[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap, proxy, round robin?



Thanks for the info, and suggestions.
I don't know that the idle time out will work in this situation, but
I'll give it a try, and see how it works.

Thanks!

Brett @Google wrote:
> 
> You could force a short ldap timeout on the server, so the server will
> drop the connection after a certain amount of inactivity.
> 
> AFAIK from the client's perspective LDAP connection stays open once
> established, until the TCP/IP connection is lost. This can mean the
> server dropping the connection due to inactivity, which is a poor man's
> round robin.
> 
> Even if you had a hardware content switch, you can only round robin
> "new" connections, you wouldn't want to forcefully / randomly terminate
> (non-timed out) established connections for data safety, as thie client
> might be in the middle of doing some critical ldap transaction which
> takes several operations to complete etc.,
> 
> Importantly though, the ldap client application(s) should be written
> with clustering in mind:
> 
> a. app should make a connection, do some stuff, then disconnect. There
> cannot be long duration connection caching if you want to make sure the
> load is spread evenly over your ldap cluster.
> 
> b. app should retry idempotent operations at least once, to cover the
> case it tries to use a "stale" connection which has just been terminated
> due to inactivity.
> 
> Cheers
> Brett
>