I am still chasing this pop3 problem. I have now tried PLAIN+TLS for proxy authentication. I see the same issue of pop3 proxy being slow. With more investigation I see that I can open alot of connections on the frontend server but they don't see to get passed to the backend. I have tried starting master with a -l 1024 and in my cyrus.conf I have preforked 50 pop3d and maxchild=-1. Nothing seems to make the connection counts greater. Could I be hitting some max connection per IP limit that I can't see when I connect directly to the backend?
I still think this is network related. Is it possible that DNS is slow? Can you strace/truss the process to see what it is doing? What happens if you use pop3test against the proxy, specifying the number of logins with the -n option.
----- Original Message ----- From: "Michael J Farina" <[EMAIL PROTECTED]>
To: "Ken Murchison" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, March 12, 2004 1:13 PM
Subject: Re: pop3d proxy
It seems that the delay is in the connection. I have played with the
backlog
queue, the max child, and prefork settings without being able to make it
any
faster. I am logging in a doing a list command. The mailboxes are all
empty
so I am not thinking that once the connection is authed it is slow. It is just getting the frontend to open enough connections to the backend. I
can't
seem to nail down what the problem is. If I connect the stress test to the backend it is very fast less than a second a connection. If I can provide anymore info let me know. I am looking to have over 150,000 boxes they are all pop now but I want to offer IMAP.
--Mike
----- Original Message ----- From: "Ken Murchison" <[EMAIL PROTECTED]>
To: "Michael J Farina" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, March 12, 2004 9:54 AM
Subject: Re: pop3d proxy
Michael J Farina wrote:
Ken,
Is there a way to do PLAIN from the frontends to the backends? The servers I am testing are on a isolated network no network traffic
other
than
the mail servers. Any help would be appreciated. sasl_maximum_layer:0
didn't
seem to change the pop3 proxy timing. The server are also dual 1.4s
with
2
gigs of ram if that helps at all.
You can do PLAIN, but the frontends will also need to use TLS, since PLAIN won't be advertised by the backends unless a security layer is in place.
Are you saying that there is a delay for every command, or for every login? Is your stress test only doing one command per login?
----- Original Message ----- From: "Ken Murchison" <[EMAIL PROTECTED]>
To: "Michael J Farina" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, March 11, 2004 4:58 PM
Subject: Re: pop3d proxy
Michael J Farina wrote:
I am setting up a cyrus imap murder for a large number of accounts.
In
my
stress testing I have noticed that the pop3 proxy has quite a delay.
When I
connect directly to a backend I can check mail at a very fast rate
about
.5
secs a mailbox. When I connect to the proxy the wait time increases a
ton to
about 5 secs. I am thinking I must have a configuration problem. I
will
include my imapd.conf and my cyrus.conf I am using cyrus 2.2.3.
Once you authenticate and the mailbox is opened on the backend, the proxy just acts as a bitpipe between the client and backend, so there should be very little overhead.
You *might* be seeing a slowdown because the frontend is
authenticating
to the backend using DIGEST-MD5 with a security layer or TLS+PLAIN.
In
either case you have encrypt/decrypt overhead.
If using DIGEST-MD5, you could try setting sasl_maximum_layer:0 on the backend, which will prevent the security layer from being negotiated.
Otherwise, the only other delay that I could think of would be network related.
Frontend cyrus.conf
START { mboxlist cmd="ctl_cyrusdb -r" }
# UNIX sockets start with a slash and are put into /var/imap/sockets SERVICES { # mupdate database service - must prefork atleast 1 mupdate cmd="/usr/cyrus/bin/mupdate -m" listen=3905 prefork=1
# add or remove based on preferences imap cmd="proxyd" listen="imap" prefork=5 pop3 cmd="pop3proxyd" listen="pop3" prefork=5 maxchild=-1 sieve cmd="timsieved" listen="sieve" prefork=0
lmtp cmd="lmtpproxyd" listen="/var/imap/socket/lmtp"
prefork=0
}
EVENTS { checkpoint cmd="ctl_cyrusdb -c" period=5 }
Frontend imapd.conf
configdirectory: /var/imap partition-default: /tmp admins: cyrus sasl_pwcheck_method: saslauthd allowplaintext: 1 mupdate_admin: murder mupdate_server: frontend mupdate_password: murder pass proxy_authname: proxy proxy_password: proxy pass unixhierarchysep: 1 sasl_mech_list: PLAIN
Backend cyrus.conf
START { recover cmd="ctl_cyrusdb -r" mupdatepush cmd="ctl_mboxlist -m" }
# UNIX sockets start with a slash and are put into /var/imap/sockets SERVICES { # add or remove based on preferences imap cmd="imapd" listen="imap" prefork=5 pop3 cmd="pop3d" listen="pop3" prefork=0 maxchild=-1
# at least one LMTP is required for delivery lmtp cmd="lmtpd" listen="lmtp" prefork=2
} EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period=5 }
Backend imapd.conf
configdirectory: /var/imap partition-default: /var/spool/imap admins: cyrus mupdate_server: frontend mupdate_authname: murder mupdate_password: murder pass
allowplaintext: yes sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN DIGEST-MD5 proxyservers: proxy unixhierarchysep: 1 defaultacl: anyone rsd
--- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
--- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html