feat: optimized socket buffer size limits

https://blog.cloudflare.com/optimizing-tcp-for-high-throughput-and-low-latency Updated some comments. Signed-off-by: k4yt3x <i@k4yt3x.com>
2025-12-29 16:16:10 +00:00 · 2024-07-15 00:00:00 +00:00
parent 1d2f9f784d
commit 9f621a7259
1 changed files with 21 additions and 15 deletions
--- a/sysctl.conf
+++ b/sysctl.conf
@@ -1,19 +1,19 @@
-# Name: K4YT3X Hardened sysctl Configuration
+# Name: K4YT3X's Hardened & Optimized Linux Kernel Parameters
 # Author: K4YT3X
 # Contributor: IceCodeNew
 # Contributor: HorlogeSkynet
 # Contributor: shenzhui007
 # Date Created: October 5, 2020
-# Last Updated: May 2, 2024
+# Last Updated: July 14, 2024
 # Licensed under the GNU General Public License Version 3 (GNU GPL v3),
 #   available at: https://www.gnu.org/licenses/gpl-3.0.txt
 # (C) 2020-2024 K4YT3X
 # Multiple sources have been consulted while writing this configuration
-#  file (e.g., nixCraft's sysctl.conf). Sources are not cited since this
+#   file (e.g., nixCraft's sysctl.conf). Some sources may not have been cited.
-#  is not an academic document. Please refer to Linux documentations
+# Please refer to Linux's kernel documentations or reach out to the author
-#  should you have any questions.
+#   should you have any questions or recommendations.
 ########## Kernel ##########
@@ -144,12 +144,12 @@ net.core.netdev_max_backlog = 250000
 # this trades off performance, but can mitigate JIT spraying
 net.core.bpf_jit_harden = 2
-# increase TCP max buffer size setable using setsockopt()
+# increase TCP max buffer size settable using setsockopt()
 net.core.rmem_max = 8388608
 net.core.wmem_max = 8388608
 net.core.rmem_default = 8388608
 net.core.wmem_default = 8388608
-#net.core.optmem_max = 40960
+net.core.rmem_max = 536870912
 net.core.wmem_max = 536870912
 net.core.optmem_max = 40960
 ########## IPv4 Networking ##########
@@ -238,14 +238,12 @@ net.ipv4.ip_local_port_range = 1024 65535
 net.ipv4.tcp_timestamps = 0
 # enabling SACK can increase the throughput
-# but SACK is commonly exploited and rarely used
+#   but SACK is commonly exploited and rarely used
 # re-enable this if you experience issues transferring large files over SMB
 net.ipv4.tcp_sack = 0
 net.ipv4.tcp_dsack = 0
 net.ipv4.tcp_fack = 0
 # divide socket buffer evenly between TCP window size and application
 net.ipv4.tcp_adv_win_scale = 1
 # SSR could impact TCP's performance on a fixed-speed network (e.g., wired)
 #   but it could be helpful on a variable-speed network (e.g., LTE)
 # uncomment this if you are on a fixed-speed network
@@ -257,8 +255,16 @@ net.ipv4.tcp_mtu_probing = 1
 net.ipv4.tcp_base_mss = 1024
 # increase memory thresholds to prevent packet dropping
-net.ipv4.tcp_rmem = 4096 87380 8388608
+# the maximum buffer size is 536870912 bytes (512 MiB)
-net.ipv4.tcp_wmem = 4096 87380 8388608
+net.ipv4.tcp_rmem = 8192 262144 536870912
 net.ipv4.tcp_wmem = 4096 16384 536870912
 # reduce the maximum window size to 128 MiB to reduce TCP receive queue collapse
 #   (see https://blog.cloudflare.com/optimizing-tcp-for-high-throughput-and-low-latency)
 net.ipv4.tcp_adv_win_scale = -2
 # limit the size of unsent bytes in the write queue to prevent bufferbloat
 net.ipv4.tcp_notsent_lowat = 131072
 ########## IPv6 Networking ##########