[Date Prev][Date Next] [Chronological] [Thread] [Top]

idletimeout (was: openldap client connect limit)

Howard Chu writes:
> I'll note that on many systems the default is to allow only 1024
> connections in one process, which would explain why 20x50=1000 client
> threads would succeed, but 21x50=1050 clients would fail. If you want to
> go above the default system limit you might need to tweak some kernel
> parameters as well as recompile slapd with a larger FD_SETSIZE.

Sounds like a 'max #clients' modifier to idletimeout could be useful.
Something like "idletimeout 60 500" -> when there are 500 open
connections, time out the client which had been idle for the longest
time, provided that is more than 60 seconds.

Another wish: Ability to exempt a few IP-addresses, bound DNs etc. from
idletimeout.  I'd like to tune our idletimeout _way_ down, but currently
that would break our MTA.  Not a good idea:-)

For admins who generally prefer to avoid idletimeout, I suppose the two
items could be combined so one could configure that connections from
some IP-addresses are more important than some other connections, so new
connections from these addresses could throw out old idle ones.