On Sun, 16 Jan 2000, Sam wrote:
> On Sun, 16 Jan 2000, Mike wrote:
> > I was wondering if someone could tell me how to send mail to one
> > outgoing RehHat server, and make that server round robbin to 10 other
> > smtp servers? I mail about 250,000 emails a night, and the subscriber
> Add an entry on the RedHat server to smtproutes, that points to an
> internal DNS record.
> Then, initialize your DNS server and put 10 A records for this hostname.
> Each individual message will then be sent to a randomly chosen IP address,
> one out of 10, balancing the load.
Qmail makes this kind of trick exceedingly easy; and unsurprisingly, it
works as it ought. I'd go ahead and try what Sam suggests first.
Then, along the same lines, you can use something like a RadWare Fireproof
load balancer which will have the IP (rather than a DNS name) that you put
in smtproutes set up as the virtual address for your pool of outbound mail
servers.
Advantages are that the RadWare (or BigIP or ServerIron or whatevers) can
load balance based on number of connections, bytes, and even give
different weights to the different targets if they're not all quite the
same strength. They will also automatically pull from the pool a
mailserver that fails or is taken down for repair, and bring it back into
use gradually, rather than slamming it the second it goes live. Many of
these products will also fail over between themselves keeping state and
connections alive -- we've tested this with 500 active connections going
full bear on ftp sessions, twiddling away on telnets, and doing your usual
stateful https-without-crypto stuff (i.e., IM). That's overkill for your
application, of course, since qmail will just retry.
They're not cheap -- a failover-redundant/load-sharing pair of the RadWare
Fireproofs goes for around $12000 in the 2 100Mbit ports each
configuration. They can casually handle a full 100Mbit flow with
rapid-fire connects, and, because qmail normally delivers each message in
a separate connect, and the Fireproofs can load-balance by bytes or by
connections, you can tune the balancing to suit your real-world use.
MIND, it's *Nowhere* near as cheap as the DNS approach, but if you want
seriously configurable load-balancing and ability to shift traffic away
from an offline or failing server...
I'm currently converting a 10,000 seat company's firewall and mail service
from DNS and NAT balancing to failover 4-port Fireproofs on top of a
fault-tolerant switch architecture. Because the software making use of
the mail servers is so diverse, in the past, any one of the servers could
get hammered by one client box machine-gunning connections to one IP in
the list, or by one sending a continuous slew of mail through one
pipeline.
It sounds like your use will be much more consistent (Qmail servers
pushing out mail to second-tier transport agent servers). As a result,
the DNS option will probably work ok. If it doesn't work out because of
oddball load imbalances from happenstance, or somesuch, it will be easy to
switch from the DNS model to the load-balancer model -- configure the
balancers, and edit smtproutes.
-M
Michael Brian Scher (MS683/MS3213) Anthropologist, Attorney, Policy Analyst
Mainlining Internet Connectivity for Fun and Profit
[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Give me a compiler and a box to run it, and I can move the mail.
