I'm encountering connection issues to Dovecot when reuse_port is activated. Some of the connections work fine, but about every 3rd of them does not receive the banner after the TCP connection has established:
# nc -v 10.6.7.133 143
Connection to 10.6.7.133 143 port [tcp/imap2] succeeded!
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Hello.
^C
# nc -v 10.6.7.133 143
Connection to 10.6.7.133 143 port [tcp/imap2] succeeded!
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Hello.
^C
# nc -v 10.6.7.133 143
Connection to 10.6.7.133 143 port [tcp/imap2] succeeded!
^C
The relevant processes listening on this port:
# netstat -nap|grep 143
tcp 0 0
0.0.0.0:143 0.0.0.0:* LISTEN 15110/dovecot/imap-
tcp 0 0
0.0.0.0:143 0.0.0.0:* LISTEN 15103/dovecot/imap-
tcp 5 0
0.0.0.0:143 0.0.0.0:* LISTEN 15100/dovecot
After removing the reuse_port = yes configuration directive there is only one single process listening (and the service is running without any issues):
# netstat -nap|grep 143
tcp 0 0
0.0.0.0:143 0.0.0.0:* LISTEN 15292/dovecot
The test config was Linux 4.9.0-4-amd64 on debian-stretch and dovecot-2.2.36.4 (compiled by me) running on a VM with 1 CPU core. If that matters, dovecot was started in a docker container but using the hosts's network namespace.
What am I missing?
Thanks,
Imre