[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
question about ldap performance
Now I am setting a smtp system (postfix) which need to process
query on ldap-server. During the test , I found that when there
are simultaneously 200 queries on the ldap server, the query will
be very slow. I have to made the timeout of ldap query to 60
seconds in postfix. But it is too slow that sending a letter need
too long time.
I tried to used anonymous no-bind access the ldap to reduce
the load on ldap server. I also tried to enlarged the cache in
ldapserver.And because I have two smtp server, I set up a local
slave ldap in each of the server and point postfix ldap lookups
to the local host. But it couldn't solve the problem. It seems
that the ldap query becomes the bottleneck of the mail
system.
I use the slapd from debian/linux woody version . And the version
information is:
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
+++-===================-===================-======================================================
ii slapd 2.0.23-6 OpenLDAP server (slapd).
and my ldap server conf:
ldap:/usr/src# cat /etc/ldap/slapd.conf
# This is the main ldapd configuration file. See slapd.conf(5) for more
# info on the configuration options.
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/local.schema
# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on
sizelimit 500
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd.args
# Where to store the replica logs
# Read slapd.conf(5) for possible values
loglevel 256
#dbcachesize 10000000
#######################################################################
# ldbm database definitions
#######################################################################
# The backend type, ldbm, is the default standard
database ldbm
# The base of your directory
suffix "dc=dlut,dc=edu,dc=cn"
# Where the database file are physically stored
directory "/var/lib/ldap"
cachesize 1000000
dbcachesize 10000000
index uid,cn,mailuser eq,pres
#index default none
# Indexing options
#index objectClass eq
#index default pres,eq
#index uid
#index cn pres,eq,sub
#index objectClass eq
# Save the time that the entry gets modified
lastmod on
# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
access to attribute=userPassword
by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
by anonymous auth
by self write
by * none
access to attribute=maildrop
by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
by dn="cn=updater,dc=dlut,dc=edu,dc=cn" write
by self write
by * read
access to attribute=mailboxlocation
by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
by dn="cn=updater,dc=dlut,dc=edu,dc=cn" write
by self write
by * read
access to attribute=mailuser
by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
by dn="cn=updater,dc=dlut,dc=edu,dc=cn" write
by self write
by * read
# The admin dn has full write access
access to *
by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
by * read
# For Netscape Roaming support, each user gets a roaming
# profile for which they have write access to
#access to dn=".*,ou=Roaming,o=morsnet"
# by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
# by dnattr=owner write
replogfile /var/lib/ldap/replog
replica host=maila.dlut.edu.cn
binddn="cn=updater,dc=dlut,dc=edu,dc=cn"
bindmethod=simple credentials=...
replica host=mailb.dlut.edu.cn
binddn="cn=updater,dc=dlut,dc=edu,dc=cn"
bindmethod=simple credentials=...
Liu Jinhui
hui@student.dlut.edu.cn
2002-11-11