[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: syncrepl: contextCSN less than entryCSN
- To: Jonathan Clarke <jonathan@phillipoux.net>
- Subject: Re: syncrepl: contextCSN less than entryCSN
- From: Ioan Indreias <indreias@gmail.com>
- Date: Tue, 14 Sep 2010 16:35:16 +0300
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ex7+dGc80C2fymJSrwhTf2bnG227t9rmcIN79OAos6w=; b=aJbHWynSDmmsoOS6uMPBFLL+AtsYzNbkNkEMyz7qykxjXS1PfAt3ZyIV6pMYOz2FK/ b+Wkllfno/JIKgvRV6nlhNuPA5L0MMyOCuOUdFam3JTdXeXOhDKkbE0HrH05Oj1/i1En KEiOtjAPs3HjaL58kc5qS61mUhziXKCa0/jA0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=v4V3TvF1SepdE5HJrKz0uJaaQbev0dp9LKT7LDkS7UECdKs6GUkpMc4xc+s4+7DrlH kGX6CQy7GE+A/z2c/+LSCs7XyWYklRN6auhY47fxHRc/0VRqMoAjAR8Zd25d6PS9fnwv egI8hR+LeplFrYH70JLNPjGIcLtlqpUABYXr8=
- In-reply-to: <4C8F6680.4060501@phillipoux.net>
- References: <AANLkTi=gAY8wGjP9gAU9Fu+PmkqJsHbxzPiXCG+egjNQ@mail.gmail.com> <4C8F6680.4060501@phillipoux.net>
Hello Jonathan,
For obtaining the contextCSN we are using ldapsearch like:
ldapsearch -H ... -x -D ... -b o=hashed -y pass_file -s base
'(contextCSN=*)' contextCSN
For the extract I have added to my original post we have used ldapsearch like:
ldapsearch -H ... -x -D ... -b o=hashed -y pass_file +
So I conclude we are using the in-memory information.
Best regards,
Ioan
On Tue, Sep 14, 2010 at 3:11 PM, Jonathan Clarke
<jonathan@phillipoux.net> wrote:
> On 14/09/2010 12:30, Ioan Indreias wrote:
>>
>> Hello,
>>
>> We are running openldap 2.4.21 configured as a consumer, using a
>> refreshAndPersist replication:
>>
>> syncrepl rid=202
>> provider=ldaps://ldap.hashed.net
>> type=refreshAndPersist
>> interval=00:00:05:00
>> retry="10 3 60 +"
>> searchbase="ou=emailservice,o=hashed"
>> filter="(objectClass=*)"
>> scope=sub
>> attrs="*"
>> schemachecking=off
>> bindmethod=simple
>> binddn="cn=ldap-hashed-service,o=hashed"
>> credentials=xx-xx-xx
>> tls_reqcert=never
>>
>> In order to check if the replication works OK we compare
>> (periodically) the provider's contextCSN versus the consumer's
>> contextCSN
>>
>> Most of the time both are in sync but from time to time we see that
>> these parameters are different (provider contextCSN> consumer
>> contextCSN) and we thought that the consumer was not "in sync" with
>> the provider.
>>
>> Continuing our investigations we found that in the consumer there are
>> objects with entryCSN greater than the consumer contextCSN.
>>
>> Is this a normal situation or a bug?
>
> What method do you use to consult the contextCSN?
>
> As stated in slapo-syncrepl(5), "the contextCSN is only updated in memory".
> So if you're using slapcat to check the value, this is pretty normal. See
> the slapo-checkpoint option to control the frequency it is written to disk.
>
> If you're checking via LDAP, then this is a whole different matter...
>
> --
> --------------------------------------------------------------
> Jonathan Clarke - jonathan@phillipoux.net
> --------------------------------------------------------------
> Ldap Synchronization Connector (LSC) - http://lsc-project.org
> --------------------------------------------------------------
>