From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stalker@altlinux.ru>
Message-ID: <45C783A8.3020301@altlinux.ru>
Date: Mon, 05 Feb 2007 22:21:12 +0300
From: Anton Gorlov <stalker@altlinux.ru>
User-Agent: Thunderbird 1.5.0.2 (Windows/20060308)
MIME-Version: 1.0
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 8bit
Subject: [Sysadmins] ...
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.9rc1
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2007 19:21:10 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/45C783A8.3020301@altlinux.ru/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

А юзал ли кто-нибудь

net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_tw_reuse=1 ?
Есть противопоказания? А то уже вроде всё остальное выкрутил на максимум 
в sysctl, а всё равно в логах успешно проскакивает

Feb  5 21:46:27 multimedia kernel: Out of socket memory
Feb  5 21:46:27 multimedia kernel: TCP: too many of orphaned sockets


При этом netstat -nap | grep "TIME_WAIT" пока ниразу не ловил более 
16-20 (раз в 10 минут пускаю скриптик) и соотвествено положение ручек:

cat /etc/sysctl.conf
#net.ipv4.conf.all.rp_filter=1
#net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp=0
#net.ipv4.conf.default.send_redirects=1
#net.ipv4.ip_forward=1
#kernel.sysrq=1

#added by stalker
# Increase number of incoming connections backlog
#def 1000
net.core.netdev_max_backlog=2048
# def
net.core.dev_weight=64
#def 4096        87380   174760
net.ipv4.tcp_rmem=4096 87380 16777216
#def 4096        16384   131072
net.ipv4.tcp_wmem = 4096 65536 16777216
#def 0
net.ipv4.tcp_rfc1337=1
# Turn off sack
net.ipv4.tcp_sack=0

#def 60
net.ipv4.tcp_fin_timeout=20
#def 9
net.ipv4.tcp_keepalive_probes=5
#def 32768
net.ipv4.tcp_max_orphans=32768
#def 10240
net.core.optmem_max=20480
#def 110592
net.core.rmem_default=16777216
#def 131071
net.core.rmem_max=16777216
#def 110592
net.core.wmem_default=16777216
#def 131071
net.core.wmem_max=16777216
#def 128
net.core.somaxconn=500
#def 0
net.ipv4.tcp_orphan_retries = 1
#def 180000
net.ipv4.tcp_max_tw_buckets=540000
#def 1024
#net.ipv4.tcp_max_tw_buckets_ub=540000

#-- OpenVZ begin --#
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Enables the magic-sysrq key
kernel.sysrq = 1
# TCP Explict Congestion Notification
#net.ipv4.tcp_ecn = 0
# we do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
#-- OpenVZ end --#


-- 
   np: silence