Thank you, I will try the caching.
Dave
Quoting Timo Sirainen tss@iki.fi:
On Wed, 2008-10-08 at 10:48 -0400, David Cunningham wrote:
I agree. In fact, I may have found a DNS issue that may have been causing login sessions to hang and thus reach max too quickly. The last few hours have been stable. So, I am keeping my fingers crossed.
I have also recompiled dovecot and changed the setting in db-ldap.h that reads:
#define DB_LDAP_MAX_QUEUE_SIZE 1024
to
#define DB_LDAP_MAX_QUEUE_SIZE 8192
If you're getting more than 1024 requests queued, something's wrong or you have hundreds or logins per second. Which one is it? (5000 users logging in once per minute is still only 83/sec)
The queue keeps increasing if the LDAP server isn't replying to old requests. So have you looked at the LDAP server side if it's running too slow?
Anyway two things you could do here:
Enable auth cache with large enough size so Dovecot doesn't consult LDAP server nearly as much.
Increase the number of auth processes (auth { .. count=5 }), so that you'll use more connections and hopefully the LDAP server likes that better than one connection sending lots of requests. Or maybe not.