On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote:
Uhg i'll pretend I didnt see that :)
We only use dovecot to provide sasl authentication to postfix smtp clients, using a separate password just for that purpose. Storing it in plaintext is the only way to support all authentication types.
I suspect the wording here is incorrect, its just a failover AFAIK, it only hits the first entry failing to second if no response.
Hmm, that would work for me, if it worked ;).
suggest, having just one master server, after all, dovecot and postfix just need to read, not alter/update/insert etc.
True; but the pieces that are altering/updating/inserting the data that postfix/dovecot need to read need redundancy as well :).
yep thats correct because it has " gone away" but it still uses the second host immediately, thats just dovecot trying to re-establish its link with primary
Based on my testing, it doesn't use the second host immediately, but only sporadically, with most of the authentications failing.
err postfix is not dovecot, you need to also add failover in postfix's sql lookup commands
postfix relies on dovecot for authentication, this postfix error message is the result of dovecot not successfully processing an authentication request. postfix itself handles mysql failure well, it both load balances queries across both servers and also continues to function when one isn't available.
(note: I talk of load balancer as in real hardware device, not as in pretend LB's as in software)
We actually have a hardware load balancer, and I've considered just sticking the mysql servers behind it. But everything else using them handles failover ok, and initially I'd rather get dovecot doing the same before changing the current architecture.
Thanks for the reply...
-- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson@csupomona.edu California State Polytechnic University | Pomona CA 91768