[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4551) refreshOnly fails if provider is ever unreachable

See the "retry" keyword in the slapd.conf(5) syncrepl documentation. 
There is no bug here, this ITS will be closed.

Darren.Gamble@sjrb.ca wrote:
> Full_Name: Darren Gamble
> Version: 2.3.20
> OS: Linux (CentOS4)
> URL: 
> Submission from: (NULL) (
> Good day,
> We are evaluating OpenLDAP for our use, and have two machines configured with
> OpenLDAP 2.3.20 (CentOS4).  One machine is i386, which is a provider, and the
> other is x86_64, which is a consumer.  We are testing refreshOnly as the
> replication type.
> We have set up both servers without much trouble, loaded data, and confirmed
> that replication works as expected when the consumer comes up, and when we
> change data.
> But, when we simulated network problems, we were able to break replication
> fairly easily.
> If the consumer is ever unavailable (slapd is not running, or if the host is not
> reachable), then the consumer will log the failure ("do_syncrep1:
> ldap_sasl_bind_s failed (-1)") but never, ever try again.  Replication will be
> broken until someone manually restarts the consumer's slapd (assuming the
> provider is available at that time, of course).  If this is done, then the
> consumer will resync again right away, and seems to work until the next problem
> occurs.
> Here's the syncrepl config section (low interval for testing purposes):
> syncrepl rid=123
>         provider=ldap://A.B.C.D:389
>         type=refreshOnly
>         interval=00:00:05:00
>         searchbase="o=Shaw Cablesystems,c=CA"
>         scope=sub
>         schemachecking=on
>         updatedn="cn=consumeradmin,o=Shaw Cablesystems,c=CA"
>         bindmethod=simple
>         binddn="cn=readuser,o=Shaw Cablesystems,c=CA"
>         credentials=xxxxxxx
> Please let us know if you need any more information.  Thanks!

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/