[Dovecot] Auth Issues - Urgent - Help!
Timo Sirainen
tss at iki.fi
Wed Oct 8 22:17:23 EEST 2008
On Wed, 2008-10-08 at 10:48 -0400, David Cunningham wrote:
> I agree. In fact, I may have found a DNS issue that may have been
> causing login sessions to hang and thus reach max too quickly. The
> last few hours have been stable. So, I am keeping my fingers crossed.
>
> I have also recompiled dovecot and changed the setting in db-ldap.h
> that reads:
>
> #define DB_LDAP_MAX_QUEUE_SIZE 1024
>
> to
>
> #define DB_LDAP_MAX_QUEUE_SIZE 8192
If you're getting more than 1024 requests queued, something's wrong or
you have hundreds or logins per second. Which one is it? (5000 users
logging in once per minute is still only 83/sec)
The queue keeps increasing if the LDAP server isn't replying to old
requests. So have you looked at the LDAP server side if it's running too
slow?
Anyway two things you could do here:
1) Enable auth cache with large enough size so Dovecot doesn't consult
LDAP server nearly as much.
2) Increase the number of auth processes (auth { .. count=5 }), so that
you'll use more connections and hopefully the LDAP server likes that
better than one connection sending lots of requests. Or maybe not.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20081008/1b81dd48/attachment.bin
More information about the dovecot
mailing list