Re: broken pipe - serious problem with OpenLDAP 2.0.21

[Adam Williams6 <awilliam@whitemice.org>]

>Good ideas.  At present, ldap restarts every hour anyway. 
>I've found the problem, though and it's not with OpenLDAP per se and not
>with the clients.  The problem is the shear number of connections.  Once
>they bring the total connections to ldap up to 1024, connections start

Ugh, the 1024 connections thing.

>dropping.  To solve this, I added an idletimeout to slapd.  Right now
>I'm playing around with 30 seconds.  That's worked really well, except
>the WAITING connections (ended connections) is climbing slowly.  Should
>be okay for now.

You may want to look at tweaking some of the TCP parameters via sysctl to 
throw away connections sooner.

>Each of the clients that runs anything that uses getpwnam creates a
>connection.  The problem is that a typical gnome session creates 10 or
>15 connections!  nscd may help alleviate this.

Yes, get a *recent* nscd, it hels *ALOT*.

>Anyway, if others have this problem, this is something to check out.

Another trick is two run two slapds.  Create an ip-alias interface, start 
a second slapd that listens on that interface and is a replica (or 
multi-master) of the other slapd, the split up your clients.  You 
effectively double your connection capacity, so long as you aren't over 
taxing your LDAP server.