Kambiz Aghaiepour wrote:
Still struggling to create a replica.  Here's what the debug output is
showing in the consumer error log:

[---snip---]
[27/Oct/2010:12:53:30 -0400] - activity on 64r
[27/Oct/2010:12:53:30 -0400] - read activity on 64
[27/Oct/2010:12:53:30 -0400] - listener got signaled
[27/Oct/2010:12:53:30 -0400] - activity on 64r
[27/Oct/2010:12:53:30 -0400] - read activity on 64
[27/Oct/2010:12:53:30 -0400] - listener got signaled
[27/Oct/2010:12:53:30 -0400] - activity on 64r
[27/Oct/2010:12:53:30 -0400] - read activity on 64
[27/Oct/2010:12:53:30 -0400] - listener got signaled
[27/Oct/2010:12:53:35 -0400] - activity on 64r
[27/Oct/2010:12:53:35 -0400] - read activity on 64
[27/Oct/2010:12:53:35 -0400] - ber_get_next failed for connection 11
[27/Oct/2010:12:53:35 -0400] - conn 11 activity level = 83
[27/Oct/2010:12:53:35 -0400] - conn 11 turbo rank = 0 out of 1 conns
[27/Oct/2010:12:53:35 -0400] - conn 11 entering turbo mode
[27/Oct/2010:12:53:35 -0400] - listener got signaled
[27/Oct/2010:12:53:35 -0400] - ERROR bulk import abandoned
[27/Oct/2010:12:53:35 -0400] - import userRoot: Aborting all import
threads...
[---snip---]

The access log on the consumer reads:

[---snip---]
[27/Oct/2010:12:53:30 -0400] conn=11 op=80 EXT
oid="2.16.840.1.113730.3.5.6" name="Netscape Replication Total Update Entry"
[27/Oct/2010:12:53:30 -0400] conn=11 op=80 RESULT err=0 tag=120
nentries=0 etime=0
[27/Oct/2010:12:53:30 -0400] conn=11 op=81 EXT
oid="2.16.840.1.113730.3.5.6" name="Netscape Replication Total Update Entry"
[27/Oct/2010:12:53:30 -0400] conn=11 op=81 RESULT err=0 tag=120
nentries=0 etime=0
[27/Oct/2010:12:53:30 -0400] conn=11 op=82 EXT
oid="2.16.840.1.113730.3.5.6" name="Netscape Replication Total Update Entry"
[27/Oct/2010:12:53:30 -0400] conn=11 op=82 RESULT err=0 tag=120
nentries=0 etime=0
[27/Oct/2010:12:53:35 -0400] conn=11 op=-1 fd=64 closed error 90
(Message too long) - B2
[27/Oct/2010:12:53:42 -0400] conn=12 fd=64 slot=64 SSL connection from
152.45.5.155 to 152.45.5.166
[27/Oct/2010:12:53:42 -0400] conn=12 SSL 256-bit AES
[27/Oct/2010:12:53:42 -0400] conn=12 op=0 BIND dn="cn=replication
manager,cn=config" method=128 version=3
[27/Oct/2010:12:53:42 -0400] conn=12 op=0 RESULT err=0 tag=97 nentries=0
etime=0 dn="cn=replication manager,cn=config"
[---snip---]


(note error 90, message too long).  This is between a consumer and
supplier on the same subnet.
Maybe tcpdump/wireshark or some sort of TCP/IP debugging tool could help? I just don't know how to solve this at the application layer - we don't do anything with TCP message sizes in the directory server or the ldap c sdk - we just pass everything to send()/recv() and expect it will do the rest. I don't know if there is some sort of TCP tuning you could do to help this situation.
The supplier error log reads (sanitized with "hostname"):

[---snip---]
[27/Oct/2010:12:53:30 -0400] NSMMReplicationPlugin - Beginning total
update of replica "agmt="cn=meTohostname636" (hostname:636)".
[27/Oct/2010:12:53:42 -0400] NSMMReplicationPlugin -
agmt="cn=meTohostname636" (hostname:636): Failed to send extended
operation: LDAP error 81 (Can't contact LDAP server)
[27/Oct/2010:12:53:43 -0400] NSMMReplicationPlugin -
agmt="cn=mehostname636" (hostname:636): Received error 89: NULL for
total update operation
[27/Oct/2010:12:53:43 -0400] NSMMReplicationPlugin -
agmt="cn=meTohostname636" (hostname:636): Received error 89: NULL for
total update operation
[27/Oct/2010:12:53:43 -0400] NSMMReplicationPlugin -
agmt="cn=meTohostname636" (hostname:636): Received error 89: NULL for
total update operation
[---snip---]

I'm at a loss as to what I can do next.  Any help would be appreciated.

Kambiz


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to