[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8721) Quarantine in meta backend

Full_Name: Michele Lugli
Version: 2.4.45
OS: Linux Ubuntu server 16.04
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

Quarantine function in back-meta will permanently disable a target if a query is
received while the quarantine has been imposed.

Same problem reported in ITS#5592 and marked as "solved": still exists under
some circustances.

To reproduce: use config below, assume the first target works correctly and the
second is unavailable. Send a query and the quarantine will be
set. Sending more queries, with searchbase "dc=example,dc=com" and within 20
seconds, the quarantine will never lift.

Tested on latest release available (commit
bb62d9cb732c894023c5c9f5893acf40add7376c - Aug 31 16:53:45 2017).

---- slapd.conf ----

database   meta
suffix     dc=example,dc=com
quarantine 20,+
uri        ldap://itworks.example.com/dc=subtree1,dc=example,dc=com
uri        ldap://afakeaddress/dc=subtree2,dc=example,dc=com

---- slapd logs ----

59ad1507 conn=1000 op=1 meta_back_quarantine[1]: enter.
59ad1519 conn=1001 op=1: meta_back_getconn[1] quarantined
59ad1527 conn=1002 op=1: meta_back_getconn[1] quarantined
59ad1539 conn=1003 op=1: meta_back_getconn[1] quarantined
59ad154b conn=1004 op=1: meta_back_getconn[1] quarantined