接之前帖子:
https://www.nodeseek.com/post-443759-1
存在许多优化的空间,所以让GPT5迭代了一个新的TCP调优脚本:

#!/usr/bin/env bashset -euo pipefail# 要求 rootif [ "${EUID:-$(id -u)}" -ne 0 ]; then  echo "Please run as root." >&2  exit 1fi# 尝试加载 BBR(若为内置则无影响)if command -v modprobe >/dev/null 2>&1; then  modprobe tcp_bbr 2>/dev/null || truefi# 计算默认 IPv4 出口网卡(无则为空)iface="$(ip -o -4 route show to default 2>/dev/null | awk '{print $5}' | head -1 || true)"# 直接写入最终配置(加载顺序靠后,覆盖其它值)# 注意:不依赖任何外部脚本或临时文件cat >/etc/sysctl.d/999-net-bbr-fq.conf <<'EOF'# Network TCP tuning for ~75ms RTT, 1GB RAM, 1Gbps# Load-last override; safe on Ubuntu 22/24 and Debian 11/12/13+# BBR + pacing(fq)net.core.default_qdisc = fqnet.ipv4.tcp_congestion_control = bbr# 健壮性与首包/恢复net.ipv4.tcp_mtu_probing = 1net.ipv4.tcp_fastopen = 3net.ipv4.tcp_slow_start_after_idle = 0net.ipv4.tcp_timestamps = 1net.ipv4.tcp_sack = 1net.ipv4.tcp_moderate_rcvbuf = 1# ECN 协商允许(遇到不兼容中间盒会回退)net.ipv4.tcp_ecn = 1# 缓冲上限(16MB),默认值适度抬高以适配 ~9.4MB BDP(1Gbps×75ms)net.core.rmem_max = 16777216net.core.wmem_max = 16777216net.ipv4.tcp_rmem = 4096 131072 16777216net.ipv4.tcp_wmem = 4096 262144 16777216# 更安全的 TIME-WAIT 处理net.ipv4.tcp_rfc1337 = 1# rpf 宽松,避免多宿主/隧道被误杀(常见服务器建议)net.ipv4.conf.all.rp_filter = 0net.ipv4.conf.default.rp_filter = 0EOF# 设定权限(与发行版默认一致)chmod 0644 /etc/sysctl.d/999-net-bbr-fq.conf# 应用配置sysctl --system >/dev/null# 如有 tc 与默认网卡,则立即切换该网卡的根队列到 fqif command -v tc >/dev/null 2>&1 && [ -n "${iface:-}" ]; then  tc qdisc replace dev "$iface" root fq 2>/dev/null || truefi# 校验输出(仅回显关键值)echo "---- VERIFY ----"sysctl net.ipv4.tcp_congestion_controlsysctl net.core.default_qdiscsysctl net.core.rmem_max net.core.wmem_maxsysctl net.ipv4.tcp_rmem net.ipv4.tcp_wmemsysctl net.ipv4.tcp_mtu_probing net.ipv4.tcp_fastopensysctl net.ipv4.tcp_ecn net.ipv4.tcp_sack net.ipv4.tcp_timestampssysctl net.ipv4.tcp_rfc1337if command -v tc >/dev/null 2>&1 && [ -n "${iface:-}" ]; then  echo "qdisc on $iface:"  tc qdisc show dev "$iface" || truefiecho "--------------"