[Date Prev][Date Next]
Re: OpenLDAP 2.1 (?) on RedHat Enterprise summary
On Fri, 7 May 2004, Pierangelo Masarati wrote:
> 10000 searches:
> Wed Mar 17 15:01:58 SAST 2004
> Wed Mar 17 15:23:17 SAST 2004
OK, I fixed our objectclasses to be LDAPv3 compliant enough and ran some
Running pretty much the same tests, I finish about 30 times faster, and I
see no significant difference between RHEL 3AS and RHEL 2.1.
My test box is a Dell 2750 with 2GB RAM and 2 x 2.8GHz Xeon. Yes, that's
ridiculously overpowered, but the box will also run SpamAssassin and
RHEL 3AS, kernel 2.4.21-9.0.3.ELsmp. 2.4.21-9.0.3.EL is about 10% *slower*;
SMP doesn't buy us much, but I see no penalty from it.
OpenLDAP 2.1.30 with BDB 220.127.116.11. Changes from Jehan's SRPM are removing
the old SUSE openldap-2.1.17-string.patch, which looks like a novice "let's
replace all strcat with strncat for SECURITY" exercise,
--without-cyrus-sasl, --disable-wrappers, --disable-modules,
--disable-ldbm, --enable-monitor, and --without-kerberos. Just LDAP with
simple bind over TLS is all we need, thanks.
/tmp/searche is 12,000 lines like
ldapsearch -h 18.104.22.168 -x -LLL "mailAcceptingGeneralId=rcgraves" \
Searching for this one indexed attribute and with somewhat verbose loglevel
2816, I can get 250 queries per second, both from localhost and from a
remote host, both single-threaded in series and 30-something at a time with
split -b 400 /tmp/searche
for f in xa* xbb xbc xbd xbe; do (sh $f >> /dev/null 2>> /dev/null <
/dev/null &) ; done; time sh xba > /dev/null 2>> /dev/null &
Given that forking "nc -z localhost 389" 12,000 times takes 30 seconds, 49
seconds to do 12,000 LDAP queries isn't bad.
If I add substring searches of two unindexed attributes to the query, I can
still finish 12,000 queries in just over two minutes.
Rich Graves <email@example.com>
UNet Systems Administrator