[Dovecot] Parallel auth
Bernhard Schmidt
berni at birkenwald.de
Fri Jul 22 09:42:33 EEST 2011
Hello,
we run a Dovecot 2.0.13 instance purely as SASL backend for Postfix,
authenticating against a local passwd-file and our central LDAP
database.
# dovecot -n
# 2.0.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32.36-0.5-default x86_64 SUSE Linux Enterprise Server 11
# (x86_64)
auth_mechanisms = plain login
auth_verbose = yes
passdb {
args = /etc/dovecot/dovecot-passwd
driver = passwd-file
}
passdb {
args = /etc/dovecot/dovecot-ldap-simauth.conf.ext
driver = ldap
}
protocols = none
service auth {
unix_listener /var/spool/postfix-postout/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
ssl = no
There is only a single user in the passwd-file for monitoring. We
monitor authentication delays for both this local user and one user from
LDAP.
Due to a firmware bug, our six-figures NAS causes extremely high LDAP
delays (in the range of 20-60 seconds, instead of the usual 50ms) once
an hour. The weird thing is, I also see these delays in the graph for
the local user. Which got me thinking
* are authentication requests handled serially by dovecot/auth?
* any way to solve this situation for the local user (not to be blocked
by the delayed LDAP query)?
* any way to solve this situation for LDAP users? We could possibly do
some loadbalancing if the auth-daemon opened several LDAP connections
Thanks,
Bernhard
More information about the dovecot
mailing list