/etc/sysctl.conf

/etc/sysctl.conf 用于控制内核相关的配置参数，而且它的内容全部是对应于 /proc/sys/ 这个目录的子目录及文件

[root@localhost ~]$ ll /proc/sys
total 0
dr-xr-xr-x 1 root root 0 Dec 25 11:38 abi       # 应用的二进制信息
dr-xr-xr-x 1 root root 0 Dec 25 11:38 debug     # 调试相关的系统配置目录
dr-xr-xr-x 1 root root 0 Dec 25 11:38 dev       # 设备相关的系统配置目录
dr-xr-xr-x 1 root root 0 Dec 14 16:19 fs        # 文件系统相关的系统配置目录
dr-xr-xr-x 1 root root 0 Dec 14 16:20 kernel    # 内核相关的系统配置目录
dr-xr-xr-x 1 root root 0 Dec 14 16:20 net       # 网络相关的系统配置目录
dr-xr-xr-x 1 root root 0 Dec 25 11:38 user      # 用户相关的系统配置目录
dr-xr-xr-x 1 root root 0 Dec 21 11:36 vm        # 内存相关的系统配置目录

常用配置如下，配置的说明参考：https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

# Network Settings
net.ipv4.conf.all.promote_secondaries = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_forward = 0
net.ipv4.neigh.default.gc_thresh3 = 4096
net.ipv4.tcp_syncookies = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.neigh.default.gc_thresh3 = 4096 
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0

# Kernel Settings
kernel.core_uses_pid = 1
kernel.msgmax = 65536
kernel.msgmnb = 65536
kernel.numa_balancing = 0
kernel.printk = 5
kernel.shmmax = 68719476736
kernel.softlockup_panic = 1
kernel.sysrq = 1