[Date Prev][Date Next]
Re: max concurrent connections
At 11:47 AM 3/1/2006, Marten Lehmann wrote:
>I heard that openldap is limited to 1024 concurrent ldap-connections
>from clients, while other directory servers can handle
>millions of them. Is this true?
Like any other userland process, slapd(8) (the OpenLDAP server)
is bound by the kernel and other restrictions of the host system.
slapd(8) can utilize a number of different system interfaces
in managing concurrent connections. Certain system interfaces may
have unnatural restrictions imposed upon them by their
implementors. For instance, select(3) on some Linux systems is
restricted to 1024 descriptors even though the kernel can handle
many more. Hence, when using this interface, the number of
connections slapd(8) (or any other program using this interface)
is restricted to ~1024 (unless certain select(3) workarounds were
used effectively). Forunately, slapd(8) is able to take
advantage of other system interfaces, namely the Linux epoll(2)
interface. epoll(2) does not have the unnatural 1024 limit,
hence allowing slapd(8) to manage as many connections the
kernel will allow to be established.
Ten of thousands, generally, yes.
Millions, well, assuming the kernel didn't have some hard
limit, one would generally run into various out of various
other resources (such as RAM) long before you got to million
connections. I note that other programs, including other
directory servers, face the same restrictions and resource
limitations. So you should, at a minimum, take others claims
that they can support millions of concurrent connections with
a grain of salt.
>If yes, can I define low connection timeouts without problems at the
One can certainly configure slapd(8) to close idle connections...
see idletimeout directive in slapd.conf(5). I cannot speak to how
your clients react to connections being closed by the server
when idle. I would suspect some handle this well and others
don't. This is a topic for a list specific to each particular