[Date Prev][Date Next]
RE: 1024 fd limit ?
> I've a problem which is not directly OPENLDAP related, but I don't know
> how to fix this properly.
> We have 3 openLdap Servers : One master, 2 slaves. (all under linux
> 2.2, openldap 2.0.7, NOT THREADED (cause we had strange crash with
> And a bunch (several hundred) of clients doing authentification & nss
> against the 2 slaves (using libnss-ldap)
> the problem we have is that our 2 slaves hit more or less often the
> 1024 open file descriptor limit. (we were quite suprised that any
> client process use a distinctive socket to the LDAP server)
Sounds like libnss-ldap opens a connection per invocation, or something
similar. Since nss is a system-wide service, perhaps it should only open
a single connection per client machine. Failing that, set up an LDAP proxy
on every client machine that will accept requests on multiple connections
and forward them thru a single connection to the main servers.
Unfortunately, the back-ldap proxy in slapd is not written to behave this
but you could change it...
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun