[Date Prev][Date Next] [Chronological] [Thread] [Top]

Update on performance issues with Openldap 2.1.x and Solaris 8



Thought I'd send out an update on where Stanford is at since my last mail:

We are now at 45 queries/second via GSSAPI binds sustained with 18 hosts on a single CPU Netra T1. On a 3 CPU Netra 1405, we have gone up to 75 queries/second via GSSAPI binds, and it was apparent that this rate could be pushed higher. If we were to use pooled connections, it was found that we could get at least 120 queries/second.

We are currently running:

Openldap 2.1.10
Cyrus-SASL-2.1.10
Berkeley DB-4.1.24
Heimdal-0.5.1 (plus patches)
OpenSSL-0.9.6g

To achieve this massive performance increase (from about 4-6 queries/second), we hired Howard Chu as a consultant. He found the performance problems I reported to be a combination of issues in OpenLDAP, Cyrus-SASL, and Heimdal (and not, as was often suggested on this list, problems with our setup). The changes he made to fix these problems on the OpenLDAP side are in 2.1.10, and the same with Cyrus-SASL. Howard submitted the fixes to Heimdal as well, but they have as yet not released an updated version. Part of the performance boost came in part with a new caching piece for Berkeley DB, so people who are running the 2.1.x series with Berkeley DB as their backend, may see an increase in performance if they move to 2.1.10 from older versions.

For those of you pondering a consultant for OpenLDAP, or who may do so, I personally strongly recommend Howard. He is extremely knowledgeable of the interworkings of OpenLDAP, and is quick to find, isolate, and fix problems that he finds.

Regards,
Quanah Gibson-Mount

--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html