Univention Bugzilla – Full Text Bug Listing |
Summary: | Make Dovecot connection/memory limits configurable | ||
---|---|---|---|
Product: | UCS | Reporter: | Daniel Tröder <troeder> |
Component: | Mail - Dovecot | Assignee: | Daniel Tröder <troeder> |
Status: | CLOSED FIXED | QA Contact: | Sönke Schwardt-Krummrich <schwardt> |
Severity: | normal | ||
Priority: | P5 | CC: | schwardt, walkenhorst |
Version: | UCS 4.0 | ||
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 34839 |
Description
Daniel Tröder
2015-06-17 09:18:10 CEST
Commit 61361 adds 20 UCVs mail/dovecot/limits/* to configure IMAP, POP3, managesieve, login, auth and anvil services separately. The default limits are set to 400 connections to each service like in Cyrus. The limit on open file descriptors (ulimit -n) is set to the maximum possible number of connections (when Dovecot is restarted). No magic is done to set other variables automatically to sane values if one variable is changed - that is left up to the user. Dovecots log and documentation is very helpful with this though. P.S.: Default configuration is the so called "High-security mode". "High-performance mode" can be enabled by setting: mail/dovecot/limits/imap-login/service_count=0 mail/dovecot/limits/pop3-login/service_count=0 (see http://wiki2.dovecot.org/LoginProcess) Tested with via 30_imap_server_with_hundreds_of_connections: - Limits were set to mail/dovecot/limits/default_process_limit=2000 mail/dovecot/limits/default_client_limit=2000 mail/dovecot/limits/auth/client_limit=10000 mail/dovecot/limits/anvil/client_limit=8003 - test sets ulimit to 2048 - test establishes 1500 simultaneous IMAP connection - each connection does a login with the same user - if all logins were successful, each connection is closed No problems occurred. There were code changes to the process limits → have to repeat QA Reviewed settings again; tested with 400 simultaneous SSL connections → OK → VERIFIED |