I've got some additional information on our performance problem:
1. We did the test of disconnecting the incoming network from Exim, so that
it was only processing outbound messages to the next server. This was done
by physically disconnecting the cable. (In this situation, it happens that
all inbound messages come into eth1, and all outbound leave via eth0.) The
connect time instantaneously sped up from c. 45 seconds to c. 2 seconds.
When we reconnected the cable, the connect time went back to its longer
delay.
2. I happened to recall that we have Exim listening on port 10025 in addition
to port 25, a configuration that happened to be copied from another server
that uses amavisd-new in that mode. This router doesn't use that second
port, but I had never gotten around to removing it from the config file.
Oddly enough, even when port 25 is under heavy load, port 10025 will give
me an Exim banner within about 2 seconds. Port 10025 is not accessible from
the Internet due to firewall rules; it can only be accessed from the local
host. But port 25 has the slow connection even with telnet from localhost.
This really smells like some kind of a problem with Exim forking itself too
slowly, or with Linux kernel not being able to create sockets fast enough.
Does this additional information trigger anyone's memory on a possible cause
you might have seen?
By the way, we have now exhaustively tested that all reverse DNS for all the
IP addresses of all the servers are working. This includes localhost and its
reverse lookup. I think DNS can finally be ruled out as a problem.
The version of Exim we are running is 4.20. Among other things, I'm looking
at the changelogs of Exim 4.21~4.24 and at the kernel changelogs between
2.4.20-18 (what we're running) and 2.4.20-20 (the latest RedHat has available
to download), to see if there might be anything relevant in these updates.
Finally, we're going to set up a test with Exim being spawned by xinetd
instead of by its own listening daemon, to see if that will help.
Kind regards,
Scott
--
-----------------------+------------------------------------------------------
Scott Courtney | "I don't mind Microsoft making money. I mind them
courtney@??? | having a bad operating system." -- Linus Torvalds
http://4th.com/ | ("The Rebel Code," NY Times, 21 February 1999)
| PGP Public Key at http://4th.com/keys/courtney.pubkey
