If you’re running a high-traffic server or working with applications that open many network connections—like a proxy, load balancer, or web crawler—Linux’s default TCP/IP limits can get in your way. This guide walks you through how to raise those limits so your system can handle more simultaneous connections.

Why Increase TCP/IP Connections?

Linux sets conservative defaults to avoid overwhelming the system. But for servers or apps needing high concurrency, these limits become bottlenecks. Increasing them can help:

• Avoid dropped or refused connections
• Improve performance under heavy loads
• Support more clients without scaling horizontally

Key Limits to Adjust

Several kernel and system-level settings affect how many TCP/IP connections your Linux system can handle. Here’s how to raise the important ones.

1. Increase File Descriptors

Each network socket uses a file descriptor. Linux limits how many file descriptors each process and the system can use.

Check current limits:

ulimit -n

Raise the limit temporarily:

ulimit -n 100000

Make it permanent:

Edit /etc/security/limits.conf and add:

* soft nofile 100000
* hard nofile 100000

For systemd-based systems, create or edit /etc/systemd/system/your-service.service.d/override.conf:

[Service]
LimitNOFILE=100000

2. Tune Kernel Parameters

Modify sysctl settings to allow more connections.

Edit /etc/sysctl.conf or use sysctl -w temporarily:

net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_tw_buckets = 2000000

Then apply changes:

sysctl -p

What these do:

• somaxconn: Max length of the listen queue for incoming connections
• tcp_max_syn_backlog: Max queued connection requests (SYN)
• ip_local_port_range: Range of ports available for outbound connections
• tcp_fin_timeout: How long sockets stay in FIN_WAIT2 state
• tcp_tw_reuse: Allow reuse of TIME_WAIT sockets
• tcp_max_tw_buckets: Max number of TIME_WAIT sockets to track

3. Connection Tracking (if using iptables/netfilter)

Systems with NAT or firewall rules may also hit conntrack limits.

Check current usage:

cat /proc/sys/net/netfilter/nf_conntrack_max

Increase limit:

sysctl -w net.netfilter.nf_conntrack_max=1048576

To make it permanent, add to /etc/sysctl.conf:

net.netfilter.nf_conntrack_max = 1048576

4. Monitor Connections

Keep an eye on the number of connections with:

ss -s

netstat -an | grep ESTABLISHED | wc -l

Or use tools like htop, nload, or iftop to monitor network load in real-time.

Final Tips

• Avoid blindly maxing out everything. Tune based on traffic patterns and available resources (CPU, RAM).
• Restart services or reboot after config changes, especially if using systemd.
• Use load testing tools (like wrk, ab, or hey) to validate improvements.

Wrapping Up

Increasing TCP/IP connection limits on Linux isn’t difficult—but it’s essential for high-load network applications. With some sysctl tweaks and file descriptor adjustments, you can unlock much higher throughput and reliability from your servers.