[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (sometimes) slow ldap_bind

On Thu, 5 Apr 2001, Heinz Ekker wrote:

> Hi!
> We are encountering a strange problem:
> Sometimes authentication can take up to and more than 90 seconds. My
> co-worker, who is hacking the LDAP-authentication code into QPopper,
> says, that the problem is not the ldap_search (which is provided with a
> timeout), but with the ldap_bind.

...which does, as we found out a moment ago, a reverse lookup on the
connecting IP by default. When configuring slapd with
--enable-rlookups=no or putting the hosts into /etc/hosts the problem

With >1000 connections per minute reverse lookups can be a serious
performance hit, as we found out the hard way ;)