Re: ldapsearch with delay (on the same machine over TLS/SSL only)

["Dieter Kluenter" <dieter@dkluenter.de>]

Pavel Lisy <pali@tmapy.cz> writes:

> Hello
>
> I've found one problem
>
> I have latest openldap release 2.4.3 (but it is similar on former
> versions too). 
>
> There is small delay (1-2s) on beginning when I query ldap server from
> the same machine over TLS or SSL. Without SSL is no delay.
>
> Is it bug or is it normal? How can I debug it more?
>
> QUERY with delay:
> from ldap1 to ldap1 (the same machine)
> [root@ldap1 ~]# ldapsearch24 -Z -h ldap1.ldapnet.tmapy.cz -x -s sub -D "cn=Manager,dc=tmapy,dc=cz" -b 'dc=tmapy,dc=cz' -w p*****d
>
>
> QUERY without delay: 
> from ldap1 to ldap1 (the same machine without TLS)
> [root@ldap1 ~]# ldapsearch24    -h ldap1.ldapnet.tmapy.cz -x -s sub -D "cn=Manager,dc=tmapy,dc=cz" -b 'dc=tmapy,dc=cz' -w p*****d
> from ldap1 to ldap2
> [root@ldap1 ~]# ldapsearch24 -Z -h ldap2.ldapnet.tmapy.cz -x -s sub -D "cn=Manager,dc=tmapy,dc=cz" -b 'dc=tmapy,dc=cz' -w p*****d
> from ldap2 to ldap1
> [root@ldap2 ~]# ldapsearch24 -Z -h ldap1.ldapnet.tmapy.cz -x -s sub -D "cn=Manager,dc=tmapy,dc=cz" -b 'dc=tmapy,dc=cz' -w p*****d
>
>
> I think my DNS/hosts settings are correct

There could be several reasons, network based, memory based, kernel
based, even disk and X-server based.
You should measure the time and check system calls.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E