[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Long-lived connections with 2.3.x stop returning attributes?

John Morrissey wrote:
I have a cluster of several LDAP servers currently running 2.1.30 behind a
hardware load balancer. I'm working on upgrading them to 2.3.25, but I've
encountered a problem with long-lived connections. Currently, I only have
one machine upgraded to 2.3.25.

We have a Perl-based daemon (using Net::LDAP) which can keep a single LDAP
connection open for several days, or even weeks. It performs synchronous
searches on this connection at the rate of one or two per second. All of its
searches match a single entry and it requests two attributes.

After this daemon has been connected to the 2.3.x machine in the cluster for
about a day, it begins receiving no values in response to its searches. The
search succeeds and a result (including the found entry's DN) is returned,
but there are no attributes present.

Any thoughts?

Run the server with debug enabled (-d -1) and keep a log of everything up until it first starts misbehaving. Since it's still returning the entries, it sounds like perhaps an ACL problem is kicking in.

 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/