director_mail_servers setting uses IP Adresses as values https://doc.dovecot.org/settings/core/#core_setting-director_mail_servers As described in the documentation, hostnames are converted to addresses when the configuration is read https://doc.dovecot.org/settings/types/#ip-addresses This is acceptable in host or virtual machine environment, but becomes a problem in a containerized environment. When any backend container is restarted, its address will change and users related to this backend can no longer connect, but backend (available with new IP address) can process request for example, director_mail_servers = dovecot-1 dovecot-2 dovecot-3 becomes in runtime (with one successfully connectetd user foo at example.com) doveadm director status mail server ip tag vhosts state state changed users 10.0.71.3 100 up - 0 10.0.71.4 100 up - 1 10.0.71.5 100 up - 0 where dovecot-1 10.0.71.3, dovecot-2 10.0.71.4, dovecot-3 10.0.71.5 When dovevecot-2 backend container restarts, and becomes new IP address, user can't connect to related backend: imap-login: Info: proxy(foo at example.com,10.0.71.4:143): Started proxying to <10.0.71.4> (<dovecot-2>) (0.009 secs) imap-login: Error: proxy(foo at example.com,10.0.71.4:143): connect(10.0.71.4, 143) failed: No route to host (after 28 secs, 3 reconnects, local=10.0.71.13:41066) My suggestion to developers: resolve backend hostnames to IP address on every request to director_mail_servers It's not about dovemon service with active health checks from dovecot pro, just dynamic hostname resolve -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230116/778fd3a4/attachment.htm>
> Op 16 jan. 2023 om 13:59 heeft k v <sintensa at outlook.com> het volgende geschreven: > > ? > director_mail_servers setting uses IP Adresses as values https://doc.dovecot.org/settings/core/#core_setting-director_mail_servers > As described in the documentation, hostnames are converted to addresses when the configuration is read https://doc.dovecot.org/settings/types/#ip-addresses > > This is acceptable in host or virtual machine environment, but becomes a problem in a containerized environment. When any backend container is restarted, its address will change and users related to this backend can no longer connect, but backend (available with new IP address) can process request > for example, > director_mail_servers = dovecot-1 dovecot-2 dovecot-3 > becomes in runtime (with one successfully connectetd user foo at example.com) > > doveadm director status > mail server ip tag vhosts state state changed users > 10.0.71.3 100 up - 0 > 10.0.71.4 100 up - 1 > 10.0.71.5 100 up - 0 > > where > dovecot-1 10.0.71.3, dovecot-2 10.0.71.4, dovecot-3 10.0.71.5 > > When dovevecot-2 backend container restarts, and becomes new IP address, user can't connect to related backend: > imap-login: Info: proxy(foo at example.com,10.0.71.4:143): Started proxying to <10.0.71.4> (<dovecot-2>) (0.009 secs) > imap-login: Error: proxy(foo at example.com,10.0.71.4:143): connect(10.0.71.4, 143) failed: No route to host (after 28 secs, 3 reconnects, local=10.0.71.13:41066) > > My suggestion to developers:Director has been phased out.> resolve backend hostnames to IP address on every request to director_mail_servers > > It's not about dovemon service with active health checks from dovecot pro, just dynamic hostname resolve-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230116/7873ed4c/attachment.htm>