TCP replication: high connection rate and looping in incomplete state
tok
tok at redux1.net
Sat Jun 16 22:09:15 EEST 2018
Hi,
I am trying to establish TCP(s)-based replication between two FreeBSD 11.1 machines, both running Dovecot 2.2.35 (via pkg) with 10 virtual users and 1.2GB maildir. I followed the Wiki description (https://wiki2.dovecot.org/Replication), just skipped the SSH part. My resulting configurations are attached below.
Problem: After reloading both Dovecot instances, a few seconds later they start to initiate connections in an absurdly high rate (30-50 new connections during 10 secs, closing old ones after 2-3 secs) and even after 1 hour they do not „calm down". E-mails are copied, but judging by size and file count, not completely (approx. 1GB and maybe 90% of files are getting synced). What is going on here?
On the destination host (with empty storage before replication) I see "incremental - Waiting for dsync to finish“ in dsync-status, constantly flipping between handshake and waiting, for solely 4 out of 10 accounts. Replicator status says 0 requests and 10 total users.
On the source host, replicator status says 4 queued full resyncs, 3 waiting failed and 10 total users.
I already tried both tcps and tcp; activating debug log did not reveal any errors (e.g. SSL). Would be happy for any advice to track this down.
Best regards,
tok
Config source host:
-----
# 2.2.35 (b1cb664): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.23 (b2e41927)
# OS: FreeBSD 11.1-RELEASE-p10 amd64 zfs
# Hostname: srv1.TLD
auth_mechanisms = plain login
doveadm_password = # hidden, use -P to show it
doveadm_port = 12345
lmtp_save_to_detail_mailbox = yes
login_trusted_networks = 172.16.1.110/32
mail_location = maildir:/srv/mail/vhosts/%d/%n
mail_plugins = quota mailbox_alias notify replication
namespace inbox {
[…]
}
passdb {
args = scheme=CRYPT username_format=%u /usr/local/etc/dovecot/users
driver = passwd-file
}
plugin {
mail_replica = tcps:srv2.TLD:12345
quota = maildir:User quota
quota_grace = 10%%
quota_max_mail_size = 50M
quota_rule = *:storage=1G
quota_rule2 = Trash:storage=+10%%
quota_rule3 = Junk:storage=+20%%
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is over quota / full
quota_status_success = DUNNO
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
quota_warning3 = -storage=100%% quota-warning below %u
[...]
}
postmaster_address = postmaster at TLD
quota_full_tempfail = yes
service aggregator {
fifo_listener replication-notify-fifo {
mode = 0666
user = vmail
}
unix_listener replication-notify {
mode = 0666
user = vmail
}
}
service auth-worker {
user = $default_internal_user
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service config {
unix_listener config {
user = vmail
}
}
service doveadm {
inet_listener {
port = 12345
ssl = yes
}
}
service imap-login {
process_min_avail = 1
service_count = 1
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service pop3-login {
process_min_avail = 1
service_count = 1
}
service quota-status {
client_limit = 1
executable = quota-status -p postfix
inet_listener {
address = 127.0.0.1
port = 12340
}
}
service quota-warning {
executable = script /usr/local/bin/dovecot-quota-warning.sh
user = vmail
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
group = vmail
mode = 0666
}
}
ssl_cert = </usr/local/etc/ssl/acme.sh/srv1.TLD/fullchain.pem
ssl_client_ca_file = /etc/ssl/cert.pem
userdb {
args = username_format=%u /usr/local/etc/dovecot/users
driver = passwd-file
}
protocol lmtp {
mail_plugins = quota mailbox_alias notify replication quota sieve
}
protocol lda {
mail_plugins = quota mailbox_alias notify replication sieve
}
protocol imap {
mail_plugins = quota mailbox_alias notify replication imap_quota imap_sieve
}
-----
Diff config of destination host:
-----
4c4
< # Hostname: srv2.TLD
---
> # Hostname: srv1.TLD
9a10
> login_trusted_networks = 172.16.1.110/32
60c61
< mail_replica = tcps:srv1.TLD:12345
---
> mail_replica = tcps:srv2.TLD:12345
156c157
< ssl_cert = </usr/local/etc/ssl/acme.sh/srv1.TLD/fullchain.pem
---
> ssl_cert = </usr/local/etc/ssl/acme.sh/srv1.TLD/fullchain.pem
-----
More information about the dovecot
mailing list