Socket Tuning in LINUX

For servers which are handling large numbers of concurent sessions, there are some TCP options that should probably be tweaked.

With a large number of clients comnunicating with your server it wouldn't be unusual to have a 20,000 open sockets or more. To increase that range you append the following to the bottom of /etc/sysctl.conf:

# Use the full range of ports. 

net.ipv4.ip_local_port_range = 1024 65535

You can also increase the recycling time of sockets, avoiding large numbers of them staying in the TIME_WAIT status by adding these values to/etc/sysctl.conf:

# Enables fast recycling of TIME_WAIT sockets.

# (Use with caution according to the kernel documentation!)

net.ipv4.tcp_tw_recycle = 1

# Allow reuse of sockets in TIME_WAIT state for new connections

# only when it is safe from the network stack’s perspective.

net.ipv4.tcp_tw_reuse = 1

Finally one problem you'll find is that if a socket is listening and busy a connection-backlog will pile up. The kernel will keep pending connections in a buffer before failing. You can tweak several values to increase the size of the backlog:

#

# 16MB per socket - which sounds like a lot, but will virtually never

# consume that much.

#

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

# Increase the number of outstanding syn requests allowed.

# c.f. The use of syncookies.

net.ipv4.tcp_max_syn_backlog = 4096

net.ipv4.tcp_syncookies = 1

# The maximum number of "backlogged sockets".  Default is 128.

net.core.somaxconn = 1024

The trade-off here is that a connecting client will see a slow connection, but this is almost certainly better than a Connection Refused error.

Once you've made those additions you can cause them to be loaded by running:

# sysctl -p

Finally if you've changed these limits you will need to restart the associated daemons. (For example "service nginx restart".)