--On Friday, March 08, 2013 7:05 PM +0000 Viktor Dukhovni
<postfix-us...@dukhovni.org> wrote:
On Fri, Mar 08, 2013 at 10:20:20AM -0800, Quanah Gibson-Mount wrote:
My point is that
the connections are not as persistent as one may desire. ;) I.e.,
OpenDKIM stays connected forever until the server closes.
This is not a feature, it is a bug. OpenDKIM is a multi-threaded
process that does not periodically exit to be replaced by a fresh
process. As such it does not tolerate memory leaks in its own code
or in the libraries it uses.
OpenDKIM does what I ask. It makes a persistent connection and cuts out
the overhead of persistent rebinding.
Postfix avoids this design pattern as much as possible. Other than
the tiny master server, only the queue manager (which does no table
lookups directly, and does not use SSL, GSSAPI, LDAP, ...), the
pickup server and tlsmgr run indefinitely. All three are simple and
have minimal interactions with non-Postfix resources.
Postfix
is not (currently) doing that for me, but as you note, may well be
related to the max_use setting.
This is a feature. Also this keeps the load on your LDAP servers
more balanced, connections don't stick to one server forever.
I don't see an issue with them sticking to the first server in its URL
list, which is how postfix behaves. I organize my URLs as necessary on the
MTAs to distribute out the load. If I needed something more complicated
than that, I'd use a load balancer and load balanced name to return to
postfix. In any case, lookups from postfix cause an insignificant amount
of load, as long as they are persistent.
Thanks for pointing out max_use. Now instead of postfix rebinding every
4-5 minutes to the LDAP servers, it is at least every 20 minutes between
binds, significantly cutting out startTLS negotiation overhead and
improving performance.
It is trivial to see what a significant difference it makes in postfix
behavior to go from the default of 100 to 5000:
<http://www.pastebin.ca/2330089>
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
