> Yes. If all of the threads are blocked forever, waiting for the DB > to return data, then the queue of requests grows without bounds. At > some point, the server says "I'm not making progress, and I can't > recover from this", and kills itself. hm, I thought the timeout values were for this, but I now understand that an LDAP communication might get stuck halfway, thus _not_ triggering a timeout event.
> Since the server is *already* effectively dead at that point, it > makes no difference to your network. > > The solution is to fix the database so that it doesn't kill the > server. well, we should perhaps be able to wait for a database going and come back again after a minute without crashing the daemon. Anyway, I'm now going with an increased ldap_connections_number (100 instead of 5), and increased LDAP timeouts as well. What about max_request_time and delete_blocked_requests -- isn't this exactly what is needed to protect the server from being blocked? Cheers, Martin -- Dr. Martin Pauly Fax: 49-6421-28-26994 HRZ Univ. Marburg Phone: 49-6421-28-23527 Hans-Meerwein-Str. E-Mail: [EMAIL PROTECTED] D-35032 Marburg - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
