推荐配置组合(16GB 内存服务器):
# 备份
cp /etc/sysctl.conf /etc/sysctl.conf.bak.$(date +%Y%m%d_%H%M%S) && cp /etc/security/limits.conf /etc/security/limits.conf.bak.$(date +%Y%m%d_%H%M%S) && \
# 删除旧配置
sed -i '/net.ipv4.ip_local_port_range/d;/net.ipv4.tcp_tw_reuse/d;/net.ipv4.tcp_fin_timeout/d;/net.core.somaxconn/d;/net.ipv4.tcp_max_syn_backlog/d;/net.core.rmem_max/d;/net.core.wmem_max/d' /etc/sysctl.conf && \
sed -i '/nofile/d' /etc/security/limits.conf && \
# 添加 sysctl 配置
cat >> /etc/sysctl.conf << 'EOF'
# Network Performance Tuning
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
EOF
# 添加 limits 配置
cat >> /etc/security/limits.conf << 'EOF'
# File Descriptor Limits
* soft nofile 65536
* hard nofile 65536
root soft nofile 65536
root hard nofile 65536
EOF
# 应用配置
sysctl -p && systemctl daemon-reexec && \
# 显示结果
echo "✓ 配置完成!" && \
echo "sysctl 参数已生效,limits 需要重新登录后生效" && \
echo "验证命令:exit 后重新登录,然后执行 ulimit -n 正确显示 65536 "
开启BBR
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
lsmod | grep bbr
一键恢复脚本
# 自动恢复到最新备份
SYSCTL_BAK=$(ls -t /etc/sysctl.conf.bak.* 2>/dev/null | head -1)
LIMITS_BAK=$(ls -t /etc/security/limits.conf.bak.* 2>/dev/null | head -1)
if [ -n "$SYSCTL_BAK" ]; then
cp "$SYSCTL_BAK" /etc/sysctl.conf
echo "✓ 已恢复 sysctl.conf"
else
echo "✗ 未找到 sysctl.conf 备份文件"
fi
if [ -n "$LIMITS_BAK" ]; then
cp "$LIMITS_BAK" /etc/security/limits.conf
echo "✓ 已恢复 limits.conf"
else
echo "✗ 未找到 limits.conf 备份文件"
fi
sysctl -p && systemctl daemon-reexec
echo "恢复完成!limits 配置需重新登录生效"
手动删除添加的配置
如果没有备份文件:
# 删除网络优化参数
sed -i '/# Network Performance Tuning/,/net.core.wmem_max/d' /etc/sysctl.conf
# 删除文件描述符配置
sed -i '/# File Descriptor Limits/,/root hard nofile/d' /etc/security/limits.conf
# 应用更改
sysctl -p
systemctl daemon-reexec