[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antw: slapd-mdb network performance

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>, "Russell Jancewicz" <russell.jancewicz@uconn.edu>
Subject: Antw: slapd-mdb network performance
From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
Date: Thu, 07 Nov 2013 08:12:28 +0100
Content-disposition: inline
In-reply-to: <50804E7D-6AEB-4480-8B45-FB24E35014CC@ad.uconn.edu>
References: <50804E7D-6AEB-4480-8B45-FB24E35014CC@ad.uconn.edu>

My very first guess is that openLDAP does access checking for every entry and attribute that matches your filter criteria. rootDN is probably checked first and fastest...

>>> "Jancewicz, Russell" <russell.jancewicz@uconn.edu> schrieb am 06.11.2013 um
19:48 in Nachricht <50804E7D-6AEB-4480-8B45-FB24E35014CC@ad.uconn.edu>:
> Hello,
> 
> I am experiencing a bit of an issue with mdb network traffic. 
> When I request large queries (entire subtrees) from remote hosts my searches 
> take hundreds of times longer to complete than they do if I search on the 
> local machine (in all expect for one case).
> 
> I have attempted to tune the kernel network settings, adjusted tx buffer 
> sizes all to no avail. 
> 
> Just before turning to this list i gave one last shot in the dark attempt 
> running my query using the rootDN. This produced the expected results.
> 
> When queried with a typical account DN my system was transmitting around 
> 2.0Mbps to the remote client. 
> When queried with the rootDN my system was transmitting around 100Mbps to 
> the client.
> 
> The system has an olcLimits rule allowing unlimited time and size to the 
> account "typical account" I was testing with.
> ' olcLimits: dn.children="ou=accounts,dc=example,dc=com" time=unlimited 
> size=unlimited '
> 
> Clearly the server is capable of serving data to the remote machine at 
> 100Mbps (given that the rootDN has done so) 
> 
> I cannot for the life of me find a configuration option or setting would 
> should be impacting the transmission bandwidth of searches. 
> Any help or advice of where I should be looking would be greatly 
> appreciated. 
> I have included the relevant cn=config information below.
> 
> Thank you,
> -Russell J. Jancewicz
> University of Connecticut
> 
> OpenLDAP: slapd 2.4.36 (Sep 19 2013 11:16:48) $
> 
> dn: olcDatabase={1}mdb,cn=config
> objectClass: olcDatabaseConfig
> objectClass: olcMdbConfig
> olcDatabase: mdb
> olcDbDirectory: /srv/ldap/example.com
> olcSuffix: dc=example,dc=com
> # ... olcAccess 
> olcLimits: 
> {0}dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" 
> time=unlimited size=unlimited
> olcLimits: {1}dn.children="ou=accounts,dc=example,dc=com" time=unlimited 
> size=unlimited
> olcRootDN: cn=root,dc=example,dc=com
> olcDbCheckpoint: 512 30
> olcDbNoSync: FALSE
> olcDbMaxSize: 8589934592

References:
- slapd-mdb network performance
  - From: "Jancewicz, Russell" <russell.jancewicz@uconn.edu>

Prev by Date: unsubscribe
Next by Date: OpenLDAP on CF disk
Index(es):
- Chronological
- Thread