RE: Best way to merge two local DITs vs empty search base suffix

[masarati@aero.polimi.it]

> Hello,
>
>> You can do this just fine.  I do it in all my installs.
>> You simply need to declare them in the right order.  I.e., you must
>> declare monitor, etc before the empty suffix.
>
> I did not realize that the order was important.
>
> Thank you very much !
>
>
> For meta backend it can be a good add-on feature to avoid
> generating a tcp connection to connect to localhost as the
> relay backend does.
>
> People may not realise that for one client connection to a
> meta DB the server is generating N parallels tcp connections
> (equal to the number of suffixmassage) to the target server
> (localhost). It will reach easily the default 32 threads
> on the ldap server.
>
> Then if you increase the number of thread you will get
> "warning, threads=128 larger than twice the default (2*16=32); YMMV."
>
> If found another kind of "issue" with meta with localhost
> that it will act as a ldap client connecting to it self
> and you may skip the fact that it needs to have full read
> credential. Even if you connect with ldapsearch as super
> user (cn=admin,..) on a meta DIT you will not get a full
> access to the tree because the "client" by default is
> anonymous so it has restricted ACL.

Everything you just realized is documented.  However, you didn't realize
that if back-meta were redesigned to short-circuit local calls like
back-relay does, operations performed that way would no longer be
concurrent, because internal calls are synchronous.  As a consequence,
your specialized back-meta would be nothing but a gluing of a mix of
back-relay and other backends using the "subordinate" directive.

p.