On Wed, 1 Jan 2003 [EMAIL PROTECTED] wrote: > I've just upgraded to imapd 2.1.11, and while it's going fine so far I'm a > bit concerned about how it will cope under load when our students return. > > The problem is that I'm using the saslauthd native LDAP mechanism, and the > directory it's binding to is quite slow (it's actually a slapd instance > running a shell backend which routes bind requests to different places > depending on the usercode - don't ask...). Because saslauthd makes > synchronous bind calls, it's doesn't take many concurrent requests to > exhaust the default pool of five instances. > > Since it's hard to predict peak usage, I'm tempted to run the daemon with > the -n0 option so it can spawn as required. However, a colleague has > pointed out that if something blows up then spawn-on-demand could kill the > server - with a fixed-size pool, auth requests would fail but the system > would keep going. >
How many concurrent authentications do you need? You can use testsaslauthd (in $cyrus-sasl/saslauthd) to verify the performance of saslauthd. > Can anyone offer advice on tuning the saslauthd pool? Are there particular > options, either on the command line or in saslauthd.conf, which I should > be looking at? > Try using 'ldap_auth_method: custom'. It is up to three times faster than the 'bind' method. -Igor
