[Date Prev][Date Next] [Chronological] [Thread] [Top]

delta-syncrepl replica out of date

To: OpenLDAP software list <openldap-software@OpenLDAP.org>
Subject: delta-syncrepl replica out of date
From: Francis Swasey <Frank.Swasey@uvm.edu>
Date: Wed, 17 Oct 2007 15:58:57 -0400
User-agent: Thunderbird 2.0.0.6 (Macintosh/20070728)

I have a master and nine delta-syncrepl replicas all running on RHEL 4 using OpenLDAP 2.3.38 on the master and all replicas.

The master is configured to purge entries from the accesslog after 12 hours (and checks every 2 hours). I forget where I grabbed that from why I used it.

Anyway, I have discovered that if one of the replicas gets more than 12 hours behind (ie, is shutdown or we reload the database from yesterday), that it will grab all the updates that have happened in the last 12 hours and then the CSN of the replica and the master will be in agreement, but the changes that happened more than the 12 hours (of the accesslog) ago are not present on the replica.

Is this a configuration mistake I have made (other than setting the accesslog purge time to 12 hours) or is this a limitation (that I likely knew at one time and then forgot and now have relearned the hard way)?

Is there an option I can set on the replica's so they will refuse to start if their CSN is older than the oldest record in the accesslog of the master when they start up?

If this has been discussed in the past, I'm sorry, I did search, but not certain of the terms to use, I didn't have any luck finding anything that looked promising.

Here's the relevant parts of the master's slapd.conf

database hdb
suffix cn=accesslog
directory /var/lib/ldap/accesslog
rootdn cn=accesslog
checkpoint 1024 5
index default eq
index entryCSN,objectClass,reqEnd,reqResult,reqStart
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE

database bdb
suffix dc=example,dc=com
...
overlay syncprov
syncprov-checkpoint 1000 60

overlay accesslog
logdb cn=accesslog
logops writes
logsuccess TRUE
logpurge 12:00 02:00

And from the replica's:

database bdb
suffix dc=example,dc=com
...
syncrepl rid=100
	provider=ldaps://ldaprw.example.com
	bindmethod=simple
	binddn="cn=MySyncUser,dc=example,dc=com"
	credentials=NotMyRealPassword
	searchbase="dc=example,dc=com"
	logbase="cn=accesslog"
	logfilter="(&(objectclass=auditWriteObject)(reqResult=0))"
	schemachecking=on
	type=refreshAndPersist
	retry=30,+
	syncdata=accesslog

Thanks,
--
Frank Swasey                    | http://www.uvm.edu/~fcs
Sr Systems Administrator        | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
  "I am not young enough to know everything." - Oscar Wilde (1854-1900)

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: delta-syncrepl replica out of date
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: Problem to replace directory entries with ldapmodify
Next by Date: Re: delta-syncrepl replica out of date
Index(es):
- Chronological
- Thread