Increasing Linux File Descriptor and TCP Connection Limits for High‑Concurrency Applications

On Linux, the maximum number of concurrent TCP connections is limited by the per‑process open file descriptor limit, which can be viewed with ulimit -n ; the default is typically 1024, leaving only about 1014 sockets for client connections.

To increase this limit, edit /etc/security/limits.conf and add lines such as speng soft nofile 10240 and speng hard nofile 10240 , then ensure the PAM module is loaded by adding session required /lib/security/pam_limits.so to /etc/pam.d/login . Verify the system‑wide maximum with cat /proc/sys/fs/file-max and, if necessary, raise it by echoing a larger value into /proc/sys/fs/file-max via /etc/rc.local .

Even after raising file descriptors, TCP connection failures may occur because the kernel restricts the local port range. Modify /etc/sysctl.conf to set net.ipv4.ip_local_port_range = 1024 65000 (or up to 65535) and apply the changes with sysctl -p , allowing a single process to open over 60,000 client sockets.

If connections still fail, the IP tables conntrack table may be exhausted. Increase its size by adding net.ipv4.ip_conntrack_max = 10240 to /etc/sysctl.conf and reloading with sysctl -p , which can support roughly 10,000 concurrent tracked connections.

For high‑concurrency network I/O, avoid synchronous I/O and the select/poll mechanisms; instead use non‑blocking I/O with epoll or asynchronous I/O (AIO), which scale to large numbers of sockets without the performance penalties of thread‑per‑connection designs.

Additional kernel tuning recommendations include the following /etc/sysctl.conf settings: net.ipv4.ip_local_port_range = 1024 65536 net.core.rmem_max=16777216 net.core.wmem_max=16777216 net.ipv4.tcp_rmem=4096 87380 16777216 net.ipv4.tcp_wmem=4096 65536 16777216 net.ipv4.tcp_fin_timeout = 10 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_window_scaling = 0 net.ipv4.tcp_sack = 0 net.core.netdev_max_backlog = 30000 net.ipv4.tcp_no_metrics_save=1 net.core.somaxconn = 262144 net.ipv4.tcp_syncookies = 0 net.ipv4.tcp_max_orphans = 262144 net.ipv4.tcp_max_syn_backlog = 262144 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 2

After editing, apply the configuration with /sbin/sysctl -p /etc/sysctl.conf and optionally reboot the system.

Finally, ensure the new file descriptor limits persist by adding ulimit -HSn 65536 to /etc/rc.local and /root/.bash_profile , and run ulimit -HSn 65536 in the current shell.

Disclaimer: The content is sourced from public internet channels, presented neutrally for reference and discussion only. Copyright belongs to the original authors; please contact us for removal if any infringement is identified.