[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: broken pipe - serious problem with OpenLDAP 2.0.21

On Thu, 2002-04-18 at 12:49, Adam Williams6 wrote:
> Ugh, the 1024 connections thing.

Yep!  The good news is that with the idle timeout at 30 seconds, slapd
is forcibly closing connections and this seems to keep the total active
connections only around 60 (for some 100 client workstations), where it
was up 1024 before.

> You may want to look at tweaking some of the TCP parameters via sysctl to 
> throw away connections sooner.

Yes that's a great idea.  Does anyone know where to the proc entry is to
set the timeout.  I think it defaults to 5 minutes (during which time
the connection shows up as "CLOSE-WAIT" or something.

> Yes, get a *recent* nscd, it hels *ALOT*.

Recent as in the latest Redhat 7.2 update rpm?

> Another trick is two run two slapds.  Create an ip-alias interface, start 
> a second slapd that listens on that interface and is a replica (or 
> multi-master) of the other slapd, the split up your clients.  You 
> effectively double your connection capacity, so long as you aren't over 
> taxing your LDAP server.

Definitely a good idea.

I've actually made a slave ldap server on another machine (same things
as you suggest, really). I have stuff from the master replicate to the
slave.  Now I just need to set up a kerberos replication and slave

Thanks for all the great help, everyone.


Public key available from http://students.cs.byu.edu/~torriem

Attachment: signature.asc
Description: This is a digitally signed message part