Article ID: 111197, created on Apr 27, 2011, last review on Oct 13, 2014

  • Applies to:
  • Virtuozzo 6.0
  • Virtuozzo containers for Linux 4.7
  • Virtuozzo containers for Linux 4.6
  • Virtuozzo hypervisor

Symptoms

The server responds slowly via network protocols due to intensive network activity. The most obvious indication is the slow SSH greeting:

~# ssh -l root 192.168.1.111
..... 30-120 seconds delay .....
The authenticity of host '192.168.1.111(192.168.1.111)' can't be established.
RSA key fingerprint is 6c:9b:d0:4c:17:86:b2:3b:be:35:f2:62:7a:c5:e0:e1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.111' (RSA) to the list of known hosts.
..... 30-120 seconds delay .....
root@192.168.1.111's password:

Resolution

Increase TCP memory limits and check network performance afterward:

  1. Stop virtualization services (all virtual environments will be stopped):

    ~# service vz stop
    ~# service parallels-server stop
    
  2. Update network-related kernel variables:

    ~# sysctl -w net.core.rmem_max=2097152
    ~# sysctl -w net.core.wmem_max=2097152
    ~# sysctl -w net.core.rmem_default=65536
    ~# sysctl -w net.core.wmem_default=65536
    ~# sysctl -w net.ipv4.tcp_rmem='4096 87380 2097152'
    ~# sysctl -w net.ipv4.tcp_wmem='4096 65536 2097152'
    ~# sysctl -w net.ipv4.tcp_mem='1887436 1992294 2097152'
    ~# sysctl -w net.ipv4.route.flush=1
    
  3. Start virtualization services:

    ~# service vz start
    ~# service parallels-server start
    
  4. To save changes permanently and apply them after rebooting, modify /etc/sysctl.conf to contain these lines:

    ~# grep -E 'mem|flush' /etc/sysctl.conf
    net.core.rmem_max = 2097152
    net.core.wmem_max = 2097152
    net.core.rmem_default = 65536
    net.core.wmem_default = 65536
    net.ipv4.tcp_rmem = 4096 87380 2097152
    net.ipv4.tcp_wmem = 4096 65536 2097152
    net.ipv4.tcp_mem = 1887436 1992294 2097152
    net.ipv4.route.flush = 1
    

Note: Increasing TCP memory limits to values greater than half of the kernel memory may lead to performance degradation, which is why values should not be set to more than the following:

  • i386 architecture (non-enterprise kernel) - 71680 pages ( ~300 MB)
  • i386 architecture (enterprise kernel) - 256000 pages ( ~1 GB)
  • x86_64 architecture - 2097152 pages ( ~8 GB)

Additional information

For more information, refer to these sources:

Search Words

tune

slow SSH

TCP memory limits

network

network performance

a26b38f94253cdfbf1028d72cf3a498b 36627b12981f68a16405a79233409a5e d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb 2897d76d56d2010f4e3a28f864d69223 0c05f0c76fec3dd785e9feafce1099a9 0dd5b9380c7d4884d77587f3eb0fa8ef c62e8726973f80975db0531f1ed5c6a2

Email subscription for changes to this article
Save as PDF