Ha mailserver, is possible active/active with "constant" connection?
I have setup a mail server, for testing.
My goal is to have a HA mailserver with imaps, when a client connect to a virtual ip, it redirect to two real servers, if a real server crash the other real server "take" the connection.
I have setup a cluster with two keepalived/haproxy lb and two real servers with postfix and Dovecot.The two lb are Debian, the mail servers are Fedora 31.
This is my configuration, on the two lb(load balancers)
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
# An alternative list with additional directives can be obtained from
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
defaults
log global
mode tcp
#postfix
listen smtp
bind mail.mydomain.priv:25
balance roundrobin
timeout client 30s
timeout connect 10s
timeout server 1m
no option http-server-close
mode tcp
option smtpchk
option tcplog
server mail1 mail1.mydomain.priv:25 send-proxy
server mail2 mail2.mydomain.priv:25 send-proxy
#dovecot
listen imap
bind mail.mydomain.priv:993
timeout client 30s
timeout connect 10s
timeout server 1m
no option http-server-close
balance leastconn
stick store-request src
stick-table type ip size 200k expire 30m
mode tcp
option tcplog
server mail1 mail1.mydomain.priv:993 send-proxy
server mail2 mail2.mydomain.priv:993 send-proxy
As you can see, the mail.domain.priv is the "virtual" server
binded to virtual ip 10.2.0.4(created by keepalived), the real
servers are 10.2.0.5 and 10.2.0.6.
The virtual ip 10.2.0.4 is alias to lo interface, I have created it
with those lines, in the lb
Code:
ip addr add 10.2.0.4/32 dev lo label lo:0
and in the real servers
Code:
echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce
ip addr add 10.2.0.4/32 dev lo label lo:0
I skip to post the dovecot/postfix configuration because is
too long, but I have tested it and works fine, as single
server and with the 10.2.0.4 virtual ip.
Of course the real server has the /var/vmail/mydomain shared
using glusterfs(I know is slow, but is only for testing).
I have connected a client, and I can get emails with dovecot
and send emails with postfix using imaps and smtp with starttls
without any problem.
So, what is the problem?
I have tested the cluster shutting down one of the real servers
with a client open(Thunderbird), and the client is "freeze", as
cluster don't exist and cannot read emails.
If I kill the client(Thunderbird), and restart it, it reconnect without problems
to 10.2.0.4 virtual ip(mail.mydomain.priv).
What is wrong?
Is possible to create an ha cluster active/active using keepalived
and haproxy?
Hi All,
I use two Network Connections at work: Wireless and LAN.
Wireless network has no limitations, but LAN internet has a web filter.
I start a download using my Wireless conn. (At this point, LAN is disabled)
But when I activate my LAN connection my download stops immediately.
LAN... (4 Replies)
Hi all,
I am new to HACMP. So sorry for the newie question. But I did search the forum and it seems that no one asks this before.
So if a 2-node cluster runs in active-active mode (and the same application), what is the benefit of using HACMP ?
If it runs in active-stanby, it is easy to... (9 Replies)
Hi,
I need to configure 4 ip address (same subnet and mask) in one ipmp group (two interfaces) in an active active formation (link based). Can some one provide the steps or a tutorial link.
Thanks (2 Replies)
Hi All,
From the title you may know that this question has been asked several times and I have done lot of Googling on this.
I have a Wikipedia dump file in XML format. All the contents are in one XML file i.e. all different topics have been put in one XML file. Now I need to separate them and... (1 Reply)
Hi,
We have one java client which connects to a windows server through ftp in active mode and gets files. When we run this client on hp-ux, it is able to transfer 100k files. But when we run the same client on Linux server it is able to transfer only 200 files at max and it is hanging there... (1 Reply)
#!/bin/bash
for digit in $(seq 1 10)
do
if ping -c1 -w2 192.168.1.$digit &> /dev/null
then
echo "192.168.1.$digit is UP"
else
echo "192.168.1.$digit is DOWN"
fi
done (3 Replies)