[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd-meta doesn't continue with multiple uri's

To: "Liam Gretton" <liam.gretton@leicester.ac.uk>
Subject: Re: slapd-meta doesn't continue with multiple uri's
From: masarati@aero.polimi.it
Date: Tue, 14 Aug 2012 22:57:50 +0200
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Importance: Normal
In-reply-to: <502A7E5E.1040405@leicester.ac.uk>
References: <502A4C49.5000803@leicester.ac.uk> <b8f93385b22b25af352abea8f571d1fe.squirrel@www.aero.polimi.it> <502A5BEA.10100@leicester.ac.uk> <563af677eb282050fe5176b75fa0d9f3.squirrel@www.aero.polimi.it> <502A61A7.3010505@leicester.ac.uk> <52231f893bb151d89a5a9c132a71a059.squirrel@www.aero.polimi.it> <502A6CAD.3030702@leicester.ac.uk> <ec6f01d12d960122635814bc319565e9.squirrel@www.aero.polimi.it> <502A7E5E.1040405@leicester.ac.uk>
User-agent: SquirrelMail/1.4.21

> On 14/08/2012 17:18, masarati@aero.polimi.it wrote:
>
>>> If I remove host1 after the LDAP server has started, the debug
>>> output is at least different. It's attempting to contact host1,
>>> failing, doubling the timeout and trying again continuously, never
>>> attempting to try host2 or host3.
>>
>> The timeout you see is an internal timeout used for each poll on a
>> target's connection.  It keeps doubling when the connection is valid
>> but nothing comes.  Did you actually kill host1, or just stopped it?
>
> In the first case (host1 down when LDAP starts), I was testing by
> pointing at a host which has no LDAP service running on it at all,
> although the host itself was up.
>
> In the second case (host1 down after LDAP starts), I was using a proper
> target (an AD domain controller) and setting an iptables rule to prevent
> outbound traffic to it:
>
> iptables -A OUTPUT -d host1 -j DROP
>
>> In the latter case, the connection is not dead, it's just returning
>> nothing.  You need to kill the process (or let it timeout using the
>> "timeout" directive).
>
> Which timeout directive? I've already set network-timeout in the config
> for slapd-meta, and setting bind-timeout doesn't help either. I have no
> control over the configuration of the targets.

bind-timeout and network-timeout have specific, connection-level meaning. 
Just "timeout <seconds>" (you can make it search-specific if you don't
want it to affect other operations, using "timeout search=<seconds>".

p.

Follow-Ups:
- Re: slapd-meta doesn't continue with multiple uri's
  - From: Liam Gretton <liam.gretton@leicester.ac.uk>

References:
- slapd-meta doesn't continue with multiple uri's
  - From: Liam Gretton <liam.gretton@leicester.ac.uk>
- Re: slapd-meta doesn't continue with multiple uri's
  - From: masarati@aero.polimi.it
- Re: slapd-meta doesn't continue with multiple uri's
  - From: Liam Gretton <liam.gretton@leicester.ac.uk>
- Re: slapd-meta doesn't continue with multiple uri's
  - From: masarati@aero.polimi.it
- Re: slapd-meta doesn't continue with multiple uri's
  - From: Liam Gretton <liam.gretton@leicester.ac.uk>
- Re: slapd-meta doesn't continue with multiple uri's
  - From: masarati@aero.polimi.it
- Re: slapd-meta doesn't continue with multiple uri's
  - From: Liam Gretton <liam.gretton@leicester.ac.uk>
- Re: slapd-meta doesn't continue with multiple uri's
  - From: masarati@aero.polimi.it
- Re: slapd-meta doesn't continue with multiple uri's
  - From: Liam Gretton <liam.gretton@leicester.ac.uk>

Prev by Date: Re: OpenLDAP and virtual directory
Next by Date: openldap 2.4.23 hangs
Index(es):
- Chronological
- Thread