[文章作者:张宴 本文版本:v1.0 最后修改:2007.07.24 转载请注明出处:http://blog.zyan.cc]

  新增的一组Apache服务器上线以来,我用netstat -an命令发现服务器中有大量状态为TIME-WAIT的TCP连接,于是用/sbin/sysctl -a查看了一下Linux的各项内核参数,并翻阅有关资料,决定修改其中的两项参数,以达到减少TCP连接中TIME-WAIT sockets的目的。

  vi /etc/sysctl.conf
  编辑/etc/sysctl.conf文件,增加三行:
引用
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1

  说明:
  net.ipv4.tcp_syncookies = 1 表示开启SYN Cookies。当出现SYN等待队列溢出时,启用cookies来处理,可防范少量SYN攻击,默认为0,表示关闭;
  net.ipv4.tcp_tw_reuse = 1 表示开启重用。允许将TIME-WAIT sockets重新用于新的TCP连接,默认为0,表示关闭;
  net.ipv4.tcp_tw_recycle = 1 表示开启TCP连接中TIME-WAIT sockets的快速回收,默认为0,表示关闭。

  再执行以下命令,让修改结果立即生效:
  /sbin/sysctl -p

  用以下语句看了一下服务器的TCP状态:
  netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
  返回结果如下:
  ESTABLISHED 1423
  FIN_WAIT1 1
  FIN_WAIT2 262
  SYN_SENT 1
  TIME_WAIT 962

  效果:处于TIME_WAIT状态的sockets从原来的10000多减少到1000左右。处于SYN_RECV等待处理状态的sockets为0,原来的为50~300。

  附:TCP状态变迁图,见我的另一篇文章《查看Apache并发请求数及其TCP连接状态

Tags: ,



技术大类 » Web服务器 | 评论(57) | 引用(0) | 阅读(98824)
民大学弟
2007-7-24 19:49
张宴大哥不仅在计算机方面颇有造诣,写作水平也不错嘛,加油啊,在新浪干上几年后就可以出书了……呵呵,又一位百万新贵将要诞生!
民大学弟
2007-7-24 20:08
呵呵,如法炮制……不是病毒!
http://learning.sohu.com/s2007/07tzs/?stra=%u5F20%u5BB4
民大学弟
2007-7-25 00:02
张宴大哥,我这几天一直在用纯CSS做二级导航菜单,但老做不成功……呵呵,你那个中南民族大学就业信息网的导航菜单是怎么做的啊,能否在你的博客上专门写一篇文章讲讲制作的过程,讲详细些……或者以word文档的形式将制作的过程写给我,我的邮箱是  be_ok@163.com  写详细些哈,我很笨的,拜托了……你有时间的时候就做,一两个星期内给我答复,我不急……
谢谢你了哈,下次回武汉的话我请客哦grinshyzan
张宴 回复于 2007-7-25 19:48
最近很少做HTML、CSS设计了,对CSS不太感兴趣,给你一篇别人的文章,可以实现那种导航菜单。
http://www.blueidea.com/tech/site/2006/3658.asp
zhangluoer
2007-8-16 13:49
呵,你上面写的三个参数都已经改过了,也没有出现太大的变化,TIME_WAIT一般是ESTABLISHED的10倍左右,甚至更高。
像你上面写的很少见过。
还有什么地方需要优化吗?
张宴 回复于 2007-8-16 14:00
改完后执行/sbin/sysctl -p
zhangluoer
2007-8-16 15:28
我是直接修改的#echo 1 > /proc/sys/net/ipv4/tcp_syncookies的
所以不存在改完后执行/sbin/sysctl -p
另外发现有大量的对:3306端口的访问都处于time_wait状态。
能否确定一下问题的原因,是PHP编程的问题,在链接数据库后没有关系链接,导致大量的链接,还是其它什么原因
3ks
jackbillow
2007-8-31 18:10
张兄,写的不错。
jackbillow
2007-8-31 18:10
smile
大宇
2007-9-3 22:26
不错,照着修改了的确有效的减少了time_wait状态的线程数量

还有个问题,我用top查看,load average: 17.39, 17.10, 16.71
服务器上只有一个httpd服务在跑,怎么负载这么高。
sx
2008-2-21 15:39
关于TCP_TIMEWAIT的问题由来已久,在此补充一下原因吧。都知道tcp的三次握手后建立连接,连接建立后,如果client主动关闭连接,则此连接会被内核回收,而很多时候,比如上面的兄台的PHP程序没有关闭数据库连接,这个时候,server端就无法知道此连接是否还继续有效,也就是,cilent是在组装数据还是已经掉线了呢?那么就进入timewait了。
另外,对于张兄的修改,也补充一下:
net.ipv4.tcp_syncookies = 1,这句是可以的,不提
net.ipv4.tcp_tw_reuse = 1 ,这句对于有些时候,客户端没有真的关闭连接而是在等待发送数据的时候,重用接口会导致数据出错,所以,只是针对HTTP类型可以开启,对于其他长时间连接处理类型,就关上比较稳妥
net.ipv4.tcp_tw_recycle = 1 这句基本上来说用处不大,开启快速回收后,系统还是会一样取系统等待时间,故,要想真的减少timewait时间的话,将内核中的等待时间参数修改为一个合适的值比较妥当,尤其是对于内网机器来说。
goter
2008-6-1 16:49
张大哥,别人老连不上我的BT服务器,用netstat查看,有很多都是close wait
这个是BT服务器配置的问题吗?
storysky
2009-11-3 10:19
你好张老师,我刚接手一台服务器,发现他的time-wait非常多,用了您上面的方法以后发现time-wait少了一些(以前是7000多现在是6000左右),还是很多!
而且ESTABLISHED 一直在600左右,我想问一下有什么好办法解决一下,我的mail 是redsky818@yahoo.com.cn
下面是我的sysctl.conf 的配置和连接状态
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  8192
net.ipv4.tcp_max_tw_buckets = 8192
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 1024  65535
kernel.msgmni = 1024
kernel.sem = 250 256000 32 1024
##################################
netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
TIME_WAIT 6221
FIN_WAIT1 4
ESTABLISHED 615
SYN_RECV 2
louis vuitton uk Email Homepage
2011-11-23 08:47
This louis vuitton uk for sale belongs to the sounding just what are termed as Louis Vuitton vintage best sellers, many other products and services for the reason that range appearing companies.You will easily notice the unfold zippers of this coach outlet store online. That is the decoration. There are some inside pockets for you as well. They are easy to match your clothes and to carry.Let us inspire your inner beauty with fine christian louboutin sale. Purse the elegance in bridal wedding. Enjoy the fashion.
coach factory outlet Email Homepage
2012-5-17 10:53
Today, following half a century, mentor leather-bases coach factory outlet continues to be the delicate craft of leather-based master is accountable for,Would you like to meet more friends, or go with the times? If yes, coach factory online is opening welcome doors to you.in the market you definitely can find various colorways that are designed in as well as the high quality that applied in. For most of you would like to come. So just come to our coach factory outlet online store to choose one.
louis vuitton sale Email Homepage
2012-5-17 10:53
Louis Vuitton belt at louis vuitton sale is one kind of fashion accessory with high cost performance among the Louis Vuitton accessories.Offering quality LV products with favorable prices, louis vuitton outlet store is at your service. Hurry up, or you can not seize the chance.in fact, louis vuitton is one of the most famous fashion design master.he opened the fist suitcase shop called after his name.
coach outlet online Email Homepage
2012-5-17 10:53
I heard of coach outlet online through the advertisement when I was shopping. And now I often brow the webpage and buy Coach bags online.It is a symbol regarding position not to mention nature.Here I would like to launch a excellent bags pertaining to business men.Which may be coach outlet store.coach outlet has always been simple,durable style features to win consumers.The products are more flexible,with easy bleaching,wear characteristics,and simply use a damp cloth.
coach outlet, Email Homepage
2012-5-17 10:53
Remember the coach outlet provide coach bags which won't be deteriorated into its overall styles by any means. It will maintain its looks, colors, and uniqueness for long time.coach outlet store online has been voted by Hour Detroit magazine readers as the Best of Detroit in their 12th annual readers'poll.Lots of women like which usually amount normally include a coach outlet online ,it provides coziness to many girls that don't even think it is a great bushel of great interest directly to them.
xujie777 Email
2012-5-18 15:57
We aim to make all our customers satisfy with our products. You will find a variety of Men's fashion louis vuitton uk, fashion Women's cheap Louis Vuitton bags in our store at affordable price.Thinking of interesting ways to cost a milestone birthday? louis vuitton online shop had one of the most distinctive distinctive celebrations.bakery along with living room operated by means of about three moment louis vuitton online Most effective Pastry Chef’s of the year Rammy Nominee Chef’s.
xujie777 Email
2012-5-18 15:57
The choices are likely to be basically countless seeing that louis vuitton outlet occurs with the help of completely new and also incredible concepts once in a while.Louis vuitton Wholesale Monogram Canvas HandbagsLouis Vuitton Collection Beach Handbags louis vuitton bags outlet Damier Canvas HandbagsLouis vuitton Mahina HandbagsLouis Vuitton Monogram Mini Lin HandbagsLouis Vuitton Monogram Multicolore HandbagsLouis vuitton Monogram Vernis HandbagsLouis Vuitton Wholesale Epi Leather HandbagsLouis Vuitton For Men HandbagsLouis Vuitton Damier Canvas WalletsLouis Vuitton Epi Leather WalletsLouis Vuitton Monogram Canvas WalletsLouis Vuitton Monogram Vernis WalleLouis Vuitton ShoesLouis Vuitton Men wallets.As the Authentic Louis Vuitton are so high-priced, so came the louis vuitton handbags outlet.
分页: 1/3 第一页 1 2 3 下页 最后页
发表评论
表情
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
打开HTML
打开UBB
打开表情
隐藏
记住我
昵称   密码   游客无需密码
网址   电邮   [注册]