[Dovecot] LDAP auth load? (looking for advice)
tengel at fluid.com
Sat Feb 17 16:51:00 UTC 2007
One of the changes my beta testers are testing is switching from NIS to
LDAP for login/auth/homedir lookups; all is working perfectly, Dovecot +
PAM/nss_ldap is A-OK. No issues here, we've been using LDAP lookups on
other servers for years.
I'm wondering about load, specifically if when I switch the entire
company over, will the new authentication load stress my LDAP server to
the point of breaking.
A) Does anyone here have some numbers or experience in this switch that
could lend some real-world advice? We're talking maybe... 50 people with
large (numerically, not gig-age) mailboxes, and ThunderBird seems to
open 4-5 connections per client based on the logs.
B) Would anyone advise that I run a slapd slave directly on the main
Dovecot server to alleviate load? Is this overkill and I shouldn't worry
Mainly what has me concerned is that on the Dovecot machine, I'm getting
a number of entries in the messages that look like:
dovecot-auth: nss_ldap: reconnecting to LDAP server...
dovecot-auth: nss_ldap: reconnected to LDAP server after 1 attempt(s)
No failures ever, it all just works. But still this tickles my brain
that maybe it'll need more robustness come production time.
Thanks for your feedback,
Troy Engel | Systems Engineer
Fluid Inc. | http://www.fluid.com
More information about the dovecot