On Tue, 2011-04-12 at 09:15 +0000, Maria Arrea wrote:
Hello
We are using SLAMD (Distributed Load Generation Engine, www.slamd.com) to benchmark our dovecot server (ldap auth). We are simulating 2.000 simultaneous logins and 20% of them fail. We saw the following errors in the log:
Apr 12 09:40:07 buzon dovecot: auth: Error: ldap(correo,192.168.4.153): Request queue is full (oldest added 1 secs ago) Apr 12 09:40:07 buzon dovecot: auth: Error: ldap(correo,192.168.4.153): Request queue is full (oldest added 1 secs ago) Apr 12 09:40:07 buzon dovecot: auth: Error: ldap(correo,192.168.4.153): Request queue is full (oldest added 1 secs ago)
Hmm. This is a hard coded limit. I didn't really think people wanted >1k logins per second.. In src/auth/db-ldap.h:
/* Maximum number of requests in queue. After this new requests are dropped. */ #define DB_LDAP_MAX_QUEUE_SIZE 1024
Maybe that limit should be dynamic. Like only >30sec old requests actually get dropped when the limit gets over 1k.
We increased auth_worker_max_count from 350 to 3500 (10x increase). Now we see the following errors (still 20% of logins fail):
LDAP doesn't use auth workers, so that change shouldn't have affected anything.