bobuss · August 15, 2025 15:44 · Sep 13, 2013 · Sep 10, 2013
diff --git a/gistfile1.md b/gistfile1.md
@@ -1,6 +1,3 @@
-Tuning the Linux Kernel for many tcp connections
-------------------------------------------------
-
 (from http://www.metabrew.com/article/a-million-user-comet-application-with-mochiweb-part-1)
 
 Save yourself some time and tune the kernel tcp settings before testing with lots of connections, or your test will fail and you’ll see lots of Out of socket memory messages (and if you are masquerading, nf_conntrack: table full, dropping packet.)

diff --git a/gistfile1.md b/gistfile1.md
@@ -0,0 +1,26 @@
+Tuning the Linux Kernel for many tcp connections
+------------------------------------------------
+
+(from http://www.metabrew.com/article/a-million-user-comet-application-with-mochiweb-part-1)
+
+Save yourself some time and tune the kernel tcp settings before testing with lots of connections, or your test will fail and you’ll see lots of Out of socket memory messages (and if you are masquerading, nf_conntrack: table full, dropping packet.)
+
+Here are the sysctl settings I ended up with - YMMV, but these will probably do:
+
+```
+$ cat /etc/sysctl.conf
+# General gigabit tuning:
+net.core.rmem_max = 16777216
+net.core.wmem_max = 16777216
+net.ipv4.tcp_rmem = 4096 87380 16777216
+net.ipv4.tcp_wmem = 4096 65536 16777216
+net.ipv4.tcp_syncookies = 1
+# this gives the kernel more memory for tcp
+# which you need with many (100k+) open socket connections
+net.ipv4.tcp_mem = 50576   64768   98152
+net.core.netdev_max_backlog = 2500
+# I was also masquerading the port comet was on, you might not need this
+net.ipv4.netfilter.ip_conntrack_max = 1048576
+```
+
+Put these in /etc/sysctl.conf then run sysctl -p to apply them. No need to reboot, now your kernel should be able to handle a lot more open connections, yay.