VPS优化设置
1.更新系统
apt update -y && apt install -y curl socat wget sudo zip2.修改vps时间
修改设置时区
修改到上海:
sudo timedatectl set-timezone Asia/Shanghai查看当前时区
date -R3.开启 BBR 加速
echo net.core.default_qdisc=fq >> /etc/sysctl.conf
echo net.ipv4.tcp_congestion_control=bbr >> /etc/sysctl.conf
sysctl -p检查是否成功:
sysctl net.ipv4.tcp_available_congestion_control显示:
sysctl net.ipv4.tcp_available_congestion_control
net.ipv4.tcp_available_congestion_control = bbr cubic reno表示开启成功。
4.安装加速工具
预先准备
centos:yum install ca-certificates wget -y && update-ca-trust force-enable
debian/ubuntu:apt-get install ca-certificates wget -y && update-ca-certificates不卸载内核版本
wget -O tcpx.sh "https://github.com/ylx2016/Linux-NetSpeed/raw/master/tcpx.sh" && chmod +x tcpx.sh && ./tcpx.sh卸载内核版本
wget -O tcp.sh "https://github.com/ylx2016/Linux-NetSpeed/raw/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh 5.TCP调优
nano /etc/sysctl.conf
亚太(绿云)
# ==========================
# 基础队列 & 拥塞控制
# ==========================
net.core.default_qdisc = cake
net.ipv4.tcp_congestion_control = bbr
# ==========================
# 缓冲区优化(高带宽延迟积)
# ==========================
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
# 禁用 TCP 空闲后慢启动,避免突发大流量被限速
net.ipv4.tcp_slow_start_after_idle = 0
# ==========================
# MTU / 分片优化
# ==========================
# 避免路径 MTU 问题,自动探测
net.ipv4.tcp_mtu_probing = 1
# ==========================
# TIME_WAIT / 连接优化
# ==========================
# 更快回收 TCP 连接,减少 TIME_WAIT 过多
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 10
# ==========================
# 防止软银高峰期断流
# ==========================
# 打开 TCP keepalive,避免连接被运营商过早丢弃
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 5
# 增加 SYN backlog,防止半连接攻击或突发丢包
net.ipv4.tcp_max_syn_backlog = 4096
# 打开 fastopen,减少握手延迟
net.ipv4.tcp_fastopen = 3美西(瓦工)
# ===================================================================
# TCP/IP Tuning for 1Gbps High-BDP Link (US West -> China Optimized)
# Based on NetQuality report for AS398493
# Primary Target: Direct connection with ~165ms RTT
# ===================================================================
# === 1. 核心TCP缓冲区设置 (针对中美直连优化) ===
# 基于BDP计算: 1Gbps @ 163ms RTT -> BDP ~20.4MB.
# BBR需要至少 2*BDP 的缓冲区 (~40.8MB) 以跑满带宽.
# 我们设定一个略微宽裕的值 42728500 bytes (~42.7MB).
# 这个配置向下兼容低延迟的落地机场景.
net.core.rmem_max=42728500
net.core.wmem_max=42728500
net.ipv4.tcp_rmem=4096 87380 42728500
net.ipv4.tcp_wmem=4096 16384 42728500
# UDP缓冲区也适当增加, 防止高速传输时丢包
net.ipv4.udp_rmem_min=8192
net.ipv4.udp_wmem_min=8192
# === 2. 队列与拥塞控制 (BBR + FQ) ===
# 现代高性能服务器的最佳组合, 专为高延迟、有损网络优化
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
net.core.netdev_max_backlog=65536
# === 3. 高并发连接支持 ===
# 对于可能作为网站、游戏或代理服务器的场景至关重要
net.core.somaxconn=65536
net.ipv4.tcp_max_syn_backlog=65536
# === 4. 连接管理与TCP高级特性 ===
# 沿用您之前稳定高效的配置组合
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_fack=1
net.ipv4.tcp_moderate_rcvbuf=1
net.ipv4.tcp_adv_win_scale=2
net.ipv4.tcp_fastopen=3
net.ipv4.tcp_fin_timeout=15
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_no_metrics_save=1
net.ipv4.tcp_frto=1
net.ipv4.tcp_mtu_probing=1
# 明确禁用ECN, 避免部分中间设备导致的问题
net.ipv4.tcp_ecn=0
# 明确开启时间戳以启用PAWS (防止序列号回绕)
net.ipv4.tcp_timestamps=1
# BBR建议关闭idle-after-slow-start, 避免连接空闲后速度重置
net.ipv4.tcp_slow_start_after_idle=0
# Keepalive设置, 更快地清理死亡连接
net.ipv4.tcp_keepalive_time=60
net.ipv4.tcp_keepalive_probes=5
net.ipv4.tcp_keepalive_intvl=10
# === 5. 安全加固 ===
# 开启SYN Cookies, 防御SYN洪水攻击 (关键!)
net.ipv4.tcp_syncookies=1
# === 6. 文件系统设置 ===
# 提高系统级文件句柄上限
fs.file-max=6815744
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1应用修改sysctl -p
辅助网站
https://tcp-cal.mereith.com/
https://omnitt.com/
6.Linux VPS 添加 Swap 虚拟内存
wget https://raw.githubusercontent.com/zhucaidan/swap.sh/main/swap.sh && bash swap.sh7.禁用IPV6
vi /etc/sysctl.confnet.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1sysctl -p8.x-ui
目前在使用
bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh)bash <(curl -Ls https://raw.githubusercontent.com/FranzKafkaYu/x-ui/master/install.sh)