[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4387) slapd-ldap backend leaks descriptors on closed connections on x86_64

aleksander.adamowski@gmail.com wrote:
> On 2/4/06, Pierangelo Masarati <ando@sys-net.it> wrote:
>> On Fri, 2006-02-03 at 21:55 +0000, aleksander.adamowski@gmail.com wrote:
>>> However, do you think that it's correct for slapd-ldap backend to do
>>> the following:
>>> 1) Not get rid of descriptors for connections closed by the other side
>>> (CLOSE_WAIT state)
>>> 2) Not reuse cached connections queries, but open more and more new connections?
>>> In my opinion this behaviour is not correct.
>> I haven't noticed the behavior you describe; I don't understand how it
>> could happen (and I'm not 100% sure I understood what's actually
>> happening; that's why I didn't answer this point).
>> A new connection between proxy and remote server is established when no
>> appropriate cached connection exists or when a bind occurs on an
>> existing cached connection.
> This would explain lack of connection reuse to some extent....
> Almost all connections come from the Courier MTA - its authldap and
> ldapalias daemons.
> They bind as the user cn=Courier,o=...etc..., so practically 98% of
> connections are associated with a bind operation.

Explicit binds to the back-ldap database always use a new connection. 
But if you Bind to a user in some other local database and then use that 
identity when searching back-ldap, then a connection for that identity 
will be cached. This behavior is already described in the 2nd paragraph 
of the slapd-ldap(5) manpage. You should rework your configuration if 
you want to take full advantage of the connection caching.

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/