> Ross West wrote:
>> I was wondering if there is a way to get exim under high incoming
>> tcp connection load to just refuse the connection instead of answering the
>> tcp connections and issuing a "421 too many connections" message.
Phillip Hazel wrote:
> "Connection refused" happens in the TCP/IP stack in the operating
> system. It is not under Exim's control.
Yes, but exim seems to hold a couple of connections (1?) to be able to
reply with the 421 message when smtp_max_accept is hit.
Ie: If I set smtp_max_accept to 10 and open 10 connections to the smtp
port, on the 11th exim will open the socket and reply with a "421
<hostname>: Too many concurrent SMTP connections...[etc]" and close
the connection. I just want exim to not even answer that last
connection and simply let the OS refuse the connection.
Sightly off topic now but still interesting... :-)
Tabor J. Wells wrote:
> Hmm. Well in my case at least, I run 3 servers behind an Alteon 180 and
> set it to load balance the number of connections based on round-robin. So
> in practice the number of TCP connections to my mail servers is nearly
> equal at any given time. I'd think that if you'd see a "too many
> connections" message on one, you should see it on all of them if the load
> balancer is in fact distributing evenly.
Ours is using a primarily response time based algorithm so the fastest
server will show up more often (and if equal times then round-robin
it). As other items are passing through the balancer and can affect
the load, it is conceivable that one server can get blasted with SMTP
connections, and if a 421 error occurs someone is going to call
tech-support. :-) Just trying to cut those errors out.
Realistically, as the servers are the same power/strength, the
balancing does average out over the long term. For testing we just set
the max connections to the default (20) and then loaded a few hundred
concurrent connections through the LB to see what would happen. The
servers can easily handle 5-10x that each which is way above our needs.
> Also while this doesn't answer your question, I'm fairly certain that most
> L4 load balancers are smart enough these days to poll the real ips and
> look at the response. So you might be able to mark a server as unavailable
> if it's throwing a 4xx in the banner.
Our balancer fully proxies the connection, so it doesn't go out and
actively do the polling as it can do it "live" with a client
connection. If the server answers the connection and sends data, it's
assumed to be able handle the connection. If it refuses, the LB will
go onto the next server in the queue and then patch it into the client
connection - hence the question of turning off the 421 error messages.
On the other hand, scanning the server response would be a good
feature for the LB to do. I'll add that to the wish list. :-)
Cheers,
Ross.
--
Ross West mailto:exim@linepoint.com