Am Mon, Sep 02, 2024 at 02:40:49AM -0000 schrieb Jaehwan Kim via FreeIPA-users: > Hello. > > We've got a number (thousands) of hosts inside a private network of cloud > environment. > These all query the FreeIPA server for user and group information using NAT > and a gateway server. > However we're having issues with the LDAP queries timing out or becoming > unresponsive due to NAT timeout. > In order to prevent hosts (clients) from being disconnected due to NAT > timeout, we wish to try some sssd timeout values. > Because we have difficulty to find out proper timeout of sssd.conf.5 manual > pages (website), can you advice us on the proper timeout or propose other way?
Hi, I would suggest to start with 'ldap_connection_idle_timeout', see man sssd-ldap for details. I guess the connection is removed from the NAT table because it is idle to too long. HTH bye, Sumit > > Thank you. > JHK > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
