On Tue, 11 Mar 2003 09:11, Markus Welsch wrote: > > Depends on what you want to balance, just TCP/IP traffic, or a specific > > service (mail/web/etc). For TCP/IP traffic, we use VRRP (Virtual > > Redundant Router Protocol), which works fine. > > What would you recommend if you want to realize load balancing between mail > and webservers ? (Mail server should also include POP3/IMAP-Server).
For load balancing create several POP and IMAP proxies with an IPVS load balancer in front. Use Perdition on the POP and IMAP proxies to direct the connection to the correct back-end server that has the mail. For mail delivery you want several SMTP relay machines with ipvs again to distribute traffic among them. The relay machines need to know which back-end server to deliver to, qmail-ldap with clustering support can do this (see the link Mark posted recently). The back-end servers need to know how to deliver mail directly to each other. A common mistake when setting up such things is to think that each back-end can consider itself authoritative for all addresses in the domain (because the relay machines are designed to direct all mail to the right server). Of course there are also bounces when quota is full... For storing details of account authentication (user-name, password, back-end server, and directorory) LDAP is generally regarded as the best option. I am currently setting up OpenLDAP with one master server (which has full ACLs for writes and every index necessary for administration tasks) and two slave servers to be used by the mail servers, Perdition, etc. The slave servers have minimal indexes and only accept writes from the master server. Excessive indexes kill write performance in an LDAP directory, excessive ACLs kill all performance. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
