Performance tuning with System Control (sysctl) in Ubuntu

Sponsored Link
The Linux kernel is flexible, and you can even modify the way it works on the fly by dynamically changing some of its parameters using sysctl command. Sysctl provides an interface that allows you to examine and change several hundred kernel parameters in Linux or BSD. Changes take effect immediately, and there's even a way to make them persist after a reboot.sysctl is used to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Procfs is required for sysctl support in Linux. You can use sysctl to both read and write sysctl data.Many of the tunable performance items can be configured directly by the kernel. The command sysctl is used to view current kernel settings and adjust them.

Important Note:- Editing sysctl.conf file might break your system this is for advanced users only

Procedure to follow

First you need to make a backup copy of /etc/sysctl.conf file using the following command

cp /etc/sysctl.conf   /etc/sysctl.conf.back

Now edit the /etc/sysctl.conf file

sudo gedit /etc/sysctl.conf

Use which is suitable for you

Add the following lines to /etc/sysctl.conf if you have 512MB RAM or more

kernel.sem = 250 32000 100 128
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
fs.file-max = 65536
vm.swappiness = 0
vm.vfs_cache_pressure = 50

If you have a fast broadband (UL 10Mbps / DL 10Mbps, my broadband connection speed) use the following setting

net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.ipv4.tcp_no_metrics_save = 1

If you have a Wifi (such as IEEE 802.11 a/b/g) or a 3.5G modem, use the following setting

net.core.rmem_default = 524288
net.core.rmem_max = 524288
net.core.wmem_default = 524288
net.core.wmem_max = 524288
net.ipv4.tcp_wmem = 4096 87380 524288
net.ipv4.tcp_rmem = 4096 87380 524288
net.ipv4.tcp_mem = 524288 524288 524288
net.ipv4.tcp_rfc1337 = 1
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_ecn = 0
net.ipv4.route.flush = 1

If you want to Prevent SYN attack use the following setting

net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 2

If you want to Disables packet forwarding use the following setting


Increase the maximum number of open files use the following setting

fs.file-max = 100000

Save and exit the file

Now you need to run the following command to take your changes in to live

sudo sysctl -p

If you know any more tuning parameters please share with us.

Sponsored Link

Related posts

16 thoughts on “Performance tuning with System Control (sysctl) in Ubuntu

  1. pro-tip: don’t do this unless you know what you’re doing.

    (or don’t complain when you have to reinstall)

  2. @joseph

    When you edit sysctl.conf file and add those values and run sysctl -p this should be persist after reboot

  3. i was found on other ubu tweak guide to set “vm.swappiness” to 0, not like in this solution to 1. So can someone tell me who have a better idea? Coz im confiused now :s

  4. The best idea is to perform the all important first step – backup the file!
    sudo cp /etc/sysctl.conf /etc/sysctl.conf.old

  5. Maybe it’s just me, but I never ever recommend randomly changing tuning settings without knowing WHY you are changing them or what they’re supposed to improve. After you go and mess with all of this, what are the tests you can do to see the improvements? Would you open the hood of your car and randomly turn adjusting screws without knowing what you were doing?

  6. ??? If one messes up, is there a way to boot from cd, mount the hard drive, then cp /etc/sysctl.conf.back /etc/sysctl.conf

  7. It can actually be made easier and without touching the original sysctl.conf. Just make file named something like 60-user.conf in the /etc/sysctl.d/ and put this stuff into it.

  8. A complete sysctl.conf with kernel tuning and network security hardening optimizations for dedicated server systems at high-speed networks with loads of RAM and bandwidth available.
    Optimised and tuned for high-performance web/ftp/mail/dns servers with high connection-rates.

    Available here:

  9. This comes up with Avast antivirus in Ubuntu. If you get an error when trying to start Avast! it is likely because the kernel.shmmax variable (shared memory max) is too small and needs to be increased:

    $ sudo gedit /etc/sysctl.d/60-user.conf

    In this file put:
    # this is to make avast work
    kernel.shmmax = 128000000

    This will become active after reboot, but if you want to get it working before your next reboot:

    $ sudo sysctl -p /etc/sysctl.d/60-user.conf

Leave a comment

Your email address will not be published. Required fields are marked *