内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
本文档详细介绍Linux网络性能优化和调优方法,包括内核参数调优、网络缓冲区优化等内容。
风哥提示:
Part01-网络性能优化概述
1.1 优化方向
# 1. 内核参数调优
# – TCP缓冲区大小
# – 连接跟踪表大小
# – 队列长度
# 2. 网络接口优化
# – MTU大小
# – 网卡队列
# – 中断合并
# 3. TCP协议优化
# – 拥塞控制算法
# – 窗口缩放
# – 快速重传
# 4. 应用层优化
# – 连接池
# – 缓冲区大小
# – 异步I/O
Part02-TCP参数调优
2.1 调整TCP缓冲区
$ sysctl -a | grep net.ipv4.tcp | head -20
net.ipv4.tcp_syn_retries = 6
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_max_syn_backlog = 256
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_timestamps = 1
# 调整TCP缓冲区大小
$ sudo tee -a /etc/sysctl.conf << EOF
# TCP缓冲区优化
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 30
EOF
# 应用配置
$ sudo sysctl -p
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.学习交流加群风哥QQ113257174tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 30
# 验证配置
$ sysctl net.ipv4.tcp_rmem
net.ipv4.tcp_rmem = 4096 87380 16777216
$ sysctl net.ipv4.tcp_wmem
net.ipv4.tcp_wmem = 4096 65536 16777216
Part03-网络接口优化
3.1 调整网卡参数
$ ethtool -k eth0 | head -20
Features for eth0:
rx-checksumming: on
tx-checksumming: on
tx-checksum-ipv4: on
tx-checksum-ip-generic: on
tx-checksum-ipv6: on
tx-checksum-fcoe-crc: off [fixed]
tx-checksum-sctp: off [fixed]
scatter-gather: on
tx-scatter-gather: on
tx-scatter-gather-fraglist: off [fixed]
tcp-segmentation-offload: on
tx-tcp-segmentation: on
tx-tcp-ecn-segmentation: off [fixed]
tx-tcp-mangleid-segmentation: off
tx-tcp6-segmentation: on
# 启用/禁用TSO
$ sudo ethtool -K eth0 tso on
$ sudo ethtool -K eth0 tso off
# 启用/禁用GSO
$ sudo ethtool -K eth0 gso on
$ sudo ethtool -K eth0 gso off
# 启用/禁用LRO
$ sudo ethtool -K eth0 lro on
$ sudo ethtool -K eth0 lro off
# 调整网卡队列
$ ethtool -l eth0
Channel parameters for eth0:
Pre-set maximums:
RX: 4
TX: 4
Other: 1
Combined: 4
Current hardware settings:
RX: 2
TX: 2
Other: 1
Combined: 2
# 设置网卡队列数量
$ sudo ethtool -L eth0 combined 4
# 调整中断合并
$ ethtool -c eth0
Coalesce parameters for eth0:
Adaptive RX: off TX: off
stats-block-usecs: 0
sample-interval: 0
pkt-rate-low: 0
pkt-rate-high: 0
rx-usecs: 3
rx-frames: 0
rx-usecs-irq: 0
rx-frames-irq: 0
tx-usecs: 0
tx-frames: 0
tx-usecs-irq: 0
tx-frames-irq: 0
# 设置中断合并参数
$ sudo ethtool -C eth0 rx-usecs 50 tx-usecs 50
# 调整MTU大小
$ sudo ip link set eth0 mtu 9000
# 验证MTU设置
$ ip link show eth0 | grep mtu
2: eth0:
Part04-TCP拥塞控制
4.1 调整拥塞控制算法
$ sysctl net.ipv4.tcp_available_congestion_control
net.ipv4.tcp_available_congestion_control = reno cubic
# 查看当前使用的拥塞控制算法
$ sysctl net.ipv4.tcp_congestion_control
net.ipv4.tcp_congestion_control = cubic
# 加载BBR模块
$ sudo modprobe tcp_bbr
# 查看是否加载成功
$ lsmod | grep bbr
tcp_bbr 20480 0
# 设置BBR拥塞控制算法
$ sudo tee -a /etc/sysctl.conf << EOF
# 使用BBR拥塞控制算法
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
EOF
# 应用配置
$ sudo sysctl -p
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
# 验证配置
$ sysctl net.ipv4.tcp_congestion_control
net.ipv4.tcp_congestion_control = bbr
# 查看TCP连接使用的拥塞控制算法
$ ss -tin | grep cubic
ESTAB 0 0 192.168.1.100:22 192.168.1.10:54321
cubic wscale:7,7 rto:204 rtt:0.5/0.25 mss:1448 pmtu:1500 rcvmss:536 advmss:1448 cwnd:10 bytes_sent:105 bytes_acked:106 bytes_received:57 segs_out:8 segs_in:7 data_segs_out:3 data_segs_in:3 send 234.1Mbps lastsnd:12345 lastrcv:12345 lastack:12345 pacing_rate 468.2Mbps delivery_rate 234.1Mbps delivered:4 app_limited busy:1ms rcv_rtt:0.5 rcv_space:29200 rcv_ssthresh:29200 minrtt:0.5
Part05-网络性能测试
5.1 性能测试和监控
$ iperf3 -c 192.168.1.100 -t 60
Connecting to host 192.168.1.100, port 5201
[ 5] local 192.168.1.10 port 54321 connected to 192.168.1.100 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-60.00 sec 6.59 GBytes 941 Mbits/sec 0 390 KBytes
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-60.00 sec 6.59 GBytes 941 Mbits/sec 0 sender
[ 5] 0.00-60.00 sec 6.59 GBytes 941 Mbits/sec receiver
iperf Done.
# 查看网络统计信息
$ cat /proc/net/snmp
Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails FragOKs FragFails FragCreates
Ip: 1 64 12345 0 0 0 0 0 12345 10000 0 0 0 0 0 0 0 0 0
Icmp: InMsgs InErrors InCsumErrors InDestUnreachs InTimeExcds InParmProbs InSrcQuenchs InRedirects InEchos InEchoReps InTimestamps InTimestampReps InAddrMasks InAddrMaskReps OutMsgs OutErrors OutDestUnreachs OutTimeExcds OutParmProbs OutSrcQuenchs OutRedirects OutEchos OutEchoReps OutTimestamps OutTimestampReps OutAddrMasks OutAddrMaskReps
Icmp: 100 0 0 50 0 0 0 0 25 25 0 0 0 0 100 0 50 0 0 0 0 25 25 0 0 0 0
# 查看TCP统计信息
$ cat /proc/net/tcp | wc -l
25
# 查看网络连接状态
$ ss -s
Total: 100
TCP: 50 (estab 20, closed 10, orphaned 5,更多视频教程www.fgedu.net.cn timewait 10)
Transport Total IP IPv6
RAW 1 0 1
UDP 5 3 2
TCP 50 25 25
INET 56 28 28
FRAG 0 0 0
# 监控网络流量
$ iftop -i eth0
interface: eth0
IP address is: 192.168.1.100
MAC address is: 08:00:27:12:34:56
1. 根据实际需求调学习交流加群风哥微信: itpux-com整TCP缓冲区
2. 使用BBR拥塞控制算法提高性能
3. 启用网卡硬件卸载功能
4. 合理设置MTU大小
5. 定期监控网络性能指标
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
