Linux tuning
Follow these recommendations for your Linux environment to prevent deployment issues, to increase the performance and capacity of the networking stack, particularly TCP and the file descriptor usage, and to enable PingFederate to handle a high volume of concurrent requests.
Network/TCP tuning
For SystemV
, add or modify the following entries in the /etc/sysctl.conf
file.
For systemd
, you can create a sysctl preload/configuration file in /etc/sysctl.d
(for example, 99-sysctl.conf
) in which to add and modify the following entries.
# TCP Tuning # # Controls the use of TCP syncookies (default is 1) # and increase the number of outstanding syn requests allowed. net.ipv4.tcp_syncookies=1 net.ipv4.tcp_max_syn_backlog=8192 # Increase number of incoming connections. # somaxconn defines the number of request_sock structures allocated # per each listen call. # The queue is persistent through the life of the listen socket. net.core.somaxconn=4096 # Increase number of incoming connections backlog queue. # Sets the maximum number of packets, queued on the INPUT side, # when the interface receives packets faster # than kernel can process them. net.core.netdev_max_backlog=65536 # increase system IP port limits net.ipv4.ip_local_port_range=2048 65535 # Turn on window scaling which can enlarge the transfer window: net.ipv4.tcp_window_scaling=1 # decrease TCP timeout net.ipv4.tcp_fin_timeout=10 # Allow reuse of sockets in TIME_WAIT state for new connections # (While this may increase performance, use with caution according # to the kernel documentation. This setting should only be enabled # after the system administrator reviews security considerations.) net.ipv4.tcp_tw_reuse=1 # Increase the read and write buffer space allocatable # (minimum size, initial size, and maximum size in bytes) net.ipv4.tcp_rmem = 4096 65536 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 # The maximum number of packets which may be queued # for each unresolved address by other network layers net.ipv4.neigh.default.unres_qlen=100 net.ipv4.neigh.eth0.unres_qlen=100 net.ipv4.neigh.em1.unres_qlen=100 # Default Socket Receive and Write Buffer net.core.rmem_default=8388608 net.core.wmem_default=8388608