In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article introduces the relevant knowledge of "how to use the system parameter modification command sysctl in Linux". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!
Sysctl configuration and kernel parameters displayed in the / proc/sys directory. You can use sysctl to set or reset networking features such as IP forwarding, IP fragmentation, and source route checking. Users only need to edit the / etc/sysctl.conf file to perform the functions controlled by sysctl manually or automatically.
Command format:
Sysctl [- n] [- e]-w variable=value
Sysctl [- n] [- e]-p (default / etc/sysctl.conf)
Sysctl [- n] [- e]-a
The meaning of common parameters:
-w temporarily change the value of a specified parameter, such as
Sysctl-w net.ipv4.ip_forward=1
-a displays all system parameters
-p loads system parameters from the specified file, or from / etc/sysctl.conf if not specified
If you just want to change the value of a system parameter temporarily, you can do it in two ways, such as enabling IP routing forwarding:
1) # echo 1 > / proc/sys/net/ipv4/ip_forward
2) # sysctl-w net.ipv4.ip_forward=1
Both of the above methods may turn on the routing function immediately, but if the system restarts, or executes the
# service network restart
Command, the set value will be lost. If you want to keep the configuration permanently, you can modify the / etc/sysctl.conf file.
Change net.ipv4.ip_forward=0 to net.ipv4.ip_forward=1
Common usage
There are three ways to modify (configure)
Two kinds of temporary effect
The code is as follows:
# echo 1 > / proc/sys/net/ipv4/ip_forward / / enable routing
# sysctl-w net.ipv4.ip_forward=1 / / use this option to change a sysctl setting
If the system restarts, or if the service network restart command is executed, the set value will be lost
Everything in the / proc directory is temporary, so any changes will be lost after rebooting the system.
One kind of permanent effect
The code is as follows:
# vi / etc/sysctl.conf
Change the value of net.ipv4.ip_forward=0 to 1 / / to turn on packet forwarding.
The code is as follows:
# sysctl-p / etc/sysctl.conf / / reload / etc/sysctl.conf file. If no path is specified after-p, load / etc/sysctl.conf
The specified value is set after the system enters multi-user mode. Not all variables can be set in this mode.
The sysctl variable is usually set as a string, number, or Boolean. (Boolean means 1 for 'yes',' and 0 for 'no').
The code is as follows:
[root@Firewall sys] # sysctl-a / / View all parameters
[root@Firewall sys] # sysctl net.core.wmem_max / / View the specified parameters
Net.core.wmem_max = 131071
[root@Firewall sys] # sysctl net.core.wmem_max=256000 / / modify the specified parameters
Net.core.wmem_max = 256000
Example
All the parameters seen by sysctl-a come from the contents of the files in the / proc/sys/ directory. You can use the method of grep plus sort and ll to view the corresponding
The code is as follows:
[root@Firewall sys] # pwd
/ proc/sys
[root@Firewall sys] # ll
Total 0
Dr-xr-xr-x 0 root root 0 Apr 12 14:29 crypto
Dr-xr-xr-x 0 root root 0 May 10 15:53 debug
Dr-xr-xr-x 0 root root 0 Apr 12 14:28 dev
Dr-xr-xr-x 0 root root 0 Apr 12 14:28 fs
Dr-xr-xr-x 0 root root 0 Apr 12 14:28 kernel
Dr-xr-xr-x 0 root root 0 Apr 12 14:28 net
Dr-xr-xr-x 0 root root 0 May 10 15:53 sunrpc
Dr-xr-xr-x 0 root root 0 May 10 15:53 vm
The code is as follows:
[root@Firewall netfilter] # pwd
/ proc/sys/net/netfilter
[root@Firewall netfilter] # sysctl-a | grep net.net | sort
Net.netfilter.nf_conntrack_acct = 1
Net.netfilter.nf_conntrack_buckets = 16384
Net.netfilter.nf_conntrack_checksum = 1
Net.netfilter.nf_conntrack_count = 1739
Net.netfilter.nf_conntrack_expect_max = 256
Net.netfilter.nf_conntrack_generic_timeout = 600,
Net.netfilter.nf_conntrack_icmp_timeout = 30
Net.netfilter.nf_conntrack_log_invalid = 0
Net.netfilter.nf_conntrack_max = 65536
Net.netfilter.nf_conntrack_tcp_be_liberal = 0
Net.netfilter.nf_conntrack_tcp_loose = 1
Net.netfilter.nf_conntrack_tcp_max_retrans = 3
Net.netfilter.nf_conntrack_tcp_timeout_close = 10
Net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
Net.netfilter.nf_conntrack_tcp_timeout_established = 432000
Net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
Net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30
Net.netfilter.nf_conntrack_tcp_timeout_max_retrans = 300
Net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60
Net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120
Net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
Net.netfilter.nf_conntrack_tcp_timeout_unacknowledged = 300
Net.netfilter.nf_conntrack_udp_timeout = 30
Net.netfilter.nf_conntrack_udp_timeout_stream = 180
The code is as follows:
[root@Firewall netfilter] # ll
Total 0
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_acct
-root root May 10 15:53 nf_conntrack_buckets
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_checksum
-root root May 10 15:53 nf_conntrack_count
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_expect_max
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_generic_timeout
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_icmp_timeout
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_log_invalid
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_max
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_be_liberal
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_loose
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_max_retrans
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_close
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_close_wait
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_established
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_fin_wait
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_last_ack
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_max_retrans
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_syn_recv
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_syn_sent
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_time_wait
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_tcp_timeout_unacknowledged
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_udp_timeout
-rw-r--r-- 1 root root 0 May 10 15:53 nf_conntrack_udp_timeout_stream
The code is as follows:
[root@Firewall core] # sysctl-a | grep net.core | sort
Net.core.dev_weight = 64
Net.core.message_burst = 10
Net.core.message_cost = 5
Net.core.netdev_budget = 300
Net.core.netdev_max_backlog = 1000
Net.core.optmem_max = 10240
Net.core.rmem_default = 111616
Net.core.rmem_max = 131071
Net.core.somaxconn = 8192
Net.core.warnings = 1
Net.core.wmem_default = 111616
Net.core.wmem_max = 131071
Net.core.xfrm_acq_expires = 30
Net.core.xfrm_aevent_etime = 10
Net.core.xfrm_aevent_rseqth = 2
Net.core.xfrm_larval_drop = 1
The code is as follows:
[root@Firewall core] # ll
Total 0
-rw-r--r-- 1 root root 0 May 10 15:53 dev_weight
-rw-r--r-- 1 root root 0 May 10 15:53 message_burst
-rw-r--r-- 1 root root 0 May 10 15:53 message_cost
-rw-r--r-- 1 root root 0 May 10 15:53 netdev_budget
-rw-r--r-- 1 root root 0 May 10 15:53 netdev_max_backlog
-rw-r--r-- 1 root root 0 May 10 15:53 optmem_max
-rw-r--r-- 1 root root 0 May 10 15:53 rmem_default
-rw-r--r-- 1 root root 0 May 10 15:53 rmem_max
-rw-r--r-- 1 root root 0 Apr 12 14:29 somaxconn
-rw-r--r-- 1 root root 0 May 10 15:53 warnings
-rw-r--r-- 1 root root 0 May 10 15:53 wmem_default
-rw-r--r-- 1 root root 0 May 10 15:53 wmem_max
-rw-r--r-- 1 root root 0 May 10 15:53 xfrm_acq_expires
-rw-r--r-- 1 root root 0 May 10 15:53 xfrm_aevent_etime
-rw-r--r-- 1 root root 0 May 10 15:53 xfrm_aevent_rseqth
-rw-r--r-- 1 root root 0 May 10 15:53 xfrm_larval_drop
This is the end of the content of "how to use the system parameter modification command sysctl in Linux". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
