Over a million developers have joined DZone.

HAProxy Performance Tweaks: sysctl and config

DZone's Guide to

HAProxy Performance Tweaks: sysctl and config

Learn about the changes you should make to sysctl and HAProxy configurations to improve the performance of your entire setup.

· Performance Zone
Free Resource

Transform incident management with machine learning and analytics to help you maintain optimal performance and availability while keeping pace with the growing demands of digital business with this eBook, brought to you in partnership with BMC.

If you’re running a high-performance HAProxy setup, there are many tweaks and settings that you can benefit from. Some of these can be complex, but there are many that can quite easily increase your performance. We’ll give you some tips here to get that extra bit of performance you need!

Warning: These are mostly kernel changes and can cause unknown issues. Please Google any changes you are unsure of, or ask us!

Sysctl.conf Changes

sysctl is a program used to tweak kernel settings on your OS. These can allow you to optimize specifically the way your kernel is handling things — specifically, networking. If you are using Snapt, for HAProxy you can navigate to the Setup > Configuration > Performance menu. Alternatively, you can manually edit the /etc/sysctl.conf file.

These are specifically designed to optimize your Linux installation forhaproxy, allowing it to perform better under peak loads and allowing you to get more requests per second.

You can apply our selected tweaks by pasting the below into your /etc/sysctl.conf file, and then running  sysctl -p" to apply the changes.

# Increase the max OS recv/send buffer size
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

# Increase the connection track table size
net.ipv4.netfilter.ip_conntrack_max = 999999

# Widen the local port range to allow more ports
net.ipv4.ip_local_port_range = 1024 65023

# Lower the TCPFIN timeout
net.ipv4.tcp_fin_timeout = 30

# Increase the max backlog, syn tweaks
net.core.netdev_max_backlog = 10000
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 3

# Enable syn cookies vs syn floods, RP filter
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.rp_filter = 1

# Increase to handle spikes of traffic
net.core.somaxconn = 60000

# Increase the TIME WAIT buckets pool size for DoS/performance
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_reuse = 1

# Adjust TCP orphan limit
net.ipv4.tcp_max_orphans = 262144

If any give you an error it may be because of a kernel version or anything else, just remove the relevant line. Remember to reboot or run sysctl -p” to apply this.

Haproxy.cfg Config Changes

Below are several tips to keep in mind when creating or adjusting your haproxy.cfg file.

Mode Selection

TCP mode groups are much less load than HTTP. Check your "mode" setting under a listen, frontend, or backend section of the config. If you don't need to do any HTTP level adjustments then TCP mode will be much faster.

HTTP Tweaks

There are a lot of configuration changes that effect performance, but there are (as always) some easy tweaks to get more out of your server farm. Firstly, consider adding option httpclose to all your HTTP groups. In Snapt, this is called “Force HTTP Close.” This will stop keepalives, but that will be to your advantage. Also, add  option abortonclose – this will close aborted requests.

Maxconn Setting

HAProxy limits connections on a global level as well as a frontend/listen level to the maxconn setting. It restricts the maximum number of connections HAProxy will accept (at a time), so make sure it’s high enough. You can use this in groups as well as globally. In Snapt, this is called “Maximum Connections.”

Make sure you don't have it set high in the "global" section of the config, but not high enough in the "listen" or "frontend" section!

Balance Method

Only use what you require when choosing a balance method. Remember that roundrobin is going to be much faster, so if there is no requirement for a more advanced method don’t use it (in performance sensitive situations).


HTTP compression uses a lot of CPU, and if you are in a high-performance environment, you will want to disable it. This obviously has pluses and minuses.

Evolve your approach to Application Performance Monitoring by adopting five best practices that are outlined and explored in this e-book, brought to you in partnership with BMC.

haproxy ,performance ,tutorial ,sysctl ,configurations ,speed

Published at DZone with permission of Nadine Arnold. See the original article here.

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}