[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (sometimes) slow ldap_bind

To: <openldap-software@OpenLDAP.org>
Subject: Re: (sometimes) slow ldap_bind
From: Heinz Ekker <hekker@netway.at>
Date: Thu, 5 Apr 2001 19:17:31 +0200 (CEST)
In-reply-to: <Pine.LNX.4.30.0104051231250.30794-100000@rincewind.netway.at>

On Thu, 5 Apr 2001, Heinz Ekker wrote:

> Hi!
>
> We are encountering a strange problem:
[...]
>
> Sometimes authentication can take up to and more than 90 seconds. My
> co-worker, who is hacking the LDAP-authentication code into QPopper,
> says, that the problem is not the ldap_search (which is provided with a
> timeout), but with the ldap_bind.

...which does, as we found out a moment ago, a reverse lookup on the
connecting IP by default. When configuring slapd with
--enable-rlookups=no or putting the hosts into /etc/hosts the problem
disappears.

With >1000 connections per minute reverse lookups can be a serious
performance hit, as we found out the hard way ;)

Thanks,
Heinz

References:
- (sometimes) slow ldap_bind
  - From: Heinz Ekker <hekker@netway.at>

Prev by Date: Re: IMAP and OpelLdap
Next by Date: authenticating only works without password!
Index(es):
- Chronological
- Thread