Issue 6710 - Mods already refreshed on a forwarding server is lost by its consumer
Summary: Mods already refreshed on a forwarding server is lost by its consumer
Status: RESOLVED PARTIAL
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: slapd (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-11-15 15:39 UTC by Rein
Modified: 2014-08-01 21:04 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description Rein 2010-11-15 07:39:38 UTC 
moved from Incoming to Software Bugs
Comment 1 Rein 2010-11-15 15:39:32 UTC 
Full_Name: Rein Tollevik
Version: CVS head
OS: Irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (84.215.59.121)
Submitted by: rein


New syncprov consumers connecting to a forwarding server and presenting an
apperently up-to-date cookie will loose any mods that have already taken place
on the forwarding server if it itself is refreshing from its provider.  This
should not be a problem if the forwarding server have a sufficiently large
syncprov log, but a fix for servers without is coming.

--
Rein Tollevik
Basefarm AS
Comment 2 Rein 2010-11-21 08:59:55 UTC 
changed notes
changed state Open to Test
Comment 3 Rein 2010-11-21 17:47:55 UTC 
On 11/15/10 16:39 , rein@OpenLDAP.org wrote:
> New syncprov consumers connecting to a forwarding server and presenting an
> apperently up-to-date cookie will loose any mods that have already taken place
> on the forwarding server if it itself is refreshing from its provider.  This
> should not be a problem if the forwarding server have a sufficiently large
> syncprov log, but a fix for servers without is coming.
The currently committed fix for this its leaves one problem open.  If a 
forwarding server restarts in the middle of the refresh phase, after 
making some changes but before updating the csn, new consumers 
connecting with an apparently up to date csn set after the server comes 
up again will not know that the context is dirty and will loose these 
changes.  The same problem arise if the server restarts between the time 
a locally initiated delete operation is performed in the database and 
the accompanying csn set is saved.

A fix could be to always assume the context is dirty after start up, and 
thereby forcing all clients to undergo the refresh phase even if they 
are in sync until some operation that updates the csn set is performed.  
An unnecessary refresh is probably better than loosing changes..

Rein
Comment 4 Howard Chu 2010-11-22 00:31:29 UTC 
rein@OpenLDAP.org wrote:
> On 11/15/10 16:39 , rein@OpenLDAP.org wrote:
>> New syncprov consumers connecting to a forwarding server and presenting an
>> apperently up-to-date cookie will loose any mods that have already taken place
>> on the forwarding server if it itself is refreshing from its provider.  This
>> should not be a problem if the forwarding server have a sufficiently large
>> syncprov log, but a fix for servers without is coming.
> The currently committed fix for this its leaves one problem open.  If a
> forwarding server restarts in the middle of the refresh phase, after
> making some changes but before updating the csn, new consumers
> connecting with an apparently up to date csn set after the server comes
> up again will not know that the context is dirty and will loose these
> changes.  The same problem arise if the server restarts between the time
> a locally initiated delete operation is performed in the database and
> the accompanying csn set is saved.
>
> A fix could be to always assume the context is dirty after start up, and
> thereby forcing all clients to undergo the refresh phase even if they
> are in sync until some operation that updates the csn set is performed.
> An unnecessary refresh is probably better than loosing changes..

I haven't had the opportunity to review these patches yet, but the bug 
description sounds a little flaky to me.

The original design is this: when a consumer requests a refresh from the 
provider, the provider uses a snapshot of its current contextCSN. All changes 
from the consumer's cookie to this snapshot (inclusive) are sent to the 
consumer. Any changes currently in progress that have not yet been committed 
will be skipped until the next refresh. Nothing is lost, it's simply delayed, 
and that's in accordance with syncrepl's "eventual convergence" model.

Likewise, the provider only updates its contextCSN when a change is fully 
committed. syncprov should NOT need to defer any consumer while it has 
outstanding mods. There is no reason that would be needed by the sync protocol.

Servers only update their contextCSN after an entire refresh has completed. If 
a downstream consumer connects while a forwarder is still refreshing, the 
consumer should receive nothing. (Or, it should only receive the changes 
between its cookie and the server's committed contextCSN, if any.)

You may very well have found bugs in the implementation, but it sounds to me 
like you've changed the overall behavior to something outside of the original 
design.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/
Comment 5 Rein 2010-11-22 22:28:48 UTC 
Just a note that I have switched my reply to -devel.

Rein
Comment 6 Quanah Gibson-Mount 2011-01-03 14:37:47 UTC 
changed notes
changed state Test to Release
Comment 7 Quanah Gibson-Mount 2011-02-14 12:31:50 UTC 
changed notes
changed state Release to Closed
Comment 8 Quanah Gibson-Mount 2011-02-14 12:32:09 UTC 
changed notes
changed state Closed to Partial
Comment 9 OpenLDAP project 2014-08-01 21:04:31 UTC 
(partly) fixed in HEAD
(partly) fixed in RE24