update my 2.3.7 in production

[Dusty Doris <openldap@mail.doris.cc>]

Hi all.

Sorry its taken me so long to update the list.  Been real busy after I 
moved 2.3.7 into production, then went out of town, then had a power 
supply failure on my mail server.  Unfortunately, I don't provide myself 
redundancy on my mail server at home, like I do at work.  :)

As a recap, I've been running 2.3.7 w/ patched syncprov.c and bdb 4.2.52
w/ 4 patches from Sleepycat and one patch from Openldap.  We pushed this
into production about 3 weeks ago.  The server is used for
authentication/authorization of about 400,000 users.  The queries mainly
come from our freeradius servers, with an occassional direct ldap
connection.

We have one master server, that is provisioned by our billing system.  It 
uses syncrepl to replicate the changes to 3 slave servers.  One of the 
slave servers is sitting there mostly idle, in case of the need to 
manually fail it over to become the new master.  Perhaps due to a hardware 
failure on our master, that we can't easily recover from.  The other 2 
slave servers are used for queries from our radius servers or other direct 
ldap connections.  Actually, the direct ldap connections come from two 
ldap proxies that are sharing an IP with carp on freebsd.  I won't get 
into all those details now, I'll write up a paper on it and submit it to 
the list one of these days.

Anyway, so far things have been running great.  We haven't noticed any 
connection issues to the machines, slow queries, or any discrepancies with 
replication.  Doing a quick grep through the logs it looks like we get 
somewhere around 60,000 binds per day split (unevenly, I might add) 
between the two servers.

If anyone has some experience looking at the output of cn=monitor, send me 
a few example queries and I'll post the details back here.  I think that 
could give you some more hard data to look at.

Any questions?  Feel free to ask.

-Dusty Doris