How to install

Docker Compose

Install (Upload the configuration file to /etc/hollow/config.toml)

bash <(wget --no-check-certificate -qO- 'https://fastly.jsdelivr.net/gh/dler-io/Hollow@main/hollow.sh')

Install ( Upload the configuration file to private OSS or network drive)

bash <(wget --no-check-certificate -qO- 'https://fastly.jsdelivr.net/gh/dler-io/Hollow@main/hollow.sh') http://oss.io/config.toml

Update (pull the latest image)

bash <(wget --no-check-certificate -qO- 'https://fastly.jsdelivr.net/gh/dler-io/Hollow@main/hollow.sh') update

remove

bash <(wget --no-check-certificate -qO- 'https://fastly.jsdelivr.net/gh/dler-io/Hollow@main/hollow.sh') remove

Executable file

Install (Upload the configuration file to /etc/hollow/config.toml)

mkdir /etc/hollow
curl --connect-timeout 10 -fsSL https://hollow.dler.io/hollow || curl -fsSL https://fastly.jsdelivr.net/gh/dler-io/Hollow@main/hollow -o /usr/bin/hollow
chmod +x /usr/bin/hollow

cat >/etc/systemd/journald.conf <<EOF
[Journal]
SystemMaxUse=384M
SystemMaxFileSize=128M
ForwardToSyslog=no
EOF

cat >/etc/systemd/system/hollow.service <<EOF
[Unit]
Description=hollow
After=network.target

[Service]
Type=simple
LimitCPU=infinity
LimitFSIZE=infinity
LimitDATA=infinity
LimitSTACK=infinity
LimitCORE=infinity
LimitRSS=infinity
LimitNOFILE=infinity
LimitAS=infinity
LimitNPROC=infinity
LimitMEMLOCK=infinity
LimitLOCKS=infinity
LimitSIGPENDING=infinity
LimitMSGQUEUE=infinity
LimitRTPRIO=infinity
LimitRTTIME=infinity
ExecStart=/usr/bin/hollow -f /etc/hollow/config.toml
Restart=always
RestartSec=4

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload

remove

apt install psmisc -y
rm -rf /etc/systemd/system/multi-user.target.wants/hollow.service
rm -rf /etc/systemd/system/hollow.service
rm -rf /usr/bin/hollow
rm -rf /etc/hollow
systemctl daemon-reload
killall hollow

Other

程序路径:/usr/bin/hollow
配置文件:/etc/holloe/config.toml
服务配置:/etc/systemd/system/hollow.service
--------------------------------------------------
启动命令:systemctl start hollow
停止命令:systemctl stop hollow
重启命令:systemctl restart hollow
开启自启:systemctl enable hollow
关闭自启:systemctl disable hollow
查看状态:systemctl status hollow

Optimize (recommend)

ulimit -n 1048576

chattr -i /etc/sysctl.conf
cat > /etc/sysctl.conf << EOF
# Memory usage
# https://blog.cloudflare.com/the-story-of-one-latency-spike/
# https://cloud.google.com/architecture/tcp-optimization-for-network-performance-in-gcp-and-hybrid/
# https://zhensheng.im/2021/01/31/linux-wmem-and-rmem-adjustments.meow
# https://github.com/redhat-performance/tuned/blob/master/profiles/network-throughput/tuned.conf
# ReceiveBuffer: X - (X / (2 ^ tcp_adv_win_scale)) = RTT * Bandwidth / 8
# SendBuffer: RTT * Bandwidth / 8 * 0.7
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_syn_backlog = 8192
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.ipv4.tcp_rmem = 4096 87380 33554432
net.ipv4.tcp_wmem = 4096 65536 33554432
net.ipv4.udp_rmem_min = 16384
net.ipv4.udp_wmem_min = 16384

# Layer 2
# No Proxy ARP, obviously
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.proxy_arp = 0
# Do not reply ARP requests if the target IP address is not configured on the incoming interface
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.all.arp_ignore = 1
# When sending ARP requests, use the best IP address configured on the outgoing interface
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
# Enable gratuitous arp requests
net.ipv4.conf.default.arp_notify = 1
net.ipv4.conf.all.arp_notify = 1

# IPv4 routing
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.all.send_redirects = 0
# Enable when there are 1-2K hosts
#net.ipv4.neigh.default.gc_thresh1 = 2048
#net.ipv4.neigh.default.gc_thresh2 = 4096
#net.ipv4.neigh.default.gc_thresh3 = 8192

# IPv6 routing
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
# Enable when there are 1-2K hosts
#net.ipv6.neigh.default.gc_thresh1 = 4096
#net.ipv6.neigh.default.gc_thresh2 = 8192
#net.ipv6.neigh.default.gc_thresh3 = 16384

# PMTUD
# https://blog.cloudflare.com/path-mtu-discovery-in-practice/
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_base_mss = 1024

# MPLS & L3VPN support
# https://web.archive.org/web/20210301222346/https://cumulusnetworks.com/blog/vrf-for-linux/
# net.mpls.ip_ttl_propagate = 1
# net.mpls.default_ttl = 255
# net.mpls.platform_labels = 1048575
net.ipv4.tcp_l3mdev_accept = 0
net.ipv4.udp_l3mdev_accept = 0
net.ipv4.raw_l3mdev_accept = 0
# net.mpls.conf.lo.input = 1

# ICMP
net.ipv4.icmp_errors_use_inbound_ifaddr = 1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0

# TCP connection accepting
# https://serverfault.com/questions/518862/will-increasing-net-core-somaxconn-make-a-difference
net.core.somaxconn = 8192
net.ipv4.tcp_abort_on_overflow = 0

# TCP connection recycling
# https://dropbox.tech/infrastructure/optimizing-web-servers-for-high-throughput-and-low-latency
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_max_tw_buckets = 4096

# TCP congestion control
# https://blog.cloudflare.com/http-2-prioritization-with-nginx/
net.core.default_qdisc = fq_codel
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_notsent_lowat = 16384
net.ipv4.tcp_window_scaling = 1

# TCP keepalive
net.ipv4.tcp_keepalive_time = 120
net.ipv4.tcp_keepalive_intvl = 60
net.ipv4.tcp_keepalive_probes = 3

# TCP auxiliary
# https://dropbox.tech/infrastructure/optimizing-web-servers-for-high-throughput-and-low-latency
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_syncookies = 0
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_adv_win_scale = 1

# ECN
net.ipv4.tcp_ecn = 0
net.ipv4.tcp_ecn_fallback = 1

# ECMP hashing
# https://web.archive.org/web/20210204031636/https://cumulusnetworks.com/blog/celebrating-ecmp-part-two/
net.ipv4.fib_multipath_hash_policy = 1
net.ipv4.fib_multipath_use_neigh = 1

# GRE keepalive
# https://blog.artech.se/2016/01/10/4/
net.ipv4.conf.default.accept_local = 1
net.ipv4.conf.all.accept_local = 1

# IGMP
# https://phabricator.vyos.net/T863
net.ipv4.igmp_max_memberships = 512

# IPv6 route table size bug fix
# https://web.archive.org/web/20200516030405/https://lists.nat.moe/pipermail/transit-service/2020-May/000000.html
net.ipv6.route.max_size = 2147483647

# Prefer different parity for ip_local_port_range start and end value
net.ipv4.ip_local_port_range = 10000 65535
net.ipv4.ip_local_reserved_ports = 8443
# 👆 建议自行修改需要占用或使用的端口

# Maximum number of open files
fs.file-max = 1048576

# Avoid the use of swap spaces where possible
vm.swappiness = 0
EOF

cat > /etc/security/limits.conf << EOF
* soft nofile 1048576
* hard nofile 1048576
* soft nproc 1048576
* hard nproc 1048576
root soft nofile 1048576
root hard nofile 1048576
root soft nproc 1048576
root hard nproc 1048576
EOF

sysctl -p
PreviousHow to configureNextExpenses

Last updated