Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
We have been running a virtual, multi domain mail server with the following configuration.
Redhat 9, Postfix, Courier, openLDAP, Spamassassin, Razor, squirrelmail, amavis, maildrop.
openLDAP is used for authentication.
Facing the following issues with openLDAP from time to time.
a) OpenLdap seems to get locked up every once in a while. i.e. While the process is running, it fails to authenticate.
Because process is still running, our monitoring system, Monit, does not recognize that as a failure.
Then we need to stop slapd. delete the /usr/var/openldap-data/__db.00* files, restart ldap for it to start working again.
b) When the server load becomes high, 4 to 5 then authentication is irratic. It works sometimes and sometimes it does not.
When server load became high to the tune of 16/18, ldap failed authentication.
What could be the reason for the above? anyone faced similar issues?
I'd rather have LDAP die than go in a coma. With dying, atleast our monitor can detect it and restart it.
I wouldnt mind looking at commercial alternatives to openLDAP if the above problems can be sorted out. ofcourse the best would be if the problem lies with us and not the software as fixing it would be easier than reinventing the ldap wheel.
What kind of hardware is used and how many use this email server? Sounds to me its not really software issues but more like load issues on the server. My suggestion would be to either setup another host to take a load off this server, either load balance them or migrate some of the services running off to another machine to take a load off of it.
The hardware config is a P4 2.4 Ghz, 1 GB RAM, 250 GB IDE HDD.
While around 300 users check mail daily, (total 6000 registered) , because these are popular domains, we get a lot of spam. We have 2 boxes to just handle spam, so a lot of it is filtered out. the max rate of queries I have seen is 5/6 per second.
The stanford ldap configuration is able to handle 100s of queries per second so no reason why ours shouldnt as we are following the standard documentation available.