[Date Prev][Date Next] [Chronological] [Thread] [Top]

Looking for proven version



Hi,

I have 4 sites using RH9+Openldap 2.1.22 (compiled from srpm), all
using identical configuration.
This ldap server is dedicated only for email system (courier-imap+pop
and postfix) but without addressbook service (because i move AB to
other server.

These combination are running fine on 3 sites (with average 200 users)
but not in one site which has aroound 600+ users.
After few days, slapd become unresponsive (or totally hang, but not
died, ie. ldapserach takes forever to completes).
restarting slapd sometimes helps but sometimes not.
I have made few tuning on db as suggested in faq and this list, but
did not help. I understands that many of you are having more users and
higher load than mine so i guess my setup is not correct (but why it
works on other site? ;)

I'm looking for already proven version of software combination (OS+OL
and other if necessary) for directory server which can handle this
kind of load or any advise success story if you're using same config
and able to handle more load.


HW: dual Xeon 2.4/1GB RAM.

Related slapd.conf :
# This is slave server

schemacheck on
allow bind_v2
sizelimit 10
idletimeout 300

database        ldbm
directory       /var/lib/ldap

cachesize         500000
dbcachesize     10000000

dbnosync

index  objectClass,uid,uidNumber,gidNumber,memberUid,mailExternalAccess   eq
index  sambaSID,sambaPrimaryGroupSID                            eq
index  mail,mailAlternateAddress,mailLocalAddress       eq,subinitial
index  cn,surname,givenname,fileAs                      eq,subinitial

loglevel 0

DB_CONFIG file :

#set the logfile size to 10MB.
set_lg_max 10485760
#set the in-memory log buffer size
set_lg_bsize 2000000
# cache size 300MB
set_cachesize 0 314572800 1

OL ver 2.1.22 with DB 4.1.25.NC without tcp-wrapper.

Fyi, if i enable default loglevel, log size will be 800MB/days, i
think not so heavy so i wonder why my OL can not handle such traffic.
I also try to run pam and saslauthd using unix socket instead of tcp,
but still did not help.....



--beast