本文主要列举了几种vps(OpenVZ、Xen、KVM)一键搭建shadowsocks服务端,优化TCP,优化内核中的拥塞算法以提升shadowsocks效率和速度的方法.

一键安装

一键安装脚本这里参照的是”秋水逸冰”的博文及脚本,出于低内存占用考虑,均为shadowsocks-libev.这里以操作系统的版本为分类进行阐述:

Debian或Ubuntu下:

安装方法:

1
2
3
wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-libev-debian.sh
chmod +x shadowsocks-libev-debian.sh
./shadowsocks-libev-debian.sh 2>&1 | tee shadowsocks-libev-debian.log

脚本备份(点击展开):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
#! /bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
#===============================================================================================
# System Required: Debian or Ubuntu (32bit/64bit)
# Description: Install Shadowsocks(libev) for Debian or Ubuntu
# Author: Teddysun <[email protected]>
# Intro: http://teddysun.com/358.html
#===============================================================================================

clear
echo "#############################################################"
echo "# Install Shadowsocks(libev) for Debian or Ubuntu (32bit/64bit)"
echo "# Intro: http://teddysun.com/358.html"
echo "#"
echo "# Author: Teddysun <[email protected]>"
echo "#"
echo "#############################################################"
echo ""

# Install Shadowsocks-libev
function install_shadowsocks_libev(){
rootness
disable_selinux
pre_install
download_files
config_shadowsocks
install
}

# Make sure only root can run our script
function rootness(){
if [[ $EUID -ne 0 ]]; then
echo "Error:This script must be run as root!" 1>&2
exit 1
fi
}

# Disable selinux
function disable_selinux(){
if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
fi
}

# Pre-installation settings
function pre_install(){
#Set shadowsocks-libev config password
echo "Please input password for shadowsocks-libev:"
read -p "(Default password: teddysun.com):" shadowsockspwd
if [ "$shadowsockspwd" = "" ]; then
shadowsockspwd="teddysun.com"
fi
echo "password:$shadowsockspwd"
echo "####################################"
get_char(){
SAVEDSTTY=`stty -g`
stty -echo
stty cbreak
dd if=/dev/tty bs=1 count=1 2> /dev/null
stty -raw
stty echo
stty $SAVEDSTTY
}
echo ""
echo "Press any key to start...or Press Ctrl+C to cancel"
char=`get_char`
#Install necessary dependencies
apt-get install -y wget unzip curl build-essential autoconf libtool libssl-dev
# Get IP address
echo "Getting Public IP address, Please wait a moment..."
IP=`curl -s checkip.dyndns.com | cut -d' ' -f 6 | cut -d'<' -f 1`
if [ -z $IP ]; then
IP=`curl -s ifconfig.me/ip`
fi
#Current folder
cur_dir=`pwd`
cd $cur_dir
}

# Download latest shadowsocks-libev
function download_files(){
if [ -f shadowsocks-libev.zip ];then
echo "shadowsocks-libev.zip [found]"
else
if ! wget --no-check-certificate https://github.com/madeye/shadowsocks-libev/archive/master.zip -O shadowsocks-libev.zip;then
echo "Failed to download shadowsocks-libev.zip"
exit 1
fi
fi
unzip shadowsocks-libev.zip
if [ $? -eq 0 ];then
cd $cur_dir/shadowsocks-libev-master/
else
echo ""
echo "Unzip shadowsocks-libev failed! Please visit http://teddysun.com/358.html and contact."
exit 1
fi
}

# Config shadowsocks
function config_shadowsocks(){
if [ ! -d /etc/shadowsocks ];then
mkdir /etc/shadowsocks
fi
cat > /etc/shadowsocks/config.json<<-EOF
{
"server":"${IP}",
"server_port":8989,
"local_address":"127.0.0.1",
"local_port":1080,
"password":"${shadowsockspwd}",
"timeout":600,
"method":"aes-256-cfb"
}
EOF
}

# Install
function install(){
# Build and Install shadowsocks-libev
if [ -s /usr/local/bin/ss-server ];then
echo "shadowsocks-libev has been installed!"
exit 0
else
./configure
make && make install
if [ $? -eq 0 ]; then
# Add run on system start up
cat /etc/rc.local | grep 'ss-server' > /dev/null 2>&1
if [ $? -ne 0 ]; then
cp -rpf /etc/rc.local /opt/rc.local_bak
col=`awk 'END{print NR}' /etc/rc.local`
sed -i ''"$col"'i nohup /usr/local/bin/ss-server -c /etc/shadowsocks/config.json > /dev/null 2>&1 &' /etc/rc.local
fi
# Run shadowsocks in the background
nohup /usr/local/bin/ss-server -c /etc/shadowsocks/config.json > /dev/null 2>&1 &
# Run success or not
ps -ef | grep -v grep | grep -v ps | grep -i '/usr/local/bin/ss-server' > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo "Shadowsocks-libev start success!"
else
echo "Shadowsocks-libev start failure!"
fi
else
echo ""
echo "Shadowsocks-libev install failed! Please visit http://teddysun.com/358.html and contact."
exit 1
fi
fi
cd $cur_dir
# Delete shadowsocks-libev floder
rm -rf $cur_dir/shadowsocks-libev-master/
# Delete shadowsocks-libev zip file
rm -f shadowsocks-libev.zip
clear
echo ""
echo "Congratulations, shadowsocks-libev install completed!"
echo -e "Your Server IP: \033[41;37m ${IP} \033[0m"
echo -e "Your Server Port: \033[41;37m 8989 \033[0m"
echo -e "Your Password: \033[41;37m ${shadowsockspwd} \033[0m"
echo -e "Your Local IP: \033[41;37m 127.0.0.1 \033[0m"
echo -e "Your Local Port: \033[41;37m 1080 \033[0m"
echo -e "Your Encryption Method: \033[41;37m aes-256-cfb \033[0m"
echo ""
echo "Welcome to visit:http://teddysun.com/358.html"
echo "Enjoy it!"
echo ""
}

# Uninstall Shadowsocks-libev
function uninstall_shadowsocks_libev(){
printf "Are you sure uninstall Shadowsocks-libev? (y/n) "
printf "\n"
read -p "(Default: n):" answer
if [ -z $answer ]; then
answer="n"
fi
if [ "$answer" = "y" ]; then
NODE_PID=`ps -ef | grep -v grep | grep -v ps | grep -i '/usr/local/bin/ss-server' | awk '{print $2}'`
if [ ! -z $NODE_PID ]; then
for pid in $NODE_PID
do
kill -9 $pid
if [ $? -eq 0 ]; then
echo "Shadowsocks-libev process[$pid] has been killed"
fi
done
fi
# restore /etc/rc.local
if [[ -s /opt/rc.local_bak ]]; then
rm -f /etc/rc.local
mv /opt/rc.local_bak /etc/rc.local
fi
# delete config file
rm -rf /etc/shadowsocks
# delete shadowsocks
rm -f /usr/local/bin/ss-local
rm -f /usr/local/bin/ss-tunnel
rm -f /usr/local/bin/ss-server
rm -f /usr/local/bin/ss-redir
rm -f /usr/local/share/man/man8/shadowsocks.8
echo "Shadowsocks-libev uninstall success!"
else
echo "uninstall cancelled, Nothing to do"
fi
}

# Initialization step
action=$1
[ -z $1 ] && action=install
case "$action" in
install)
install_shadowsocks_libev
;;
uninstall)
uninstall_shadowsocks_libev
;;
*)
echo "Arguments error! [${action} ]"
echo "Usage: `basename $0` {install|uninstall}"
;;
esac

卸载方法:

1
./shadowsocks-libev.sh uninstall

配置文件路径:
/etc/shadowsocks/config.json

启动(安装完成后已设置开机自启动):

1
nohup /usr/local/bin/ss-server -c /etc/shadowsocks/config.json > /dev/null 2>&1 &

停止:

1
ps -ef | grep -v grep | grep -v ps | grep -i '/usr/local/bin/ss-server' | awk '{print $2}'

上面的命令获得一个数字(pid),然后再使用kill+空格+这个数字 即可.

CentOS下:

安装方法:

1
2
3
wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-libev.sh
chmod +x shadowsocks-libev.sh
./shadowsocks-libev.sh 2>&1 | tee shadowsocks-libev.log

脚本备份(点击展开):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
#! /bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
#===============================================================================================
# System Required: CentOS6.x (32bit/64bit)
# Description: Install Shadowsocks(libev) for CentOS
# Author: Teddysun <[email protected]>
# Intro: http://teddysun.com/357.html
#===============================================================================================

clear
echo "#############################################################"
echo "# Install Shadowsocks(libev) for CentOS6.x (32bit/64bit)"
echo "# Intro: http://teddysun.com/357.html"
echo "#"
echo "# Author: Teddysun <[email protected]>"
echo "#"
echo "#############################################################"
echo ""

# Install Shadowsocks-libev
function install_shadowsocks_libev(){
rootness
disable_selinux
pre_install
download_files
config_shadowsocks
iptables_set
install
}

# Make sure only root can run our script
function rootness(){
if [[ $EUID -ne 0 ]]; then
echo "Error:This script must be run as root!" 1>&2
exit 1
fi
}

# Disable selinux
function disable_selinux(){
if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
fi
}

# Pre-installation settings
function pre_install(){
#Set shadowsocks-libev config password
echo "Please input password for shadowsocks-libev:"
read -p "(Default password: teddysun.com):" shadowsockspwd
if [ "$shadowsockspwd" = "" ]; then
shadowsockspwd="teddysun.com"
fi
echo "password:$shadowsockspwd"
echo "####################################"
get_char(){
SAVEDSTTY=`stty -g`
stty -echo
stty cbreak
dd if=/dev/tty bs=1 count=1 2> /dev/null
stty -raw
stty echo
stty $SAVEDSTTY
}
echo ""
echo "Press any key to start...or Press Ctrl+C to cancel"
char=`get_char`
#Install necessary dependencies
yum install -y wget unzip openssl-devel gcc swig python python-devel python-setuptools autoconf libtool libevent
yum install -y automake make curl curl-devel zlib-devel openssl-devel perl perl-devel cpio expat-devel gettext-devel
# Get IP address
echo "Getting Public IP address, Please wait a moment..."
IP=`curl -s checkip.dyndns.com | cut -d' ' -f 6 | cut -d'<' -f 1`
if [ -z $IP ]; then
IP=`curl -s ifconfig.me/ip`
fi
#Current folder
cur_dir=`pwd`
cd $cur_dir
}

# Download latest shadowsocks-libev
function download_files(){
if [ -f shadowsocks-libev.zip ];then
echo "shadowsocks-libev.zip [found]"
else
if ! wget --no-check-certificate https://github.com/madeye/shadowsocks-libev/archive/master.zip -O shadowsocks-libev.zip;then
echo "Failed to download shadowsocks-libev.zip"
exit 1
fi
fi
unzip shadowsocks-libev.zip
if [ $? -eq 0 ];then
cd $cur_dir/shadowsocks-libev-master/
else
echo ""
echo "Unzip shadowsocks-libev failed! Please visit http://teddysun.com/357.html and contact."
exit 1
fi
# Download start script
if ! wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-libev; then
echo "Failed to download shadowsocks-libev start script!"
exit 1
fi
}

# Config shadowsocks
function config_shadowsocks(){
if [ ! -d /etc/shadowsocks-libev ];then
mkdir /etc/shadowsocks-libev
fi
cat > /etc/shadowsocks-libev/config.json<<-EOF
{
"server":"${IP}",
"server_port":8989,
"local_address":"127.0.0.1",
"local_port":1080,
"password":"${shadowsockspwd}",
"timeout":600,
"method":"aes-256-cfb"
}
EOF
}

# iptables set
function iptables_set(){
/sbin/service iptables status 1>/dev/null 2>&1
if [ $? -eq 0 ]; then
/etc/init.d/iptables status | grep '8989' | grep 'ACCEPT' >/dev/null 2>&1
if [ $? -ne 0 ]; then
/sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 8989 -j ACCEPT
/etc/init.d/iptables save
/etc/init.d/iptables restart
fi
fi
}

# Install
function install(){
# Build and Install shadowsocks-libev
if [ -s /usr/local/bin/ss-server ];then
echo "shadowsocks-libev has been installed!"
exit 0
else
./configure
make && make install
if [ $? -eq 0 ]; then
mv $cur_dir/shadowsocks-libev-master/shadowsocks-libev /etc/init.d/shadowsocks
chmod +x /etc/init.d/shadowsocks
# Add run on system start up
chkconfig --add shadowsocks
chkconfig shadowsocks on
# Start shadowsocks
/etc/init.d/shadowsocks start
if [ $? -eq 0 ]; then
echo "Shadowsocks-libev start success!"
else
echo "Shadowsocks-libev start failure!"
fi
else
echo ""
echo "Shadowsocks-libev install failed! Please visit http://teddysun.com/357.html and contact."
exit 1
fi
fi
cd $cur_dir
# Delete shadowsocks-libev floder
rm -rf $cur_dir/shadowsocks-libev-master/
# Delete shadowsocks-libev zip file
rm -f shadowsocks-libev.zip
clear
echo ""
echo "Congratulations, shadowsocks-libev install completed!"
echo -e "Your Server IP: \033[41;37m ${IP} \033[0m"
echo -e "Your Server Port: \033[41;37m 8989 \033[0m"
echo -e "Your Password: \033[41;37m ${shadowsockspwd} \033[0m"
echo -e "Your Local IP: \033[41;37m 127.0.0.1 \033[0m"
echo -e "Your Local Port: \033[41;37m 1080 \033[0m"
echo -e "Your Encryption Method: \033[41;37m aes-256-cfb \033[0m"
echo ""
echo "Welcome to visit:http://teddysun.com/357.html"
echo "Enjoy it!"
echo ""
}

# Uninstall Shadowsocks-libev
function uninstall_shadowsocks_libev(){
printf "Are you sure uninstall shadowsocks_libev? (y/n) "
printf "\n"
read -p "(Default: n):" answer
if [ -z $answer ]; then
answer="n"
fi
if [ "$answer" = "y" ]; then
ps -ef | grep -v grep | grep -v ps | grep -i "ss-server" > /dev/null 2>&1
if [ $? -eq 0 ]; then
/etc/init.d/shadowsocks stop
fi
chkconfig --del shadowsocks
# delete config file
rm -rf /etc/shadowsocks-libev
# delete shadowsocks
rm -f /usr/local/bin/ss-local
rm -f /usr/local/bin/ss-tunnel
rm -f /usr/local/bin/ss-server
rm -f /usr/local/bin/ss-redir
rm -f /usr/local/share/man/man8/shadowsocks.8
rm -f /etc/init.d/shadowsocks
echo "Shadowsocks-libev uninstall success!"
else
echo "uninstall cancelled, Nothing to do"
fi
}

# Initialization step
action=$1
[ -z $1 ] && action=install
case "$action" in
install)
install_shadowsocks_libev
;;
uninstall)
uninstall_shadowsocks_libev
;;
*)
echo "Arguments error! [${action} ]"
echo "Usage: `basename $0` {install|uninstall}"
;;
esac

卸载方法:

1
./shadowsocks-libev.sh uninstall

配置文件路径:

1
/etc/shadowsocks-libev/config.json

常用指令:

1
2
3
4
5
6
7
8
#启动:
/etc/init.d/shadowsocks start
#停止:
/etc/init.d/shadowsocks stop
#重启:
/etc/init.d/shadowsocks restart
#查看状态:
/etc/init.d/shadowsocks status

TCP性能优化:

这里参照北落师门的方案,按VPS的技术类型对Xen、KVM和OpenVZ分开阐述:

Xen、KVM:

修改/etc/sysctl.conf文件,增加以下项目:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
fs.file-max = 51200
#提高整个系统的文件限制
net.ipv4.tcp_syncookies = 1
#表示开启SYN Cookies。当出现SYN等待队列溢出时,启用cookies来处理,可防范少量SYN攻击,默认为0,表示关闭;
net.ipv4.tcp_tw_reuse = 1
#表示开启重用。允许将TIME-WAIT sockets重新用于新的TCP连接,默认为0,表示关闭;
net.ipv4.tcp_tw_recycle = 0
#表示开启TCP连接中TIME-WAIT sockets的快速回收,默认为0,表示关闭;
#为了对NAT设备更友好,建议设置为0。
net.ipv4.tcp_fin_timeout = 30
#修改系統默认的 TIMEOUT 时间。
net.ipv4.tcp_keepalive_time = 1200
#表示当keepalive起用的时候,TCP发送keepalive消息的频度。缺省是2小时,改为20分钟。
net.ipv4.ip_local_port_range = 10000 65000 #表示用于向外连接的端口范围。缺省情况下很小:32768到61000,改为10000到65000。(注意:这里不要将最低值设的太低,否则可能会占用掉正常的端口!)
net.ipv4.tcp_max_syn_backlog = 8192
#表示SYN队列的长度,默认为1024,加大队列长度为8192,可以容纳更多等待连接的网络连接数。
net.ipv4.tcp_max_tw_buckets = 5000
#表示系统同时保持TIME_WAIT的最大数量,如果超过这个数字,TIME_WAIT将立刻被清除并打印警告信息。
#额外的,对于内核版本新于**3.7.1**的,我们可以开启tcp_fastopen:
net.ipv4.tcp_fastopen = 3

# increase TCP max buffer size settable using setsockopt()
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
# increase Linux autotuning TCP buffer limit
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
# increase the length of the processor input queue
net.core.netdev_max_backlog = 250000
# recommended for hosts with jumbo frames enabled
net.ipv4.tcp_mtu_probing=1

保存并退出该文件,然后使用以下指令使配置生效:

1
sysctl -p

如果显示出了生效信息且没有显示出错信息,则优化完成.

OpenVZ:

对于OpenVZ,如果直接使用以上方法修改,当sysctl -p会发现一堆的permission denied出错信息.
谷歌了下,据说是因为OpenVZ模版的限制比较多直接修改sysctl会被拒绝,(网上有部分文章有关于openvz去除sysctl.conf报错的文章,其实只是自我安慰的疗法)因此以上优化方案在OpenVZ下不可用.

使用锐速对ss进行显著提速

详情请见本人的另外一篇文章:更换Linux内核优化锐速,为shadowsocks和IkeV2加速

优化拥塞算法Hybla :

这部分参照了V2EX上的tcp_hybla 编译内核模块的教程.
这一步本人在Linode上实验成功.(Linode是Xen的),系统为Ubuntu,其他系统没有尝试.当然据说Digital Ocean (DO是KVM模板)上的ubuntu官方内核自带了,可略去编译部分,直接调用hybla算法.(补充:经本人测试,Digital Ocan上,直接在/etc/sysctl.conf文件中加入hybla参数就可以直接调用了.如果你是Digital Ocan的话,恭喜你,直接跳到下面方法的第九步)

由于本人对此部分了解有限,完全是照着原文操作成功的,现转载此部分内容,以作备用:

  1. 查看你的机器内核版本:

    1
    uname -r

    显示结果如:3.11.6-x86_64-linode35

  2. https://www.kernel.org/pub/linux/kernel/v3.0/ 下载相同版本的源码到任意目录,解压

    1
    2
    3
    4
    mkdir /root/mykernel
    cd /root/mykernel
    wget https://www.kernel.org/pub/linux/kernel/v3.0/linux-3.11.6.tar.gz
    tar xzvf linux-3.11.6.tar.gz
  3. 安装内核编译工具

    1
    apt-get update && apt-get install -y build-essential libncurses5-dev
  4. 复制Linode原来的内核编译配置文件到源码根目录,在CONFIG_TCP_CONG_CUBIC=y下面增加一行 CONFIG_TCP_CONG_HYBLA=y,再生成编译模块需要的内核

    1
    2
    3
    cd linux-3.11.6
    zcat /proc/config.gz > .config
    vi .config

    查找CONFIG_TCP_CONG_CUBIC=y,在下面增加一行 CONFIG_TCP_CONG_HYBLA=y,保存

    1
    make
  5. 耐心等待编译内核完成,单核编译大约需15分钟,完成后,进入模块所在的目录,编写Makefile

    1
    2
    3
    cd net/ipv4/
    mv Makefile Makefile.old
    vi Makefile

    以下是Makefle的内容,注意要把KDIR修改为你自己的源码路径,其他则照抄就可以了

    1
    2
    3
    4
    5
    6
     Makefile for tcp_hybla.ko
    obj-m := tcp_hybla.o
    KDIR := /root/mykernel/linux-3.11.6
    PWD := $(shell pwd)
    default:
    $(MAKE) -C $(KDIR) SUBDIRS=$(PWD) modules
  6. 进入源码根目录,编译模块

    1
    2
    cd /root/mykernel/linux-3.11.6/
    make modules
  7. 进入到模块所在目录,复制生成的 tcp_hybla.ko 到加载目录,测试加载模块

    1
    2
    3
    cd /root/mykernel/linux-3.11.6/net/ipv4
    cp tcp_hybla.ko /root/mykernel/
    cd /root/mykernel/

    加载前

    1
    2
    3
    sysctl net.ipv4.tcp_available_congestion_control
    net.ipv4.tcp_available_congestion_control = cubic reno
    insmod tcp_hybla.ko

    加载后

    1
    2
    sysctl net.ipv4.tcp_available_congestion_control
    net.ipv4.tcp_available_congestion_control = cubic reno hybla

    设置hybal为优先

    1
    sysctl net.ipv4.tcp_congestion_control=hybla
  8. 设置开机自动加载模块,把tcp_hybla.ko 复制到 /lib/modules/3.11.6-x86_64-linode35/kernel/net/ipv4

    1
    2
    3
    4
    5
    6
    cd /lib/modules/3.11.6-x86_64-linode35
    mkdir -p kernel/net/ipv4
    cd kernel/net/ipv4
    cp /root/mykernel/tcp_hybla.ko ./
    cd /lib/modules/3.11.6-x86_64-linode35
    depmod -a
  9. 修改/etc/sysctl.conf 开机自动设置hybal为优先

    1
    2
    vim /etc/sysctl.conf
    net.ipv4.tcp_congestion_control = hybla

    保存并退出该文件,然后使用以下指令使配置生效:

    1
    sysctl -p

参考链接:
Debian下shadowsocks-libev一键安装脚本

CentOS下shadowsocks-libev一键安装脚本

OpenVZ VPS搭建shadowsocks及优化

高流量大并发Linux TCP 性能调优

编译 Linode 内核模块小白教程,以 tcp_hybla 为例