ok, i've found out that the directors are in the doveadm penalty list.
i believe adding the following solves the issue (still testing but looking promising. login_trusted_networks = 10.0.10.0/24
On Tue, Mar 19, 2019 at 2:19 PM Erik de Waard erikdewaard@gmail.com wrote:
Hi,
I've been running dovecot for many years, but now i've hit a strange problem. when retrieving imap there is sometimes in 1 of 4 imap requests a 4sec latency.
- notes:
- connected directly to the backends this latency disappears
- removing a director from the loadbalancer(lvs) so i'm the only connected to the director this latency disappears too
I would appreciate some feedback of where to look because i tried various options. (client_limit,process_limit) perhaps its just as simple as to add more directors but any feedback would be welcome.
Thank you.
This is the setup:
-- Internet -> LVS -> 3 Directors -> 9 Backends.
doveadm director status mail server ip tag vhosts state state changed users
10.0.10.110 100 up - 3309
10.0.10.111 100 up - 3412
10.0.10.112 100 up - 3458
10.0.10.113 100 up - 3437
10.0.10.115 100 up - 3368
10.0.10.116 100 up - 3320
10.0.10.117 100 up - 3305
10.0.10.118 100 up - 3291
10.0.10.223 100 up - 3280
#Director doveconf -n # Pigeonhole version 0.4.22 (22940fb7) # OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 # Hostname: server312.company.com auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 days auth_username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#" default_client_limit = 3000 director_mail_servers = 10.0.10.223 10.0.10.110 10.0.10.111 10.0.10.112 10.0.10.113 10.0.10.115 10.0.10.116 10.0.10.117 10.0.10.118 director_servers = 10.0.10.114 10.0.10.181 10.0.10.182 director_user_expire = 1 days disable_plaintext_auth = no info_log_path = /dev/null lmtp_proxy = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e encryption=%k secured=%c mail_max_userip_connections = 100 passdb { args = proxy=y nopassword=y driver = static } protocols = imap lmtp service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { client_limit = 6000 executable = imap-login director process_limit = 4 process_min_avail = 4 service_count = 0 vsz_limit = 600 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } } ssl_cert =
#backend doveconf -n # 2.2.34 (874deae): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.22 (22940fb7) # OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 # Hostname: server250.company.com auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 days auth_username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#" default_client_limit = 1500 default_vsz_limit = 600 M disable_plaintext_auth = no info_log_path = /dev/null listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " mail_max_userip_connections = 100 mail_privileged_group = mail mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve_execute_bin_dir = /etc/dovecot/sieve-executables sieve_global_extensions = +vnd.dovecot.execute sieve_plugins = sieve_extprograms } protocols = imap lmtp service anvil { unix_listener anvil-auth-penalty { mode = 0600 } } service auth { user = root } service imap-login { client_limit = 6000 process_limit = 4 process_min_avail = 4 service_count = 0 vsz_limit = 600 M } service imap { client_limit = 1 process_limit = 1024 service_count = 50 } service lmtp { inet_listener lmtp { port = 24 } } ssl = no ssl_cert =