Date: Fri, 06 Jul 2012 12:29:55 -0600
From: Rich Megginson <[email protected]>
On 07/06/2012 12:27 PM, Ryan Palamara wrote:
>
> I am using a mix of CentOS 5 and 6 servers using openldap for client
> ldap. I have 2 289 Directory servers that are using multi-master
> replication.
>
> When dirsrv stops working on the first server listed under URI,
> authentication picks up seamlessly on the second LDAP server listed.
>
> However if the first server is down completely, it then takes a long
> time for authentication for go to the second server.
>
> Any suggestions on what can be done with openldap, to allow the
> seamless failover to the second server when the first one is down
> completely?
>
Can you explain exactly what you mean by "stops working" and "down
completely"? I'm not sure why that would make a difference.
When the host is down, the TCP connect request must timeout before the client
library will see a failure and move on to the next server. When the host is up
but the directory server is down, the host will immediately send a TCP
connection refused, so the client will switch immediately.
The solution is to look into the LDAP network timeout option, to tell the
OpenLDAP library to wait for a shorter amount of time for the connection
attempt. (LDAP_OPT_NETWORK_TIMEOUT)
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
