ok, i've found out that the directors are in the doveadm penalty list. i believe adding the following solves the issue (still testing but looking promising. login_trusted_networks = 10.0.10.0/24
On Tue, Mar 19, 2019 at 2:19 PM Erik de Waard <erikdewa...@gmail.com> wrote: > Hi, > > I've been running dovecot for many years, but now i've hit a strange > problem. > when retrieving imap there is sometimes in 1 of 4 imap requests a 4sec > latency. > > * notes: > - connected directly to the backends this latency disappears > - removing a director from the loadbalancer(lvs) so i'm the only connected > to the director > this latency disappears too > > I would appreciate some feedback of where to look because i tried various > options. (client_limit,process_limit) perhaps its just as simple as to add > more directors > but any feedback would be welcome. > > Thank you. > > This is the setup: > > -- Internet -> LVS -> 3 Directors -> 9 Backends. > > doveadm director status > mail server ip tag vhosts state state changed users > > 10.0.10.110 100 up - 3309 > > 10.0.10.111 100 up - 3412 > > 10.0.10.112 100 up - 3458 > > 10.0.10.113 100 up - 3437 > > 10.0.10.115 100 up - 3368 > > 10.0.10.116 100 up - 3320 > > 10.0.10.117 100 up - 3305 > > 10.0.10.118 100 up - 3291 > > 10.0.10.223 100 up - 3280 > > #Director doveconf -n > # Pigeonhole version 0.4.22 (22940fb7) > # OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 > # Hostname: server312.company.com > auth_cache_negative_ttl = 0 > auth_cache_size = 10 M > auth_cache_ttl = 1 days > auth_username_chars = > "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#" > default_client_limit = 3000 > director_mail_servers = 10.0.10.223 10.0.10.110 10.0.10.111 10.0.10.112 > 10.0.10.113 10.0.10.115 10.0.10.116 10.0.10.117 10.0.10.118 > director_servers = 10.0.10.114 10.0.10.181 10.0.10.182 > director_user_expire = 1 days > disable_plaintext_auth = no > info_log_path = /dev/null > lmtp_proxy = yes > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e > encryption=%k secured=%c > mail_max_userip_connections = 100 > passdb { > args = proxy=y nopassword=y > driver = static > } > protocols = imap lmtp > service director { > fifo_listener login/proxy-notify { > mode = 0600 > user = $default_login_user > } > inet_listener { > port = 9090 > } > unix_listener director-userdb { > mode = 0600 > } > unix_listener login/director { > mode = 0666 > } > } > service imap-login { > client_limit = 6000 > executable = imap-login director > process_limit = 4 > process_min_avail = 4 > service_count = 0 > vsz_limit = 600 M > } > service ipc { > unix_listener ipc { > user = dovecot > } > } > service lmtp { > inet_listener lmtp { > port = 24 > } > } > ssl_cert = </etc/ssl-certificates/MDC_company_com.crt > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!RC4:!SEED@STRENGTH > ssl_key = # hidden, use -P to show it > ssl_prefer_server_ciphers = yes > protocol lmtp { > auth_socket_path = director-userdb > } > > > #backend doveconf -n > # 2.2.34 (874deae): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.22 (22940fb7) > # OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 > # Hostname: server250.company.com > auth_cache_negative_ttl = 0 > auth_cache_size = 10 M > auth_cache_ttl = 1 days > auth_username_chars = > "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#" > default_client_limit = 1500 > default_vsz_limit = 600 M > disable_plaintext_auth = no > info_log_path = /dev/null > listen = * > log_timestamp = "%Y-%m-%d %H:%M:%S " > mail_max_userip_connections = 100 > mail_privileged_group = mail > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = INBOX. > separator = . > type = private > } > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > plugin { > sieve_execute_bin_dir = /etc/dovecot/sieve-executables > sieve_global_extensions = +vnd.dovecot.execute > sieve_plugins = sieve_extprograms > } > protocols = imap lmtp > service anvil { > unix_listener anvil-auth-penalty { > mode = 0600 > } > } > service auth { > user = root > } > service imap-login { > client_limit = 6000 > process_limit = 4 > process_min_avail = 4 > service_count = 0 > vsz_limit = 600 M > } > service imap { > client_limit = 1 > process_limit = 1024 > service_count = 50 > } > service lmtp { > inet_listener lmtp { > port = 24 > } > } > ssl = no > ssl_cert = </etc/dovecot/dovecot.crt > ssl_key = # hidden, use -P to show it > userdb { > driver = prefetch > } > userdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = " sieve" > plugin { > sieve = ~/filters.sieve > sieve_after = /etc/dovecot/sieve/after.sieve > sieve_before = /etc/dovecot/sieve/before.sieve > } > userdb { > args = /etc/dovecot/dovecot-sql-lmtp.conf > driver = sql > name = > } > } > >