Re: broken pipe - serious problem with OpenLDAP 2.0.21

[Pierangelo Masarati <masarati@aero.polimi.it>]

Michael Torrie wrote:
> 
> We're trying to run OpenLDAP 2.0.21 in a production environment
> supporting unix logins and samba.  We have a serious problem thats
> started to happen more and more in the last few weeks (probably load
> related).
> 
> About 3 times a day, the LDAP server just stops responding.  The log
> files of clients complain they can't contact the LDAP server.  The
> server is still running, it's just that no one can connect.  Many
> commands on the clients just return "broken pipe."  This is a serious
> problem and it's causing a lot of problems, especially with our mail
> server.  Users are getting bumped from mailing lists because these
> periodic outages cause sendmail to report "Unknown users."
> 
> Has anyone experienced this?  Is it just that OpenLDAP doesn't scale?
> We only support about 4000 users on one server.  I'd turn on debugging
> but I don't know what level would be appropriate.  Too much debugging
> output slows OpenLDAP way down and the users notice very slow logins.

I suggest you use different replicas for different tasks, e.g. one
replica
for mail routing and one for unix/samba auth, so you can use heavy log
on the auth replica only and try to find more useful hints on the
failure
cause.

Pierangelo.

-- 
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy   |
http://www.aero.polimi.it/~masarati