sysctl is used to adjust kernel parameters at runtime to optimize Linux system performance. The answer is to improve the performance of specific workloads by placing network, memory and security-related parameters rationally. 1. Understand the basics of sysctl: Use sysctl to view or set the kernel parameters under /proc/sys, temporarily modify the command such as sudo sysctl net.core.rmem_max=16777216, permanent modification requires writing /etc/sysctl.conf or /etc/sysctl.d/ and executing sudo sysctl -p to take effect. 2. Network performance tuning: For high-traffic scenarios, increase the TCP buffer (such as net.core.rmem_max, tcp_rmem, etc.), enable tcp_window_scaling to improve throughput, adjust tcp_tw_reuse and fin_timeout to optimize connection reuse, and expand the local port range and connection queue (somaxconn, tcp_max_syn_backlog) to avoid resource exhaustion. 3. Memory and VM management: Reduce vm.swappiness to reduce the use of swap partitions, set dirty_ratio and dirty_background_ratio to control dirty page writeback frequency to balance performance and data security, and adjust vfs_cache_pressure to reduce file system cache pressure. 4. Security and performance trade-off: Decide whether to turn off tcp_timestamps to enhance security based on actual needs, enable tcp_syncookies to defend against SYN flood attacks, but avoid excessive limitations to lead to performance overhead. Finally, it is recommended to gradually test the changes, combine the monitoring effects of iperf, sar and other tools, record the reasons for adjusting parameters, and eliminate blindly applying other people's configurations. It should be optimized accurately based on actual workloads (such as network-intensive and memory-intensive). Correctly using a few key parameters can significantly improve system performance.

Linux performance tuning with sysctl is all about adjusting kernel parameters at runtime to optimize system behavior for specific workloads—whether it's improving network throughput, reducing latency, or better memory management. Unlike recompiling the kernel or rebooting, sysctl lets you make changes on the fly, and persist them across reboots with proper configuration.

Here's how to use sysctl effectively for performance tuning, broken down into key areas.

1. Understanding sysctl Basics

sysctl is a tool that reads or sets kernel parameters exposed through the /proc/sys/ virtual filesystem. These parameters control various aspects of the Linux kernel's behavior.

• View current settings:

   sysctl net.core.rmem_max

• List all settings:

  

   sysctl -a

• Set a parameter temporarily:

   sudo sysctl net.core.rmem_max=16777216

• Make changes permanent: Add entries to /etc/sysctl.conf or a dedicated file in /etc/sysctl.d/ :

   net.core.rmem_max = 16777216

After editing config files, apply with:

 sudo sysctl -p

2. Network Performance Tuning

For servers handling high network traffic (eg, web servers, load balancers), tweaking network-related parameters can significantly improve throughput and responsiveness.

Key Parameters to Adjust:

• Increase TCP buffer sizes: Larger buffers help with high-bandwidth, high-latency networks (eg, WANs).

   net.core.rmem_max = 16777216
  net.core.wmem_max = 16777216
  net.ipv4.tcp_rmem = 4096 87380 16777216
  net.ipv4.tcp_wmem = 4096 65536 16777216

• Enable TCP window scaling: Allows larger window sizes for better throughput.

   net.ipv4.tcp_window_scaling = 1

• Reduce TIME_WAIT socket reuse: Useful for servers handling many short-lived connections.

   net.ipv4.tcp_tw_reuse = 1
  net.ipv4.tcp_fin_timeout = 30

• Increase connection tracking and port range: Prevents running out of ports under heavy load.

   net.ipv4.ip_local_port_range = 1024 65535
  net.core.somaxconn = 65535
  net.ipv4.tcp_max_syn_backlog = 65535

?? Be careful with tcp_tw_reuse in NAT environments—it can cause issues with some clients.

3. Memory and VM Management

Tuning virtual memory behavior can reduce latency and prevent stalls due to paging.

Useful Memory-Related Settings:

• Reduce swappiness: Minimize swapping to avoid performance hits on systems with sufficient RAM.

   vm.swappiness = 10

• Control dirty page flushing: Adjust how often dirty pages are written to disk. Higher values delay writes, improving throughput but increasing risk of data loss on crash.

   vm.dirty_ratio = 15
  vm.dirty_background_ratio = 5

• Optimize page reclaim: For memory-heavy applications, tune how aggressively the kernel reclaims memory.

   vm.vfs_cache_pressure = 50

This reduces pressure on inode and dentry caches, which can help systems with heavy file operations.

4. Security vs. Performance Trade-offs

Some secure defaults may limit performance. Evaluate your threat model before tuning.

• Disable TCP timestamps (security vs. performance): Can help mitigate some attacks but may affect RTT calculations.

   net.ipv4.tcp_timestamps = 0

• Enable SYN cookies for flood protection: Useful under DoS conditions.

   net.ipv4.tcp_syncookies = 1

But avoid over-locking down unless necessary—every check adds overhead.

Final Tips

• Test changes incrementally: Apply one change at a time and measure impact using tools like iperf , netperf , or htop .
• Monitor before and after: Use sar , nstat , or dstat to observe effects.
• Document your changes: Keep a record of why a parameter was tuned—especially in production.
• Avoid copy-pasting random sysctl configs: What works for a CDN node may hurt a database server.

Basically, sysctl is a powerful lever for performance tuning, but it requires understanding what each parameter does. Start with your workload profile—network-heavy, memory-intensive, low-latency—and adjust accordingly. Not all knobs need turning, but the right few can make a real difference.

The above is the detailed content of Linux Performance Tuning with `sysctl`. For more information, please follow other related articles on the PHP Chinese website!