Speed Up Your Mail Server

February 12, 2011 Performance

One of the most important factors of speed for a mail server is the ability to query DNS as quickly as possible.  DNS queries can be made faster by using one of two options.  The first option is to provide a DNS server in the /etc/resolv.conf file that is local and that provides recursive lookups.  Proximity for DNS means speed.  The transfer of queries over long distances just increases the delay so use a DNS server that is close to the mail server.  Also list at least two nameservers in /etc/resolv.conf.

nameserver 12.32.34.32
nameser ver 192.168.4.1

Note in this example one DNS server is local the other is outside the local network.  By providing two mail servers the mail server can still function if one DNS server is not available.

The second necessary option is to make sure that the DNS server you use for the mail server will allow the mail server to make recursive requests, not just iterative requests.  When a machine is able to make recursive requests of a DNS server, that DNS server is required to find a definitive answer to any queries requested.  In other words, the DNS server must come up with “the answer” to any queries.  If a request is only iterative, it means the DNS server can provide it’s best guess, it is not required to do the research for a definitive answer.   Below is an options line found in a DNS server that indicates that a subnet, the localhost and a single IP Address have the access to make recursive requests.

options {
allow-recursion { 192.168.4.0/24; localhost;  192.168.3.2; };
};

If enough speed cannot be attained by using a DNS server, then a caching-nameserver can be installed on the mail server.  A caching  nameserver that is either located on the Postfix mail server itself or very close on the network is one the the most significant options you can use.  Because mail is closely tied to DNS, the faster you can resolve domains the more efficient everything will be.  The cache is significant because once a domain is in the cache the lookup is almost instant.

yum install -y caching-nameserver
cd /etc
cp named.caching-nameserver.conf named.conf
chown root:named named.conf
service named start

Note the configuration of the file that was copied to named.conf allows the localhost (the mail server) recursive queries and a cache.

options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory       “/var/named”;
dump-file       “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;

allow-query     { localhost; };
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
view localhost_resolver {
match-clients      { localhost; };
match-destinations { localhost; };
recursion yes;
include “/etc/named.rfc1912.zones”;
};

Edit /etc/resolv.conf and make sure the first nameserver is the localhost.
nameserver 127.0.0.1

You can add a second and third nameserver if you want redundancy.

Test your caching nameserver by installing bind-utils so you can so some tests.

yum install -y bind-utils

After you have installed the caching-nameserver correctly perform perform a query for a domain and note the time it takes (highlighted).  Then perform it again and note how much it has changed as the second query comes from the cache.

dig google.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> google.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49530
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 4, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.            IN    A

;; ANSWER SECTION:
google.com.        300    IN    A    209.85.225.103
google.com.        300    IN    A    209.85.225.104
google.com.        300    IN    A    209.85.225.105
google.com.        300    IN    A    209.85.225.106
google.com.        300    IN    A    209.85.225.147
google.com.        300    IN    A    209.85.225.99

;; AUTHORITY SECTION:
google.com.        172800    IN    NS    ns4.google.com.
google.com.        172800    IN    NS    ns1.google.com.
google.com.        172800    IN    NS    ns2.google.com.
google.com.        172800    IN    NS    ns3.google.com.

;; Query time: 144 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 12 12:27:37 2011
;; MSG SIZE  rcvd: 196

dig google.com
—cut—
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 12 12:28:07 2011
;; MSG SIZE  rcvd: 196

Tags: ,

Comments are closed.