[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: connection pooling in back-ldap?

This has been on my todo list for a while, but I don't know when I'll get a
chance to write it myself. You're welcome to take a run at it. By the way,
look into using Unix domain sockets for the local connections - ldapi:// ...

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: owner-openldap-devel@OpenLDAP.org
> [mailto:owner-openldap-devel@OpenLDAP.org]On Behalf Of Kartik Subbarao

> I'd like to be able to collapse several incoming LDAP
> connections into a
> single proxy connection (or a small pool of proxy connections) with
> back-ldap. I noticed that this doesn't seem to be possible with the
> current back-ldap implementation, but was wondering if it's possibly
> being considered as an enhancement?
> Here's the scenario, to better explain what I'm looking to do. I'm
> working with postfix, which is pretty greedy with opening up LDAP
> connections. Each instance of a postfix SMTP process can have several
> connections open to the specified LDAP server. In reality,
> all of these
> connections perform extremely trivial searches (filter is
> something like
> mail=foo@host.com, retrieving a mailRoutingAddress type
> attribute). I'd
> like to shield my real LDAP servers from receiving all of the direct
> connections from the individual postfix processes. So, I was
> looking to
> point postfix to, say, localhost:3890, which would be an
> openldap proxy
> running back-ldap. And then the back-ldap would proxy to
> ldap.corp.com
> on the back end.
> Here's a rough sketch:
> postfix conn=1, op=1 : filter=(mail=abc@host.com)
> postfix conn=2, op=1 : filter=(mail=def@host.com)
> postfix conn=3, op=1 : filter=(mail=ghi@host.com)
> These connections are made to the back-ldap proxy by postfix. The
> back-ldap proxy should turn this into the following (in the case of a
> single pooled connection):
> proxy conn=1, op=1 : filter=(mail=abc@host.com)
> proxy conn=1, op=2 : filter=(mail=def@host.com)
> proxy conn=1, op=3 : filter=(mail=ghi@host.com)
> Is something like this possible? Any interest in adding it to the
> back-ldap functionality? I know I could probably hack my own with
> back-perl or somesuch, but it'd be nice to have this feature :-)
> Thanks,
> 	-Kartik