I have certain systems that cause the server to go catatonic if they send a request. First I need to say something about network topology. We are using frees/wan to do ipsec VPN. I have a master LDAP server which I'm replicating across the VPN. Queries to the master LDAP server work fine except if they come from a remote firewall box. Here's a picture: +------------+ | ldapmaster | +------------+ | ethernet | +------------+ | Firewall A | +------------+ | VPN across the internet | +------------+ | Firewall B | +------------+ | ethernet | +------------+ | Other Host | +------------+ LDAP works great from any system *except* "Firewall B". This includes "Other Host and "Firewall A". If I do an ldapsearch form "Firewall B" while running slapd -d 65535 I get: select activity on 1 descriptors new connection on 7 and it hangs. What's probably happening is that Firewall B is using it's external network address to talk to ldapmaster and some kind of funny masqurading is going on. I'm going to have to debug that separately, but it sure would be nice if slapd were to be a little more resistant to this particular lossage. I'm thinking it might be better if I could run slapd under inetd or tcpserver. Is the almost but not quite documented -i flag what I think it is? Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft.
Attachment:
pgp8a2qVM9T4k.pgp
Description: PGP signature