[Date Prev][Date Next] [Chronological] [Thread] [Top]

idle_timelimit - idletimeout - nscd

We run a few ldap servers (RH5, openldap 2.3) for our Linux systems to
authenticate against.  Using the netstat command we notice that a large
number of established connections are always present on our ldapservers.
 We currently do not use  idle_timelimit in any of the client ldap.conf
files and we also do not use idletimeout in slapd.conf on our servers. 
We have seen a few remarks stating that if idletimeout is used in slapd
that it may adversely affect replications.

We are trying to decide if we should use the server based idletimeout or
the client idle_timelimit to close the idle connections.  Any
recommendations?  If so, what are some sane values to start with?   

We currently do not use ncsd on the clients, but are considering it if
that makes a difference in the above settings.