On February 17, 2009, Xueshan Feng wrote: > Dmitry, > > We have 8 mailbox servers, 3 ldap severs. Each server has around 5000 > accounts. Hardware is on Dell 1950 with 16GB memory. Our Zimbra store and > backup partitions are on NetAPP SAN disks. > > Since you got http errors, you might want to look specifically if you have > lots of ldap timeout in /opt/zimbra/log/mailbox.log file. that was a great suggestion which I went and checked out right away. Unfortunately the only thing in the logs that seems to be related to LDAP is Zimbra's fall-back to internal Auth. Do you, by any chance have message you've seen handy, or maybe remember what it was about? Ours definitely has nothing with word LDAP in it that is of any value. > In our load testing, we ran into ldap timeout issue which translated to > http errors. We ended up turning off tls between Zimbra mailservers and > Zimbra ldap servers ( zmlocalconfig -e ldap_starttls_supported=0 ). Because > Openldap connection pooling is not supported for TLS connections, tuning > TLS off enables connection pooling and gives better performance there. doesn't seem to be the case *now* but it's a great tip for the future references, thanks. > Also, "zmstat-chart" is very useful for trouble-shooting performance > problem. We run it every 20 minutes and the chart is automatically posted > on a website to help analyze problems and to measure tunning result. so far we can't find a single thing to pin our problems on. Even with zmstat-chart - things seem to be well within their limits (well at least in comparison to what we had prior to migration) > Here is our configuration script: big thanks for that. That is definitely something I was looking for to "compare notes" on installation and setup. -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245
Attachment:
signature.asc
Description: This is a digitally signed message part.