No, we don't have the noticeable iowait problem as I see it(at least until the number of connections lower 20-30K). The problem appears when thousands of clients try to reconnect at the same time and according to the documentation the auth service should make a simple request to postgres for this. This should not be related to i\o in theory. Just a sql query.
I don't really get this authentication attempts is limitted by tcp not? So
it does not really matter what you have mariadb, ldap, http, you awalys are limited to 150-200 r/s.
Can you explain? We also have SMTP connections and postfix on the same servers, but problems arise only at the stage of connecting to IMAP via postgres. How can this be related to tcp limits?
Additionally, I would like to note that we can have hundreds of connections from one IP. Could this lead to a race condition with the anvil service and an increase in connection timeouts?
On Mon, Feb 3, 2025 at 12:51 PM Marc <Marc@f1-outsourcing.eu> wrote:
Current performance is about 3000 successful authentications per hour. No
I don't really get this authentication attempts is limitted by tcp not? So it does not really matter what you have mariadb, ldap, http, you awalys are limited to 150-200 r/s. Once you have a connection, you can go easily to something like >9000 r/s.
If I divide your 3000 auths/h by 3600, you are at 1 r/s????. Maybe you have a lot of iowaits because of some recovery?