Using Linux IPVS with direct return is an excellent way to load balance
SMTP with the advantage that the source address is not lost. I believe
this is the "one arm load balancer".
The other advantage of a load balancer is that the traffic level can be
controlled per server and servers added/removed very quickly.
DNS based load balancing i have found to be unsatisfactory as it does
not provide any such control. Additionally, with dns load balancing the
individual servers are still "exposed" and can be targeted by IP
address. Servers with a load balancer share the load of all traffic
always.
In terms of storage though since you are using lmtp to send through to
dovecot, its more of a dovecot question as the MTA isnt involved.
For large mail systems i have been involved with in the past, we were
using netapp NFS appliances in HA. This was very satisfactory with the
nfs settings tuned appropriately at both ends and lots of sharding.
I couldnt speak to freenas functionality, but on linux an active/passive
nfs ha can be configured with drbd and related tools.
Dovecot also has a rados object storage plugin, so you could look at
native ceph for storage.
The nice people at the Cyrus imap project have a nice document with lots
of thoughts about mail storage
https://www.cyrusimap.org/imap/concepts/deployment/storage.html
My 2c
Dean
On 2020-03-11 09:52, Robert Blayzor via Exim-users wrote:
On 3/10/20 6:32 PM, Jeremy Harris via Exim-users wrote:
I'd go for the former, assuming you're not constrained by lack of IPs.
Load-balancers are just a pointless complexity addition.
I would agree to a point. For maybe up to (4) MX servers this might be
ok. But if you have many more than that, load balancer might be a
necessary evil.
I'm not a big fan of full proxy load balancers, especially with this
type of traffic. I would prefer a "one arm" load balancer, but
unfortunately I don't know of any FOSS load balancers. Everything seems
to be full proxy based. There is one that I know of; "pen", but that
seems to be not actively developed...
Using a one arm load balancer would negate needing any proxy protocol
nonsense to preserve the client IP addresses..
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://pgp.inoc.net/rblayzor/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
