Boost Linux Performance: Essential Kernel Parameter Tuning Guide

1. Optimize kernel related parameters

Configuration file: /etc/sysctl.conf. Add each parameter on a separate line.

Configuration method: directly append parameters line by line.

sysctl -a

displays the current kernel parameters. sysctl -p applies the changes and reports errors (e.g., a missing file error when a parameter is misspelled).

Network related parameters

net.core.somaxconn=65535

– maximum length of the TCP listen queue per port. net.core.netdev_max_backlog=65535 – upper limit of packets queued when the arrival rate exceeds kernel processing speed. net.ipv4.tcp_max_syn_backlog=65535 – maximum SYN backlog; setting it too high may expose the system to SYN‑flood attacks. net.ipv4.tcp_fin_timeout=10 – FIN timeout for sockets in the FIN‑WAIT‑2 state. net.ipv4.tcp_tw_reuse=1 – allow TIME‑WAIT sockets to be reused for new connections. net.ipv4.tcp_tw_recycle=1 – enable fast recycling of TIME‑WAIT sockets.

Typical tuning template for a server with 8‑16 GB memory (adjust as needed): fs.file-max: default 1 048 576 → tuned 9 999 999 (total file descriptors). fs.nr_open: default 1 635 590 (max per‑process file descriptors). net.core.rmem_default: default 124 928 → tuned 262 144 (default TCP receive buffer). net.core.wmem_default: default 124 928 → tuned 262 144 (default TCP send buffer). net.core.rmem_max: default 124 928 → tuned 8 388 608 (maximum TCP receive buffer). net.core.wmem_max: default 124 928 → tuned 8 388 608 (maximum TCP send buffer). net.ipv4.tcp_wmem: default 4096 16384 4194304 → tuned 4096 16384 8388608 (TCP send buffer range). net.ipv4.tcp_rmem: default 4096 87380 4194304 → tuned 4096 87380 8388608 (TCP receive buffer range). net.ipv4.tcp_mem: default 384657 512877 769314 → tuned 384657 512877 3057792 (TCP memory usage). net.core.netdev_max_backlog: default 1000 → tuned 5000 (max packets queued per NIC). net.core.optmem_max: default 20480 → tuned 81920 (max socket option memory). net.core.somaxconn: default 128 → tuned 2048 (global max listen queue length). net.ipv4.tcp_fin_timeout: default 60 → tuned 30 seconds (FIN‑WAIT‑2 timeout). net.ipv4.tcp_keepalive_time: default 7200 → tuned 900 seconds (idle time before keepalive probes). net.ipv4.tcp_keepalive_intvl: default 75 → tuned 30 seconds (interval between keepalive probes). net.ipv4.tcp_keepalive_probes: default 9 → tuned 3 (number of keepalive probes before dropping).

Local port range

After raising the file‑descriptor limit, errors such as "Can't assign requested address" may appear because the kernel limits the range of local ports used for outbound connections. The default range is 32768‑61000.

# View current range
cat /proc/sys/net/ipv4/ip_local_port_range

# Edit /etc/sysctl.conf
net.ipv4.ip_local_port_range = 1024 65000

# Apply changes
sysctl -p

Note: the minimum value for net.ipv4.ip_local_port_range is 1024; ports below 1024 are reserved for system services. Increase the lower bound only if you need to free higher ports for applications.

Shared memory and swap settings

kernel.shmmax=4294967295

– maximum size of a single shared memory segment (bytes). Should be at least the size of the database SGA and preferably half of physical RAM. kernel.shmmni=4096 – maximum number of shared memory segments system‑wide. kernel.shmall=2097152 – total amount of shared memory (in pages) that can be allocated system‑wide. vm.swappiness=0 – disables swapping until RAM is completely exhausted. Setting it to 0 can degrade performance or cause OOM kills under memory pressure.

2. Increase resource limits

File:

/etc/security/limits.conf

* soft nofile 65535
* hard nofile 65535

*

– applies to all users. soft – current limit that the kernel enforces. hard – maximum limit that can be set. nofile – maximum number of open files per process.

65535 – chosen limit; a system reboot is required for the change to take effect.

3. Disk scheduler strategy

Scheduler path: /sys/block/<dev>/queue/scheduler noop – simple FIFO queue, best for SSDs and embedded systems.

deadline – guarantees a service deadline; ideal for database workloads.

anticipatory – waits briefly after the last read to batch small writes; good for write‑heavy environments but poor for databases.

cfq – completely fair queueing algorithm.

Kernel parameter storage paths

/proc/sys/abi/*

– binary compatibility support for various UNIX variants. /proc/sys/fs/* – file‑system limits such as maximum open files. /proc/sys/kernel/* – kernel‑wide settings (PID limits, hot‑plug, syslog debug level). /proc/sys/net/* – network stack tuning for IPv4/IPv6. /proc/sys/vm/* – virtual memory management (caches, buffers).