On Thu, 2002-04-18 at 12:49, Adam Williams6 wrote: > > Ugh, the 1024 connections thing. Yep! The good news is that with the idle timeout at 30 seconds, slapd is forcibly closing connections and this seems to keep the total active connections only around 60 (for some 100 client workstations), where it was up 1024 before. > > You may want to look at tweaking some of the TCP parameters via sysctl to > throw away connections sooner. Yes that's a great idea. Does anyone know where to the proc entry is to set the timeout. I think it defaults to 5 minutes (during which time the connection shows up as "CLOSE-WAIT" or something. > > Yes, get a *recent* nscd, it hels *ALOT*. Recent as in the latest Redhat 7.2 update rpm? > > Another trick is two run two slapds. Create an ip-alias interface, start > a second slapd that listens on that interface and is a replica (or > multi-master) of the other slapd, the split up your clients. You > effectively double your connection capacity, so long as you aren't over > taxing your LDAP server. Definitely a good idea. I've actually made a slave ldap server on another machine (same things as you suggest, really). I have stuff from the master replicate to the slave. Now I just need to set up a kerberos replication and slave server. Thanks for all the great help, everyone. Michael -- Public key available from http://students.cs.byu.edu/~torriem
Attachment:
signature.asc
Description: This is a digitally signed message part