> From: Ned Freed <ned(_dot_)freed(_at_)mrochek(_dot_)com>
>> You're saying that there are servers which have close to (or more)
>> than 65K connections to a *single client IP address* (i.e. it may be a
>> NAT, with a number of hosts behind it)?
> Yes, that is exactly what I am saying
Wow. Can you tell us a little bit about what those client sites look like?
Again, these sorts of boxes are proxies of one sort or another. The actual
functionality they provide varies considerably: Some are HTTP to email gateways
(webmail), others do content transform or filtering, some do archiving, some
attach security layers like TLS, and some do protocol-specific hackery like the
bookkeeping necessary for IMAP4 before SMTP. A lot of the time the proxies and
message stores run software from the same vendor, but fairly often they do not.
Typical hardware for something like this is a midrange box with a couple of
fast CPUs, fast network hardware, and possibly crypto addons. Fast high
bandwidth disk is unnecessary. We also find that these proxies don't parallize
as well as you might hope, so the big boxes with lots of CPUs aren't worth it.
YMMV of course, especially on how many CPUs are useful.
(IMAP4 store machines are of course a very different matter. In particular,
heavy duty disk subsystems are essential there.)
(Not the servers; I'm curious about the things at the far end which are
generating that many client connections. They must be huge NAT boxes, no? I
have a hard time conceiving of a single computer generating that many client
As I said before, I haven't seen NAT as part of this picture, but this may be
due to my own ignorance of all the things being done in these setups. As it
happens I spend most of my time on the SMTP side of the equation, and SMTP,
unlike IMAP4, is characterized by short-lived connections as well as the
ability in most cases to rack-and-stack both destination servers and proxy
intermediaries. The 65536 connection limit is a nonissue for SMTP AFAIK.
Ietf mailing list