[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: slapd-mdb network performance
On Nov 6, 2013, at 14:26, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
> --On Wednesday, November 06, 2013 6:48 PM +0000 "Jancewicz, Russell" <russell.jancewicz@uconn.edu> wrote:
>
>> Just before turning to this list i gave one last shot in the dark attempt
>> running my query using the rootDN. This produced the expected results.
>>
>> When queried with a typical account DN my system was transmitting around
>> 2.0Mbps to the remote client. When queried with the rootDN my system was
>> transmitting around 100Mbps to the client.�
>
> The rootdn bypasses all ACL evaluation. Do you have complex ACLs?
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Architect - Server
> Zimbra, Inc.
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
The system currently has around 30 olcAccess stanzas, the majority of which utilize the set notation to grant access based on groups.
I decided it might be wise to test the speed of the search using ldapi:/// and the account and it does appear to suffer from the same latency issues, so I this does likely stem from ALCs.
Is there any cpu tuning or ACL tuning I should do to improve the overall response time?
I haven't adjusted the stock threads and am running on a virtual machine with 2 VCPUs (though i suspect a single request would only spawn a single thread).
with regard to ACLs would it be better to use groups or individual olcAccess lines per account?
-Russell J. Jancewicz
University of Connecticut