This question has just crept back to the top of my list again. I'm not completely sure that it got posted last time around, so I'm trying again. Chris > From: Chris Garrigues <cwg-bcc@deepeddy.com> > Date: Sat, 07 Feb 2004 17:53:50 -0600 > > Are there any known issue with replication and NAT? > > I ask because I have a master server and several replicas on my VPN and one > replica outside the private network on a public address. My replicas weren't > working and when I ran slurpd in one-shot mode it hung. When I then commented > my external replica out of slapd.conf, it ran okay. > > In the below trace, the external host is www.trinsics.com. The other two > hosts had successfully transferred the data previously. > > I'm running openldap-2.1.22-5mdk. > > Chris > > > [root@Sol openldap]# setuidgid ldap slurpd -d4095 -o -r /var/run/ldap/openldap-slurp/replica/slurpd.replog > . > . > . > Processing in one-shot mode: > 2 total replication records in file, > 2 replication records to process. > begin replication thread for ldap.trinsics.com:0 > Replica ldap.trinsics.com:0, skip repl record for uid=badmail,ou=people,o=trinsics,c=us (old) > Replica ldap.trinsics.com:0, skip repl record for uid=badmail,ou=people,o=trinsics,c=us (old) > end replication thread for ldap.trinsics.com:0 > begin replication thread for ldap.deepeddy.com:0 > Replica ldap.deepeddy.com:0, skip repl record for uid=badmail,ou=people,o=trinsics,c=us (old) > Replica ldap.deepeddy.com:0, skip repl record for uid=badmail,ou=people,o=trinsics,c=us (old) > end replication thread for ldap.deepeddy.com:0 > begin replication thread for www.trinsics.com:0 > Initializing session to www.trinsics.com:0 > ldap_create > bind to www.trinsics.com:0 as cn=wheel,o=trinsics,c=US (simple) > ldap_simple_bind_s > ldap_sasl_bind_s > ldap_sasl_bind > ldap_send_initial_request > ldap_new_connection > ldap_int_open_connection > ldap_connect_to_host: TCP www.trinsics.com:389 > ldap_new_socket: 8 > ldap_prepare_socket: 8 > ldap_connect_to_host: Trying 66.219.38.147:389 > ldap_connect_timeout: fd: 8 tm: -1 async: 0 > ldap_ndelay_on: 8 > ldap_is_sock_ready: 8 > ldap_ndelay_off: 8 > ldap_create > ldap_simple_bind > ldap_sasl_bind > ldap_send_initial_request > ldap_new_connection > ldap_int_open_connection > ldap_connect_to_host: TCP 127.0.0.1:389 > > Here's the log on www.trinsics.com during the above run. > > Feb 7 17:51:17 www slapd[11535]: daemon: activity on 1 descriptors > Feb 7 17:51:17 www slapd[11535]: daemon: new connection on 22 > Feb 7 17:51:17 www slapd[11535]: conn=12 fd=22 ACCEPT from IP=66.219.38.146:57352 (IP=0.0.0.0:389) > Feb 7 17:51:17 www slapd[11535]: daemon: added 22r > Feb 7 17:51:17 www slapd[11535]: daemon: activity on: > Feb 7 17:51:17 www slapd[11535]: > Feb 7 17:51:17 www slapd[11535]: daemon: select: listen=6 active_threads=0 tvp=NULL > Feb 7 17:51:17 www slapd[11535]: daemon: select: listen=7 active_threads=0 tvp=NULL > > -- > Chris Garrigues http://www.DeepEddy.Com/~cwg/ > Trinsic Solutions > 1611-B West 6th Street > Austin, TX 78703-5074 512-322-0180 > > If you don't apply what you've learned, you haven't > learned anything. > > -- Chris Garrigues http://www.DeepEddy.Com/~cwg/ Trinsic Solutions http://www.trinsics.com 1611-B West 6th Street Austin, TX 78703-5074 512-322-0180 If you don't apply what you've learned, you haven't learned anything.
Attachment:
pgpxRTZsccUjL.pgp
Description: PGP signature