntrack_tcp_timeout_last_ack= 30
net.netfilter.nf_conntrack_tcp_timeout_time_wait= 120
net.netfilter.nf_conntrack_tcp_timeout_close= 10
net.netfilter.nf_conntrack_tcp_timeout_max_retrans= 300
net.netfilter.nf_conntrack_tcp_timeout_unacknowledged= 300
net.netfilter.nf_conntrack_tcp_loose = 1
net.netfilter.nf_conntrack_tcp_be_liberal =0
net.netfilter.nf_conntrack_tcp_max_retrans= 3
net.netfilter.nf_conntrack_udp_timeout = 30
net.netfilter.nf_conntrack_udp_timeout_stream= 180
net.netfilter.nf_conntrack_icmpv6_timeout =30
net.netfilter.nf_conntrack_frag6_timeout =60
net.netfilter.nf_conntrack_frag6_low_thresh= 196608
net.netfilter.nf_conntrack_frag6_high_thresh= 262144
net.netfilter.nf_conntrack_icmp_timeout =30
net.netfilter.nf_conntrack_acct = 1
net.netfilter.nf_conntrack_events = 1
net.netfilter.nf_conntrack_events_retry_timeout= 15
net.netfilter.nf_conntrack_max = 65536
net.netfilter.nf_conntrack_count = 412
net.netfilter.nf_conntrack_buckets = 16384
net.netfilter.nf_conntrack_checksum = 1
net.netfilter.nf_conntrack_log_invalid = 0
net.netfilter.nf_conntrack_expect_max = 256
net.core.somaxconn = 128
net.core.xfrm_aevent_etime = 10
net.core.xfrm_aevent_rseqth = 2
net.core.xfrm_larval_drop = 1
net.core.xfrm_acq_expires = 30
net.core.wmem_max = 131071
net.core.rmem_max = 131071
net.core.wmem_default = 126976
net.core.rmem_default = 126976
net.core.dev_weight = 64
net.core.netdev_max_backlog = 1000
net.core.message_cost = 5
net.core.message_burst = 10
net.core.optmem_max = 20480
net.core.rps_sock_flow_entries = 0
net.core.netdev_budget = 300
net.core.warnings = 1
net.ipv4.route.gc_thresh = 524288
net.ipv4.route.max_size = 8388608
net.ipv4.route.gc_min_interval = 0
net.ipv4.route.gc_min_interval_ms = 500
net.ipv4.route.gc_timeout = 300
net.ipv4.route.gc_interval = 60
net.ipv4.route.redirect_load = 20
net.ipv4.route.redirect_number = 9
net.ipv4.route.redirect_silence = 20480
net.ipv4.route.error_cost = 1000
net.ipv4.route.error_burst = 5000
net.ipv4.route.gc_elasticity = 8
net.ipv4.route.mtu_expires = 600
net.ipv4.route.min_pmtu = 552
net.ipv4.route.min_adv_mss = 256
net.ipv4.route.secret_interval = 600
net.ipv4.neigh.default.mcast_solicit = 3
net.ipv4.neigh.default.ucast_solicit = 3
net.ipv4.neigh.default.app_solicit = 0
net.ipv4.neigh.default.retrans_time = 99
net.ipv4.neigh.default.base_reachable_time= 30
net.ipv4.neigh.default.delay_first_probe_time= 5
net.ipv4.neigh.default.gc_stale_time = 60
net.ipv4.neigh.default.unres_qlen = 3
net.ipv4.neigh.default.proxy_qlen = 64
net.ipv4.neigh.default.anycast_delay = 99
net.ipv4.neigh.default.proxy_delay = 79
net.ipv4.neigh.default.locktime = 99
net.ipv4.neigh.default.retrans_time_ms =1000
net.ipv4.neigh.default.base_reachable_time_ms= 30000
net.ipv4.neigh.default.gc_interval = 30
net.ipv4.neigh.default.gc_thresh1 = 128
net.ipv4.neigh.default.gc_thresh2 = 512
net.ipv4.neigh.default.gc_thresh3 = 1024
net.ipv4.neigh.lo.mcast_solicit = 3
net.ipv4.neigh.lo.ucast_solicit = 3
net.ipv4.neigh.lo.app_solicit = 0
net.ipv4.neigh.lo.retrans_time = 99
net.ipv4.neigh.lo.base_reachable_time = 30
net.ipv4.neigh.lo.delay_first_probe_time =5
net.ipv4.neigh.lo.gc_stale_time = 60
net.ipv4.neigh.lo.unres_qlen = 3
net.ipv4.neigh.lo.proxy_qlen = 64
net.ipv4.neigh.lo.anycast_delay = 99
net.ipv4.neigh.lo.proxy_delay = 79
net.ipv4.neigh.lo.locktime = 99
net.ipv4.neigh.lo.retrans_time_ms = 1000
net.ipv4.neigh.lo.base_reachable_time_ms =30000
net.ipv4.neigh.em2.mcast_solicit = 3
net.ipv4.neigh.em2.ucast_solicit = 3
net.ipv4.neigh.em2.app_solicit = 0
net.ipv4.neigh.em2.retrans_time = 99
net.ipv4.neigh.em2.base_reachable_time = 30
net.ipv4.neigh.em2.delay_first_probe_time =5
net.ipv4.neigh.em2.gc_stale_time = 60
net.ipv4.neigh.em2.unres_qlen = 3
net.ipv4.neigh.em2.proxy_qlen = 64
net.ipv4.neigh.em2.anycast_delay = 99
net.ipv4.neigh.em2.proxy_delay = 79
net.ipv4.neigh.em2.locktime = 99
net.ipv4.neigh.em2.retrans_time_ms = 1000
net.ipv4.neigh.em2.base_reachable_time_ms =30000
net.ipv4.neigh.em1.mcast_solicit = 3
net.ipv4.neigh.em1.ucast_solicit = 3
net.ipv4.neigh.em1.app_solicit = 0
net.ipv4.neigh.em1.retrans_time = 99
net.ipv4.neigh.em1.base_reachable_time = 30
net.ipv4.neigh.em1.delay_first_probe_time =5
net.ipv4.neigh.em1.gc_stale_time = 60
net.ipv4.neigh.em1.unres_qlen = 3
net.ipv4.neigh.em1.proxy_qlen = 64
net.ipv4.neigh.em1.anycast_delay = 99
net.ipv4.neigh.em1.proxy_delay = 79
net.ipv4.neigh.em1.locktime = 99
net.ipv4.neigh.em1.retrans_time_ms = 1000
net.ipv4.neigh.em1.base_reachable_time_ms =30000
net.ipv4.neigh.bond0.mcast_solicit = 3
net.ipv4.neigh.bond0.ucast_solicit = 3
net.ipv4.neigh.bond0.app_solicit = 0
net.ipv4.neigh.bond0.retrans_time = 99
net.ipv4.neigh.bond0.base_reachable_time =30
net.ipv4.neigh.bond0.delay_first_probe_time= 5
net.ipv4.neigh.bond0.gc_stale_time = 60
net.ipv4.neigh.bond0.unres_qlen = 3
net.ipv4.neigh.bond0.proxy_qlen = 64
net.ipv4.neigh.bond0.anycast_delay = 99
net.ipv4.neigh.bond0.proxy_delay = 79
net.ipv4.neigh.bond0.locktime = 99
net.ipv4.neigh.bond0.retrans_time_ms = 1000
net.ipv4.neigh.bond0.base_reachable_time_ms= 30000
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_retrans_collapse = 1
net.ipv4.ip_default_ttl = 64
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.ip_nonlocal_bind = 0
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_tw_buckets = 262144
net.ipv4.ip_dynaddr = 0
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_stdurg = 0
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.ip_local_port_range = 32768 61000
net.ipv4.igmp_max_memberships = 20
net.ipv4.igmp_max_msf = 10
net.ipv4.inet_peer_threshold = 65664
net.ipv4.inet_peer_minttl = 120
net.ipv4.inet_peer_maxttl = 600
net.ipv4.inet_peer_gc_mintime = 10
net.ipv4.inet_peer_gc_maxtime = 120
net.ipv4.tcp_orphan_retries = 0
net.ipv4.tcp_fack = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_ecn = 2
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_mem = 3088512 4118016 6177024
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_app_win = 31
net.ipv4.tcp_adv_win_scale = 2
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_frto = 2
net.ipv4.tcp_frto_response = 0
net.ipv4.tcp_low_latency = 0
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_tso_win_divisor = 3
net.ipv4.tcp_congestion_control = cubic
net.ipv4.tcp_abc = 0
net.ipv4.tcp_mtu_probing = 0
net.ipv4.tcp_base_mss = 512
net.ipv4.tcp_workaround_signed_windows = 0
net.ipv4.tcp_dma_copybreak = 4096
net.ipv4.tcp_slow_start_after_idle = 1
net.ipv4.cipso_cache_enable = 1
net.ipv4.cipso_cache_bucket_size = 10
net.ipv4.cipso_rbm_optfmt = 0
net.ipv4.cipso_rbm_strictvalid = 1
net.ipv4.tcp_available_congestion_control =cubic reno
net.ipv4.tcp_allowed_congestion_control =cubic reno
net.ipv4.tcp_max_ssthresh = 0
net.ipv4.udp_mem = 3088512 4118016 6177024
net.ipv4.udp_rmem_min = 4096
net.ipv4.udp_wmem_min = 4096
net.ipv4.conf.all.forwarding = 0
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.shared_media = 1
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.accept_local = 1
net.ipv4.conf.all.src_valid_mark = 0
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.conf.all.medium_id = 0
net.ipv4.conf.all.bootp_relay = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.tag = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_notify = 0
net.ipv4.conf.all.disable_xfrm = 0
net.ipv4.conf.all.disable_policy = 0
net.ipv4.conf.all.force_igmp_version = 0
net.ipv4.conf.all.promote_secondaries = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.conf.default.shared_media = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.default.accept_source_route =0
net.ipv4.conf.default.accept_local = 0
net.ipv4.conf.default.src_valid_mark = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.default.medium_id = 0
net.ipv4.conf.default.bootp_relay = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.tag = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.arp_notify = 0
net.ipv4.conf.default.disable_xfrm = 0
net.ipv4.conf.default.disable_policy = 0
net.ipv4.conf.default.force_igmp_version =0
net.ipv4.conf.default.promote_secondaries =0
net.ipv4.conf.lo.forwarding = 0
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.accept_redirects = 1
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.lo.shared_media = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.lo.send_redirects = 1
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.lo.accept_local = 0
net.ipv4.conf.lo.src_valid_mark = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.lo.medium_id = 0
net.ipv4.conf.lo.bootp_relay = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.lo.tag = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.arp_notify = 0
net.ipv4.conf.lo.disable_xfrm = 1
net.ipv4.conf.lo.disable_policy = 1
net.ipv4.conf.lo.force_igmp_version = 0
net.ipv4.conf.lo.promote_secondaries = 0
net.ipv4.conf.em2.forwarding = 0
net.ipv4.conf.em2.mc_forwarding = 0
net.ipv4.conf.em2.accept_redirects = 1
net.ipv4.conf.em2.secure_redirects = 1
net.ipv4.conf.em2.shared_media = 1
net.ipv4.conf.em2.rp_filter = 1
net.ipv4.conf.em2.send_redirects = 1
net.ipv4.conf.em2.accept_source_route = 0
net.ipv4.conf.em2.accept_local = 0
net.ipv4.conf.em2.src_valid_mark = 0
net.ipv4.conf.em2.proxy_arp = 0
net.ipv4.conf.em2.medium_id = 0
net.ipv4.conf.em2.bootp_relay = 0
net.ipv4.conf.em2.log_martians = 0
net.ipv4.conf.em2.tag = 0
net.ipv4.conf.em2.arp_filter = 0
net.ipv4.conf.em2.arp_announce = 0
net.ipv4.conf.em2.arp_ignore = 0
net.ipv4.conf.em2.arp_accept = 0
net.ipv4.conf.em2.arp_notify = 0
net.ipv4.conf.em2.disable_xfrm = 0
net.ipv4.conf.em2.disable_policy = 0
net.ipv4.conf.em2.force_igmp_version = 0
net.ipv4.conf.em2.promote_secondaries = 0
net.ipv4.conf.em1.forwarding = 0
net.ipv4.conf.em1.mc_forwarding = 0
net.ipv4.conf.em1.accept_redirects = 1
net.ipv4.conf.em1.secure_redirects = 1
net.ipv4.conf.em1.shared_media = 1
net.ipv4.conf.em1.rp_filter = 1
net.ipv4.conf.em1.send_redirects = 1
net.ipv4.conf.em1.accept_source_route = 0
net.ipv4.conf.em1.accept_local = 0
net.ipv4.conf.em1.src_valid_mark = 0
net.ipv4.conf.em1.proxy_arp = 0
net.ipv4.conf.em1.medium_id = 0
net.ipv4.conf.em1.bootp_relay = 0
net.ipv4.conf.em1.log_martians = 0
net.ipv4.conf.em1.tag = 0
net.ipv4.conf.em1.arp_filter = 0
net.ipv4.conf.em1.arp_announce = 0
net.ipv4.conf.em1.arp_ignore = 0
net.ipv4.conf.em1.arp_accept = 0
net.ipv4.conf.em1.arp_notify = 0
net.ipv4.conf.em1.disable_xfrm = 0
net.ipv4.conf.em1.disable_policy = 0
net.ipv4.conf.em1.force_igmp_version = 0
net.ipv4.conf.em1.promote_secondaries = 0
net.ipv4.conf.bond0.forwarding = 0
net.ipv4.conf.bond0.mc_forwarding = 0
net.ipv4.conf.bond0.accept_redirects = 1
net.ipv4.conf.bond0.secure_redirects = 1
net.ipv4.conf.bond0.shared_media = 1
net.ipv4.conf.bond0.rp_filter = 1
net.ipv4.conf.bond0.send_redirects = 1
net.ipv4.conf.bond0.accept_source_route = 0
net.ipv4.conf.bond0.accept_local = 0
net.ipv4.conf.bond0.src_valid_mark = 0
net.ipv4.conf.bond0.proxy_arp = 0
net.ipv4.conf.bond0.medium_id = 0
net.ipv4.conf.bond0.bootp_relay = 0
net.ipv4.conf.bond0.log_martians = 0
net.ipv4.conf.bond0.tag = 0
net.ipv4.conf.bond0.arp_filter = 0
net.ipv4.conf.bond0.arp_announce = 0
net.ipv4.conf.bond0.arp_ignore = 0
net.ipv4.conf.bond0.arp_accept = 0
net.ipv4.conf.bond0.arp_notify = 0
net.ipv4.conf.bond0.disable_xfrm = 0
net.ipv4.conf.bond0.disable_policy = 0
net.ipv4.conf.bond0.force_igmp_version = 0
net.ipv4.conf.bond0.promote_secondaries = 0
net.ipv4.ip_forward = 0
net.ipv4.xfrm4_gc_thresh = 4194304
net.ipv4.ipfrag_high_thresh = 262144
net.ipv4.ipfrag_low_thresh = 196608
net.ipv4.ipfrag_time = 30
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses= 1
net.ipv4.icmp_errors_use_inbound_ifaddr = 0
net.ipv4.icmp_ratelimit = 1000
net.ipv4.icmp_ratemask = 6168
net.ipv4.rt_cache_rebuild_count = 4
net.ipv4.ipfrag_secret_interval = 600
net.ipv4.ipfrag_max_dist = 64
net.ipv6.neigh.default.mcast_solicit = 3
net.ipv6.neigh.default.ucast_solicit = 3
net.ipv6.neigh.default.app_solicit = 0
net.ipv6.neigh.default.delay_first_probe_time= 5
net.ipv6.neigh.default.gc_stale_time = 60
net.ipv6.neigh.default.unres_qlen = 3
net.ipv6.neigh.default.proxy_qlen = 64
net.ipv6.neigh.default.anycast_delay = 99
net.ipv6.neigh.default.proxy_delay = 79
net.ipv6.neigh.default.locktime = 0
net.ipv6.neigh.default.retrans_time_ms =1000
net.ipv6.neigh.default.base_reachable_time_ms= 30000
net.ipv6.neigh.default.gc_interval = 30
net.ipv6.neigh.default.gc_thresh1 = 128
net.ipv6.neigh.default.gc_thresh2 = 512
net.ipv6.neigh.default.gc_thresh3 = 1024
net.ipv6.neigh.lo.mcast_solicit = 3
net.ipv6.neigh.lo.ucast_solicit = 3
net.ipv6.neigh.lo.app_solicit = 0
net.ipv6.neigh.lo.delay_first_probe_time =5
net.ipv6.neigh.lo.gc_stale_time = 60
net.ipv6.neigh.lo.unres_qlen = 3
net.ipv6.neigh.lo.proxy_qlen = 64
net.ipv6.neigh.lo.anycast_delay = 99
net.ipv6.neigh.lo.proxy_delay = 79
net.ipv6.neigh.lo.locktime = 0
net.ipv6.neigh.lo.retrans_time_ms = 1000
net.ipv6.neigh.lo.base_reachable_time_ms =30000
net.ipv6.neigh.em1.mcast_solicit = 3
net.ipv6.neigh.em1.ucast_solicit = 3
net.ipv6.neigh.em1.app_solicit = 0
net.ipv6.neigh.em1.delay_first_probe_time =5
net.ipv6.neigh.em1.gc_stale_time = 60
net.ipv6.neigh.em1.unres_qlen = 3
net.ipv6.neigh.em1.proxy_qlen = 64
net.ipv6.neigh.em1.anycast_delay = 99
net.ipv6.neigh.em1.proxy_delay = 79
net.ipv6.neigh.em1.locktime = 0
net.ipv6.neigh.em1.retrans_time_ms = 1000
net.ipv6.neigh.em1.base_reachable_time_ms =30000
net.ipv6.neigh.em2.mcast_solicit = 3
net.ipv6.neigh.em2.ucast_solicit = 3
net.ipv6.neigh.em2.app_solicit = 0
net.ipv6.neigh.em2.delay_first_probe_time =5
net.ipv6.neigh.em2.gc_stale_time = 60
net.ipv6.neigh.em2.unres_qlen = 3
net.ipv6.neigh.em2.proxy_qlen = 64
net.ipv6.neigh.em2.anycast_delay = 99
net.ipv6.neigh.em2.proxy_delay = 79
net.ipv6.neigh.em2.locktime = 0
net.ipv6.neigh.em2.retrans_time_ms = 1000
net.ipv6.neigh.em2.base_reachable_time_ms =30000
net.ipv6.neigh.bond0.mcast_solicit = 3
net.ipv6.neigh.bond0.ucast_solicit = 3
net.ipv6.neigh.bond0.app_solicit = 0
net.ipv6.neigh.bond0.delay_first_probe_time= 5
net.ipv6.neigh.bond0.gc_stale_time = 60
net.ipv6.neigh.bond0.unres_qlen = 3
net.ipv6.neigh.bond0.proxy_qlen = 64
net.ipv6.neigh.bond0.anycast_delay = 99
net.ipv6.neigh.bond0.proxy_delay = 79
net.ipv6.neigh.bond0.locktime = 0
net.ipv6.neigh.bond0.retrans_time_ms = 1000
net.ipv6.neigh.bond0.base_reachable_time_ms= 30000
net.ipv6.xfrm6_gc_thresh = 2048
net.ipv6.conf.all.forwarding = 0
net.ipv6.conf.all.hop_limit = 64
net.ipv6.conf.all.mtu = 1280
net.ipv6.conf.all.accept_ra = 1
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.autoconf = 1
net.ipv6.conf.all.dad_transmits = 1
net.ipv6.conf.all.router_solicitations = 3
net.ipv6.conf.all.router_solicitation_interval= 4
net.ipv6.conf.all.router_solicitation_delay= 1
net.ipv6.conf.all.force_mld_version = 0
net.ipv6.conf.all.use_tempaddr = 0
net.ipv6.conf.all.temp_valid_lft = 604800
net.ipv6.conf.all.temp_prefered_lft = 86400
net.ipv6.conf.all.regen_max_retry = 5
net.ipv6.conf.all.max_desync_factor = 600
net.ipv6.conf.all.max_addresses = 16
net.ipv6.conf.all.accept_ra_defrtr = 1
net.ipv6.conf.all.accept_ra_pinfo = 1
net.ipv6.conf.all.accept_ra_rtr_pref = 1
net.ipv6.conf.all.router_probe_interval =60
net.ipv6.conf.all.accept_ra_rt_info_max_plen= 0
net.ipv6.conf.all.proxy_ndp = 0
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.all.optimistic_dad = 0
net.ipv6.conf.all.mc_forwarding = 0
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.all.accept_dad = 1
net.ipv6.conf.default.forwarding = 0
net.ipv6.conf.default.hop_limit = 64
net.ipv6.conf.default.mtu = 1280
net.ipv6.conf.default.accept_ra = 1
net.ipv6.conf.default.accept_redirects = 1
net.ipv6.conf.default.autoconf = 1
net.ipv6.conf.default.dad_transmits = 1
net.ipv6.conf.default.router_solicitations= 3
net.ipv6.conf.default.router_solicitation_interval= 4
net.ipv6.conf.default.router_solicitation_delay= 1
net.ipv6.conf.default.force_mld_version = 0
net.ipv6.conf.default.use_tempaddr = 0
net.ipv6.conf.default.temp_valid_lft =604800
net.ipv6.conf.default.temp_prefered_lft =86400
net.ipv6.conf.default.regen_max_retry = 5
net.ipv6.conf.default.max_desync_factor =600
net.ipv6.conf.default.max_addresses = 16
net.ipv6.conf.default.accept_ra_defrtr = 1
net.ipv6.conf.default.accept_ra_pinfo = 1
net.ipv6.conf.default.accept_ra_rtr_pref =1
net.ipv6.conf.default.router_probe_interval= 60
net.ipv6.conf.default.accept_ra_rt_info_max_plen= 0
net.ipv6.conf.default.proxy_ndp = 0
net.ipv6.conf.default.accept_source_route =0
net.ipv6.conf.default.optimistic_dad = 0
net.ipv6.conf.default.mc_forwarding = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.default.accept_dad = 1
net.ipv6.conf.lo.forwarding = 0
net.ipv6.conf.lo.hop_limit = 64
net.ipv6.conf.lo.mtu = 16436
net.ipv6.conf.lo.accept_ra = 1
net.ipv6.conf.lo.accept_redirects = 1
net.ipv6.conf.lo.autoconf = 1
net.ipv6.conf.lo.dad_transmits = 1
net.ipv6.conf.lo.router_solicitations = 3
net.ipv6.conf.lo.router_solicitation_interval= 4
net.ipv6.conf.lo.router_solicitation_delay= 1
net.ipv6.conf.lo.force_mld_version = 0
net.ipv6.conf.lo.use_tempaddr = -1
net.ipv6.conf.lo.temp_valid_lft = 604800
net.ipv6.conf.lo.temp_prefered_lft = 86400
net.ipv6.conf.lo.regen_max_retry = 5
net.ipv6.conf.lo.max_desync_factor = 600
net.ipv6.conf.lo.max_addresses = 16
net.ipv6.conf.lo.accept_ra_defrtr = 1
net.ipv6.conf.lo.accept_ra_pinfo = 1
net.ipv6.conf.lo.accept_ra_rtr_pref = 1
net.ipv6.conf.lo.router_probe_interval = 60
net.ipv6.conf.lo.accept_ra_rt_info_max_plen= 0
net.ipv6.conf.lo.proxy_ndp = 0
net.ipv6.conf.lo.accept_source_route = 0
net.ipv6.conf.lo.optimistic_dad = 0
net.ipv6.conf.lo.mc_forwarding = 0
net.ipv6.conf.lo.disable_ipv6 = 0
net.ipv6.conf.lo.accept_dad = -1
net.ipv6.conf.em1.forwarding = 0
net.ipv6.conf.em1.hop_limit = 64
net.ipv6.conf.em1.mtu = 1500
net.ipv6.conf.em1.accept_ra = 1
net.ipv6.conf.em1.accept_redirects = 1
net.ipv6.conf.em1.autoconf = 1
net.ipv6.conf.em1.dad_transmits = 1
net.ipv6.conf.em1.router_solicitations = 3
net.ipv6.conf.em1.router_solicitation_interval= 4
net.ipv6.conf.em1.router_solicitation_delay= 1
net.ipv6.conf.em1.force_mld_version = 0
net.ipv6.conf.em1.use_tempaddr = 0
net.ipv6.conf.em1.temp_valid_lft = 604800
net.ipv6.conf.em1.temp_prefered_lft = 86400
net.ipv6.conf.em1.regen_max_retry = 5
net.ipv6.conf.em1.max_desync_factor = 600
net.ipv6.conf.em1.max_addresses = 16
net.ipv6.conf.em1.accept_ra_defrtr = 1
net.ipv6.conf.em1.accept_ra_pinfo = 1
net.ipv6.conf.em1.accept_ra_rtr_pref = 1
net.ipv6.conf.em1.router_probe_interval =60
net.ipv6.conf.em1.accept_ra_rt_info_max_plen= 0
net.ipv6.conf.em1.proxy_ndp = 0
net.ipv6.conf.em1.accept_source_route = 0
net.ipv6.conf.em1.optimistic_dad = 0
net.ipv6.conf.em1.mc_forwarding = 0
net.ipv6.conf.em1.disable_ipv6 = 0
net.ipv6.conf.em1.accept_dad = 1
net.ipv6.conf.em2.forwarding = 0
net.ipv6.conf.em2.hop_limit = 64
net.ipv6.conf.em2.mtu = 1500
net.ipv6.conf.em2.accept_ra = 1
net.ipv6.conf.em2.accept_redirects = 1
net.ipv6.conf.em2.autoconf = 1
net.ipv6.conf.em2.dad_transmits = 1
net.ipv6.conf.em2.router_solicitations = 3
net.ipv6.conf.em2.router_solicitation_interval= 4
net.ipv6.conf.em2.router_solicitation_delay= 1
net.ipv6.conf.em2.force_mld_version = 0
net.ipv6.conf.em2.use_tempaddr = 0
net.ipv6.conf.em2.temp_valid_lft = 604800
net.ipv6.conf.em2.temp_prefered_lft = 86400
net.ipv6.conf.em2.regen_max_retry = 5
net.ipv6.conf.em2.max_desync_factor = 600
net.ipv6.conf.em2.max_addresses = 16
net.ipv6.conf.em2.accept_ra_defrtr = 1
net.ipv6.conf.em2.accept_ra_pinfo = 1
net.ipv6.conf.em2.accept_ra_rtr_pref = 1
net.ipv6.conf.em2.router_probe_interval =60
net.ipv6.conf.em2.accept_ra_rt_info_max_plen= 0
net.ipv6.conf.em2.proxy_ndp = 0
net.ipv6.conf.em2.accept_source_route = 0
net.ipv6.conf.em2.optimistic_dad = 0
net.ipv6.conf.em2.mc_forwarding = 0
net.ipv6.conf.em2.disable_ipv6 = 0
net.ipv6.conf.em2.accept_dad = 1
net.ipv6.conf.bond0.forwarding = 0
net.ipv6.conf.bond0.hop_limit = 64
net.ipv6.conf.bond0.mtu = 1500
net.ipv6.conf.bond0.accept_ra = 1
net.ipv6.conf.bond0.accept_redirects = 1
net.ipv6.conf.bond0.autoconf = 1
net.ipv6.conf.bond0.dad_transmits = 1
net.ipv6.conf.bond0.router_solicitations =3
net.ipv6.conf.bond0.router_solicitation_interval= 4
net.ipv6.conf.bond0.router_solicitation_delay= 1
net.ipv6.conf.bond0.force_mld_version = 0
net.ipv6.conf.bond0.use_tempaddr = 0
net.ipv6.conf.bond0.temp_valid_lft = 604800
net.ipv6.conf.bond0.temp_prefered_lft =86400
net.ipv6.conf.bond0.regen_max_retry = 5
net.ipv6.conf.bond0.max_desync_factor = 600
net.ipv6.conf.bond0.max_addresses = 16
net.ipv6.conf.bond0.accept_ra_defrtr = 1
net.ipv6.conf.bond0.accept_ra_pinfo = 1
net.ipv6.conf.bond0.accept_ra_rtr_pref = 1
net.ipv6.conf.bond0.router_probe_interval =60
net.ipv6.conf.bond0.accept_ra_rt_info_max_plen= 0
net.ipv6.conf.bond0.proxy_ndp = 0
net.ipv6.conf.bond0.accept_source_route = 0
net.ipv6.conf.bond0.optimistic_dad = 0
net.ipv6.conf.bond0.mc_forwarding = 0
net.ipv6.conf.bond0.disable_ipv6 = 0
net.ipv6.conf.bond0.accept_dad = 1
net.ipv6.ip6frag_high_thresh = 262144
net.ipv6.ip6frag_low_thresh = 196608
net.ipv6.ip6frag_time = 60
net.ipv6.route.gc_thresh = 1024
net.ipv6.route.max_size = 4096
net.ipv6.route.gc_min_interval = 0
net.ipv6.route.gc_timeout = 60
net.ipv6.route.gc_interval = 30
net.ipv6.route.gc_elasticity = 0
net.ipv6.route.mtu_expires = 600
net.ipv6.route.min_adv_mss = 1
net.ipv6.route.gc_min_interval_ms = 500
net.ipv6.icmp.ratelimit = 1000
net.ipv6.bindv6only = 0
net.ipv6.ip6frag_secret_interval = 600
net.ipv6.mld_max_msf = 64
net.nf_conntrack_max = 65536
net.bridge.bridge-nf-call-arptables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-filter-vlan-tagged = 0
net.bridge.bridge-nf-filter-pppoe-tagged =0
net.unix.max_dgram_qlen = 10
abi.vsyscall32 = 1
crypto.fips_enabled = 0
sunrpc.rpc_debug = 0
sunrpc.nfs_debug = 0
sunrpc.nfsd_debug = 0
sunrpc.nlm_debug = 0
sunrpc.transports = tcp 1048576
sunrpc.transports = udp 32768
sunrpc.udp_slot_table_entries = 16
sunrpc.tcp_slot_table_entries = 16
sunrpc.min_resvport = 665
sunrpc.max_resvport = 1023
sunrpc.tcp_fin_timeout = 15
2.2 exadata x2-2配置
#
########### BEGIN DO NOT REMOVE Added byOracle Exadata ###########
# 13630226 Maximum shared memory allowed is85 percent of physical RAM
kernel.shmmax = 86038141747
# 13630226 Maximum shared memory pagesallowed are RAM divided by page size
kernel.shmall = 21005405
kernel.exec-shield = 1
kernel.randomize_va_space = 1
kernel.sysrq = 1
# 8778821 system reboots after 60 sec onpanic
kernel.panic = 60
kernel.softlockup_panic = 1
# 13601543 Allow crash dump from ILOM NMI
kernel.unknown_nmi_panic = 1
kernel.core_uses_pid = 1
vm.nr_hugepages = 1024
# 8311668 file-max and aio-max-nr also fromoracle-validated-1.0.0-24.el5.x86_64.rpm
kernel.msgmni = 2878
kernel.msgmax = 8192
kernel.msgmnb = 65536
kernel.shmmni = 4096
fs.file-max = 6815744
fs.aio-max-nr = 3145728
net.ipv4.ip_local_port_range = 9000 65500
vm.min_free_kbytes = 51200
net.core.rmem_default = 4194304
net.core.wmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_max = 2097152
# 13800950
kernel.pid_max = 131072
kernel.sem = 1024 60000 1024 256
net.ipv4.ip_forward = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
# 13331647
net.ipv4.tcp_max_syn_backlog = 1280
net.ipv4.conf.default.accept_source_route =0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.log_martians = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses= 1
net.ipv4.tcp_syncookies = 1
net.ipv6.conf.default.router_solicitations= 0
net.ipv6.conf.default.accept_ra_rtr_pref =0
net.ipv6.conf.default.accept_ra_pinfo = 0
net.ipv6.conf.default.accept_ra_defrtr = 0
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.default.dad_transmits = 0
net.ipv6.conf.default.max_addresses = 1
# 12650500
net.ipv4.tcp_timestamps = 0
net.ipv4.conf.default.rp_filter = 1
# 8976963, 10113636
net.ipv4.neigh.bondib0.locktime = 0
net.ipv4.conf.bondib0.arp_ignore = 1
net.ipv4.conf.bondib0.arp_accept = 1
net.ipv4.neigh.bondib0.base_reachable_time_ms= 10000
net.ipv4.neigh.bondib0.delay_first_probe_time= 1
########### END DO NOT REMOVE Added byOracle Exadata ###########
vm.nr_hugepages=13007s
其他
net.core.netdev_max_backlog = 30000 每个网络接口接收数据包的速率比内核处理这些包的速率快时,允许送到队列的数据包的最大数目
net.ipv4.tcp_mem = 786432 1048576 1572864 确定 TCP 栈应该如何反映内存使用,此处分别为3G、4G、6G;每个值的单位都是内存页(通常是4KB)。第一个值是内存使用的下限。第二个值是内存压力模式开始对缓冲区使用应用压力的上限。第三个值是内存上限。在这个层次上可以将报文丢弃,从而减少对内存的使用。
net.ipv4.tcp_rmem=4096 87380 16777216 TCP接收缓冲区,3个字段分别是min,default,max。Min:为TCP socket预留用于接收缓冲的内存数量,即使在内存出现紧张情况下TCP socket都至少会有这么多数量的内存用于接收缓冲。
Default:为TCP socket预留用于接收缓冲的内存数量,默认情况下该值影响其它协议使用的 net.core.wmem中default的值。该值决定了 在tcp_adv_win_scale、tcp_app_win和tcp_app_win的 默认值情况下,TCP 窗口大小为65535。
Max:为TCP socket预留用于接收缓冲的内存最大值。该值不会影响 net.core.wmem中max的值
net.ipv4.tcp_wmem=4096 65536 16777216 TCP发送缓冲区,3个字段分别是min,default,max。Min:为TCP socket预留用于发送缓冲的内存最小值。每个TCP socket都可以使用它。
Default:为TCP socket预留用于发送缓冲的内存数量,默认情况下该值会影响其它协议使用的net.core.wmem中default的值,一般要低于net.core.wmem中default的值。
Max:为TCP socket预留用于发送缓冲的内存最大值。该值不会影响net.core.wmem_max
net.ipv4.tcp_fin_timeout = 10 如果套接字由本端要求关闭,这个参数决定了它保持在FIN-WAIT-2状态的时间。对端可以出错并永远不关闭连接,甚至意外当机。缺省值是60 秒
net.ipv4.tcp_tw_recycle = 1 开启TCP连接中TIME-WAITsockets的快速回收,默认为0,表示关闭
net.ipv4.tcp_tw_reuse = 1 表示是否允许重新应用处于TIME-WAIT状态的socket用于新的TCP连接。
net.ipv4.tcp_max_tw_buckets = 6000 系统在同时所处理的最大timewaitsockets 数目。如果超过此数的话,time-wait socket 会被立即砍除并且显示警告信息。之所以要设定这个限制,纯粹为了抵御那些简单的 DoS 攻击,千万不要人为的降低这个限制,不过,如果网络条件需要比默认值更多,则可以提高它(或许还要增加内存)
net.ipv4.tcp_timestamps = 0 时间戳可以避免序列号的卷绕。一个1Gbps的链路肯定会遇到以前用过的序列号。时间戳能够让内核接受这种“异常”的数据包。这里需要将其关掉。
net.ipv4.tcp_window_scaling = 1 支持更大的TCP窗口. 如果TCP窗口最大超过65535(64KB),必须设置该数值为1。
net.ipv4.tcp_sack = 1 表示是否启用有选择的应答(SelectiveAcknowledgment),这可以通过有选择地应答乱序接收到的报文来提高性能(这样可以让发送者只发送丢失的报文段);(对于广域网通信来说)这个选项应该启用,但是这会增加对 CPU 的占用
net.ipv4.tcp_no_metrics_save=1 默认情况下一个tcp连接关闭后,把这个连接曾经有的参数比如慢启动门限snd_sthresh,拥塞窗口snd_cwnd 还有srtt等信息保存到dst_entry中, 只要dst_entry 没有失效,下次新建立相同连接的时候就可以使用保存的参数来初始化这个连接.通常情况下是关闭的。
net.ipv4.tcp_keepalive_time = 1200 当keepalive起用的时候,TCP发送keepalive消息的频度。缺省是2小时,改为20分钟
net.ipv4.tcp_syncookies = 1 当出现SYN等待队列溢出时,启用cookies来处理,可防范少量SYN攻击,默认为0,表示关闭
net.ipv4.tcp_max_orphans = 262144 系统中最多有多少个TCP 套接字不被关联到任何一个用户文件句柄上。如果超过这个数字,孤儿连接将即刻被复位并打印出警告信息。这个限制仅仅是为了防止简单的DoS 攻击,不能过分依靠它或者人为地减小这个值,更应该增加这个值(如果增加了内存之后)。
net.ipv4.tcp_max_syn_backlog = 262144 表示那些尚未收到客户端确认信息的连接(SYN消息)队列的长度,默认为1024,加大队列长度为262144,可以容纳更多等待连接的网络连接数。
net.ipv4.tcp_synack_retries = 2 为了打开对端的连接,内核需要发送一个SYN并附带一个回应前面一个SYN 的ACK。也就是所谓三次握手中的第二次握手。这个设置决定了内核放弃连接之前发送SYN+ACK 包的数量。
net.ipv4.tcp_syn_retries = 2 在内核放弃建立连接之前发送SYN 包的数量
web服务器收到了大量的连接,在启用了iptables的情况下,iptables会把所有的连接都做链接跟踪处理,这样iptables就会有一个链接跟踪表
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=1800 链接跟踪表保存时间,单位:秒
net.ipv4.netfilter.ip_conntrack_max=131070 链接跟踪表最大数目
kernel.sysrq = 0 允许按住Alt + PrtSc键打印内核信息,除非是调试,一般要关闭此功能
kernel.core_uses_pid = 1 控制core文件的文件名中是否添加pid作为扩展。文件内容为1,表示添加pid作为扩展名,生成的core文件格式为core.xxxx;为0则表示生成的core文件同一命名为core
kernel.msgmnb = 65536 每个消息队列的最大字节限制。
kernel.msgmax = 65536 从一个进程发送到另一个进程的消息的最大长度(bytes)。进程间的消息传递是在内核的内存中进行的,不会交换到磁盘上,所以如果增加该值,则将增加操作系统所使用的内存数量。
kernel.shmmax = 68719476736 表示内核所允许的最大共享内存段的大小(bytes)
kernel.shmall = 4294967296 系统上可以使用的共享内存的总量(bytes)
kernel.randomize_va_space = 1 将该值设置为 0 可禁用地址空间布局随机化。DB2数据服务器依赖特定共享内存对象的固定地址,地址空间布局随机化会导致有些活动发生错误
net.ipv4.ip_forward = 0 0表示禁用 IPv4 包转送
net.ipv4.neigh.default.gc_stale_time=120 ARP参数,检查一次相邻层记录的有效性的周期。当相邻层记录失效时,将在给它发送数据前,再解析一次。缺省值是60秒。
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_announce=2
以下命令使内核参数生效:
/sbin/sysctl -p 生效
/sbin/sysctl -a | grepnet.core.netdev_max_backlog 查看
如果出现error: "net.ipv4.netfilter.ip_conntrack_max" is an unknownkey
执行下面的命令加载对应模块:
modprobe ip_conntrack
lsmod |grep conn -- if you see entries itmeans modules have been loaded correctly
sysctl -w -- to write the changes you madeunder /etc/sysctl.conf
sysctl -p -- to view the changes and see ifit was actually loaded.
还不行,把net.ipv4.netfilter.ip_conntrack_max替换为:
net.nf_conntrack_max = 131070试试看