Przemyslaw Wegrzyn wrote:
> Of course I understand that replicating is a part of protocol
> specifiaction. I'd like to know how OpenLDAP conforms to it, how it
> performs.
Best way to see this is to try it out - set up a test system, stick a
bunch of made up data in it, and see how well it works.
> The difference is that it uses getpwname/getpwuid libc functions (which in
> turn are redirected to the underlying NSS modules), insted of connecting
> to LDAP directly.
> Right ?
The NSS module is likely to query for and return a whole bunch of
useless information that is not needed for email delivery, like the
userid, group membership, etc etc. All qmail-ldap cares about is if mail
is local, and if it is local, where must it put it. This can be achieved
with a single LDAP search query.
> Right. Currently I'm running web server with my custom PAM/NSS modules
> using postgres as its source.
There are LDAP modules for Apache too (I assume you're using Apache?).
> > This only comes into play when your machines are almost overloaded. An
> > LDAP server's typical use of system resources is pretty modest - you
> > just need to have enough RAM. You won't know until you test this though.
>
> If it uses some caching - right. Again - I need to test it.
It also depends on what attributes you index in the database. Typically
you would put an index on the "mail" and "mailAlternateAddress"
attributes, because that's on the basis qmail is doing it's searches.
Index setups in LDAP servers can make a huge difference to performance.
> But it's possible, that while one of the servers runs all of its
> resources, the other is bored..
If you set up an NFS cluster you'll typically be load balancing the
mailservers anyway, and it's the job of the load balancer to make sure
the load is balanced evenly. If it doesn't, then your load balancer is
broken.
> > In short - ignore the stuff about clustering, you won't need it if you
> > use NFS.
>
> Exactly. But still qmail-ldap can help much...
What I'm saying is that ignore references to Qmail clustering - you
don't need it. Qmail-ldap will still be needed to do the mail delivery
by multiple servers, but these servers are all doing local deliveries,
and don't need to know about each other.
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
S/MIME Cryptographic Signature
