-
Notifications
You must be signed in to change notification settings - Fork 74
🚀 Running 1000 Proxies on Linux: Advanced Kernel Tuning Guide
engageub edited this page May 20, 2026
·
2 revisions
To successfully run over 1,000 proxies (Docker containers or processes), your Linux system needs proper tuning for high concurrency, file descriptors, and network performance. You can change the configuration based on your host.
sudo vi /etc/sysctl.confVi Commands:
- Press
i→ Enter Insert mode - Paste the configuration below
- Press
Esc→ Exit Insert mode - Type
:wqand pressEnter→ Save & Exit
# =============================================================================
# /etc/sysctl.conf — Optimized for 1000+ Proxies
# =============================================================================
# Kernel
kernel.panic = 10
# Virtual Memory
vm.vfs_cache_pressure = 50
vm.nr_hugepages = 128
vm.swappiness = 10
vm.dirty_writeback_centisecs = 500
vm.dirty_expire_centisecs = 1000
vm.compaction_proactiveness = 0
# Network Core
net.core.rmem_max = 134217728
net.core.wmem_max = 134217728
net.core.rmem_default = 524288
net.core.wmem_default = 524288
net.core.netdev_max_backlog = 5000
net.core.netdev_budget = 300
net.core.netdev_budget_usecs = 2000
net.core.somaxconn = 65535
net.core.optmem_max = 16777216
# TCP Tuning
net.ipv4.tcp_rmem = 4096 262144 134217728
net.ipv4.tcp_wmem = 4096 262144 134217728
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_mem = 786432 1048576 26777216
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_low_latency = 1
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_max_syn_backlog = 65536
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_max_tw_buckets = 2000000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65535
# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
# Filesystem
fs.file-max = 2097152
fs.inotify.max_user_watches = 1048576
fs.inotify.max_user_instances = 8192
fs.inotify.max_queued_events = 1048576sudo sysctl -psudo reboot# Check key values
sudo sysctl -a | grep -E 'file-max|somaxconn|tcp_max_syn_backlog|tcp_congestion_control'
# Monitor file descriptors
cat /proc/sys/fs/file-nr