net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 16384 67108864
net.ipv4.tcp_mem = 67108864 67108864 67108864
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.netfilter.nf_conntrack_max = 262144
cat /proc/sys/net/netfilter/nf_conntrack_count
cat /proc/sys/net/netfilter/nf_conntrack_max
一键计算
# 2000Mbps(2Gbps)带宽2核2G内存VPS优化配置
# 核心原则:匹配2核2G硬件规格,最大化2000Mbps带宽利用率
# BDP计算(硬件适配版):
# 2000Mbps理论速度=250MB/s,RTT=20ms时BDP=250MB/s×0.02s=5MB
# 窗口范围按内存占比20%控制(约400MB),同时覆盖RTT波动(10-30ms)
# 1. TCP窗口核心配置(平衡性能与内存)
net.ipv4.tcp_rmem = 1048576 33554432 83886080 # 接收窗口:1MB - 32MB - 80MB
net.ipv4.tcp_wmem = 1048576 33554432 83886080 # 发送窗口:1MB - 32MB - 80MB
net.core.rmem_default = 16777216 # 默认接收缓冲区16MB
net.core.wmem_default = 16777216 # 默认发送缓冲区16MB
net.core.rmem_max = 83886080 # 最大接收缓冲区80MB(2G内存安全值)
net.core.wmem_max = 83886080 # 最大发送缓冲区80MB(2G内存安全值)
net.ipv4.tcp_window_scaling = 1 # 启用窗口缩放
net.ipv4.tcp_moderate_rcvbuf = 1 # 启用智能缓冲区调整
net.ipv4.tcp_adv_win_scale = 1 # 优化窗口缩放因子
# 2. BBR拥塞控制(2Gbps专用)
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_bbr_high_gain = 3000000000 # 中等增益(平衡速度与稳定性)
net.ipv4.tcp_bbr_rtt_scaling = 2 # 适中的RTT敏感度
net.ipv4.tcp_slow_start_after_idle = 0 # 空闲不重置慢启动
# 3. 单线程性能(2核适配)
net.ipv4.tcp_limit_output_bytes = 8388608 # 单次发送8MB(匹配2核处理能力)
net.ipv4.tcp_single_stream_allowance = 67108864 # 单流限制64MB
net.ipv4.tcp_push_pending_frames = 1 # 立即发送pending帧
net.ipv4.tcp_nodelay = 1 # 禁用Nagle算法(低延迟)
# 4. 网络设备队列(2000Mbps适配)
net.core.netdev_max_backlog = 60000 # 接收队列6万(匹配2Gbps带宽)
net.core.dev_weight = 192 # 设备处理权重(2核均衡值)
net.core.optmem_max = 4194304 # 最大选项内存4MB
net.core.busy_poll = 50 # 适度忙轮询(利用2核性能)
net.core.busy_read = 50 # 适度忙读(平衡CPU与延迟)
# 5. 连接管理(2G内存适配)
net.core.somaxconn = 65535 # 最大连接队列6.5万
net.ipv4.tcp_max_syn_backlog = 32768 # SYN队列3.2万
net.ipv4.tcp_max_tw_buckets = 1000000 # TIME_WAIT桶100万
net.ipv4.tcp_fin_timeout = 3 # FIN等待时间3秒
net.ipv4.tcp_tw_reuse = 1 # 重用TIME_WAIT连接
net.ipv4.tcp_orphan_retries = 1 # 减少孤儿连接重试
# 6. 超时与保活(2核优化)
net.ipv4.tcp_keepalive_time = 60 # 保活探测时间60秒
net.ipv4.tcp_keepalive_intvl = 10 # 保活间隔10秒
net.ipv4.ip_local_port_range = 2048 65535 # 端口范围(平衡数量与内存)
# 7. 内存管理(2G专用配置)
vm.swappiness = 5 # 轻微启用交换(内存保护)
vm.min_free_kbytes = 131072 # 保留128MB空闲内存(2G合理值)
vm.dirty_ratio = 20 # 脏页比率20%
vm.dirty_background_ratio = 10 # 后台脏页比率10%
vm.dirty_writeback_centisecs = 200 # 200ms写回脏页
vm.page-cluster = 2 # 适度页面聚类(平衡内存与性能)
vm.max_map_count = 131072 # 内存映射限制(2G适配)
# 8. 系统限制(2核2G适配)
fs.file-max = 1048576 # 文件描述符100万
fs.nr_open = 2097152 # 进程文件描述符200万
net.ipv4.ip_unprivileged_port_start = 0 # 允许所有端口使用(灵活度优先)
# 9. 处理器调度(2核优化)
kernel.sched_migration_cost_ns = 100000 # 进程迁移成本(2核均衡)
kernel.sched_autogroup_enabled = 0 # 禁用自动分组(优化多核利用)
kernel.sched_latency_ns = 3000000 # 调度延迟3ms(2核平衡值)
kernel.sched_wakeup_granularity_ns = 750000 # 唤醒粒度0.75ms
# 10. 硬件加速(2核适配)
net.ipv4.tcp_tso = 1 # 启用TCP分段卸载(节省CPU)
net.ipv4.tcp_gro = 1 # 启用通用接收卸载
net.ipv4.tcp_lro = 1 # 启用大型接收卸载(2核可承载)
