[Date Prev][Date Next]
Re: 1024 fd limit ?
Julio Sánchez Fernández wrote:
> Howard Chu wrote:
> > Sounds like libnss-ldap opens a connection per invocation, or something
> > similar. Since nss is a system-wide service, perhaps it should only open
> > a single connection per client machine. Failing that, set up an LDAP proxy
> > on every client machine that will accept requests on multiple connections
> > and forward them thru a single connection to the main servers.
> No need for that, nscd (the Name Service Cache Daemon) does that.
well nscd was not an option until last week because a bug in libnss-ldap
was leading to an almost immediate lockup.
libnss-lap 122 correct this bug and it's running there along nscd quite
happily now (since 3 days) , that's good news.
> Unfortunately, its long-running nature make it fragile and any problem
> in name service libraries (and this includes nss_ldap and libldap and friends)
> becomes very fatal and it is very easy to lock your system pretty solid.
yes ... since libnss-ldap 122, it seems to runs pretty well now.
> So it takes some experimentation until you have a combination that is
> stable. But if you have it, the whole system opens a number of
> connections and all processes share them.
well... I thought this too, but it's not what i'm seeing :(
anyway using nscd greatly reduce slapd activity, at least.
And for the 1024 fd limit, ulimit is the answer (see next post)