How to Tune Nginx Kernel Parameters for Up to 10× Performance Boost
The article walks through a step‑by‑step Nginx performance tuning guide, covering worker_processes and worker_connections settings, Linux file‑descriptor limits, sysctl tweaks such as net.core.somaxconn and tcp_max_syn_backlog, explicit listen backlog, and zero‑copy sendfile with tcp_nopush/tcp_nodelay to dramatically increase throughput and lower CPU usage.
Process and Connection Optimization
Nginx’s worker_processes is set to auto to match CPU cores, and worker_cpu_affinity is also auto to bind each worker to a specific core, reducing context switches. The worker_connections directive is raised to 65535, defining the maximum concurrent connections per worker. The event model is explicitly set to epoll and multi_accept on to accept as many new connections as possible after a notification.
# nginx.conf
worker_processes auto;
worker_cpu_affinity auto;
events {
worker_connections 65535; # max connections per worker
use epoll; # use epoll event model
multi_accept on; # accept many connections at once
}System‑wide Connection Queue Optimization
Because Nginx cannot exceed the operating‑system limits, the article updates /etc/security/limits.conf to raise both soft and hard nofile values to 655350. It also modifies /etc/sysctl.conf to increase the global listen queue ( net.core.somaxconn=65535) and the SYN backlog ( net.ipv4.tcp_max_syn_backlog=65535). Finally, each server block’s listen directive specifies backlog=65535 instead of the default 511.
# /etc/security/limits.conf
* soft nofile 655350
* hard nofile 655350
# /etc/sysctl.conf
net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535 # nginx.conf (inside server block)
listen 80 backlog=65535;Zero‑Copy and Buffer Optimizations
Enabling sendfile on allows the kernel to transfer files directly from disk to the network interface, bypassing user‑space buffers and dramatically reducing CPU usage. The article also turns on tcp_nopush on to coalesce data into full TCP packets before sending, and tcp_nodelay on to transmit partially‑filled packets immediately, improving latency. The keep‑alive timeout is increased to 65 seconds.
# http {
sendfile on; # zero‑copy file transfer
tcp_nopush on; # pack data into full TCP segments
tcp_nodelay on; # send small packets without delay
keepalive_timeout 65;
}Combined Effect
By aligning Nginx’s internal limits with the operating system and leveraging zero‑copy plus TCP optimizations, the configuration can raise throughput by an order of magnitude while keeping CPU utilization low. The article demonstrates the concrete configuration changes required to achieve this performance gain.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Mike Chen's Internet Architecture
Over ten years of BAT architecture experience, shared generously!
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
