Hi Matt, Thanks for your suggestions. I don't claim to be an expert-- I just stumble along and ask for a lot of help when things go bad.
I think we're going to buy another Declude license (pending budgetary issues) and offload outbound traffic to another machine. We already cache the DNS lookups from that server, but the connection is still opened even if the actual transaction is cached on another machine. We didn't originally intend to put so much load on a single machine, but the server has been able to scale up and handle it virtually without problems, which is actually a positive note for the combination of IBM, Imail, Windows 2000 and now Declude. (the machine is a modular quad-Pentium III-1GHz, 240 gigs RAID 10 SCSI, 2 gigabytes DDR266 RAM, connecting through OC12 via dual FE NICs.) We also have a few upstream tricks implemented to balance the inbound load and average out periodic bursts of mail over longer periods of time, such as spam-slams of a 1000 emails in a second, which are held and passed to the server at a maximum of 80 per second. So far outbound has been handled just fine by Imail. Regards, Keith -----Original Message----- From: Matthew Bramble [mailto:[EMAIL PROTECTED] Sent: Saturday, September 13, 2003 2:01 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] Timing out with latest Microsoft patch Keith, First off, I can't believe that you can get a single Windows server to handle that load. Sounds like Microsoft didn't expect that was possible either... Your explanation makes sense regarding the number of network connections suddenly being limited somehow. I'm guessing that the same problem would exist for IMail 8 with a bunch of RBL's configured there. Maybe Ipswitch would at least let you know if they have seen similar problems? Microsoft also should be aware of the problem if in fact it isn't related to how Declude in particular works, which it doesn't sound like. One thing I am thinking is that you have a massive pipe going to your server, and you might have played with your TCP settings, and maybe this patch changed the values on you? That would bottleneck your bandwidth but not your processor. It's just a stab in the dark though. This could probably be tested fairly easily. The following article is very informative on that topic: Windows 2000 TCP Performance Tuning Tips http://rdweb.cns.vt.edu/public/notes/win2k-tcpip.htm According to that article, Windows 2000 out of the box is set best for Internet connectivity and 10 Mbps LANs, but your Internet bandwidth and the number of simultaneous connections can both influence what the best settings are. I'm not a TCP guru though, just roughly familiar with what the article points out (shame on me, I went to school for telecom). It could be a very unfortunate circumstance where your traffic is split into larger segments and wasteful small DNS queries, and there's no real good middle ground. If this is the case, maybe also a different DNS scheme could lessen the load on your servers outbound connections? Like having a caching server installed on the same box doing lookups off another local box? That would dramatically reduce the number of outbound connections I would think. But again, you obviously have more experience than I do with issues related to high traffic and I'm just stabbing in the dark at some ideas. BTW, I did read in one MS tech note that there was "unlimited" connections allowed under their server products. That might require some registry tweaking knowing them, and I wouldn't put it past them to change it on you with a patch. Matt --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
