# 默认队列调度算法 net.core.default_qdisc = fq # TCP拥塞控制算法 net.ipv4.tcp_congestion_control = bbr # 文件系统安全设置 fs.protected_hardlinks=1 fs.protected_symlinks=1 # BPF(Berkeley Packet Filter)设置 net.core.bpf_jit_enable=1 net.core.bpf_jit_kallsyms=1 # ARP(地址解析协议)设置 net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1 # IP转发设置 net.ipv4.ip_forward=1 net.ipv6.conf.default.forwarding=1 net.ipv6.conf.all.forwarding=1 # ICMP设置 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.icmp_ignore_bogus_error_responses=1 # IGMP(Internet Group Management Protocol)设置 net.ipv4.igmp_max_memberships=100 # TCP超时设置 net.ipv4.tcp_fin_timeout=30 net.ipv4.tcp_keepalive_time=120 # TCP参数设置 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_timestamps=1 net.ipv4.tcp_sack=1 net.ipv4.tcp_dsack=1 # 连接跟踪和防火墙设置 net.netfilter.nf_conntrack_acct=1 net.netfilter.nf_conntrack_checksum=0 net.netfilter.nf_conntrack_tcp_timeout_established=7440 net.netfilter.nf_conntrack_udp_timeout=60 net.netfilter.nf_conntrack_udp_timeout_stream=180 # 网络接收和发送缓冲区大小设置 net.core.rmem_max = 33554432 net.core.wmem_max = 33554432