I got into a somehwat interesting discussion/argument with a fellow today
about how many different domains could reasonably be supported on a single
IPv4 address, generally speaking.
I pointed out that there's essentially no limits on how many different
domains a single instance of Apache, running on a single IPv4 address,
could support, other than maybe the general limits imposed by available
memory, maximum simultaneously open sockets supported by the underlying
OS, etc. So in theory, one could put a million web sites on a single IPv4
address using Apache. (It probably wouldn't work that well if all one
million of them were visited simultaneously, but I'm not even 100% sure
that that would necessarily cause a problem.)
Likeiwse, I'm not aware of any hard limit that, for example, BIND imposes
on the maximum number of zones that it can be an authoritative server for,
again using only a single IPv4 address.
Lastly, for email, I'm not aware of any hard limit that Postfix imposes
on the number of domains for which a single running Postfix instance
could -receive- email for on the inbound side.
But this other fellow I've been taking to offered an unexpected observation:
If a given Postfix installation was attempting to support, say, 1 million
unique domain names (correponding to 1 million unique customers) and if
just 11,000 of those were to all simultaneously attempt to send -outbound-
emails to six (6) different destinations apiece, then... this other fellow
asserted... all of the 65536 maximum available IPv4 port numbers would be
exhausted, and then havoc would ensue.
I did note my belief that Postfix is very robust in the face of most
unusual and/or uncommon conditions, and thus thus, even in such an
unusual secenario, Postfix would probably handle it just fine, and that
worst case, the later emails might just experience a bit of reasonable
delay while they waited for outbound ports to be freed up.
But this whole exchange got me to thinking... Does Postfix use each
outbound TCP port number in a manner where that port number is and remains
entirely and exclusively dedicated to being used for just -one- outbound
SMTP connection/session at a time? If so, is there any compelling reason
why it MUST do so?
It's been awhile since I did any serious socket programming, but it is
my recollection that each connected socket is uniquely described by
a tuple consisting of the (a) source IP and (b) the source port and
(c) the destination IP and (d) the destination port and (e) some other
stuff I can't remember anymore but that is probably not important to my
question anyway.
As I understand it, the OS can keep everything straight and can send
all packets where they belong as long as each of these socket-describing
tuples is unique when consiedered as a whole and single unit. Thus, one
single local port can support multiple simultaneous connections to other
IP addresses elsewhere as long as those remote IP addresses are all
different and unique, with respect to one another.
Anyway, the point that I am getting at is just this: Does Postfix ever
make or have more than 65536 outbound TCP connections (from/on a single
IPv4 address) which are all simultaneously alive and active at any one
instant in time? If not, could it theoretically do so?
Please understand. I am *not* asking whether or not it would be the most
epic and colossal pain in the ass of all time to *rewirite* Postfix to
make it perform such a clever trick. I accept the possibility/probability
that it might be. That's not my question, I am just asking whether or
not your garden variety run-of-the-mill IPv4 implementation of Berkeley
sockets could, in theory, support -some- application which opened and
connected -some- set of TCP sockets to -some- set of mutually unique
remote IPv4 addresses elsewhere and thus have more than 65536 of those
open at some given instant in time.
I know. I know. I should get the hell out of here and go pester some
UNIX/Linux sockets or kernel people for an answer to this quetsion, but
as the question is almost uniquely relevant to mail servers, I though
that I would start here. If the answer turnes out to be "Sure! Postfix
is already doing that every day of the week and twice on Sunday!" then
I don't really need to reveal my ignorance anyplace else.
Regards,
rfg
