Quanah Gibson-Mount wrote:
As a curiosity, servers matched by the first rules are about 5 or 6
times
faster to response than servers matched by last rules. I thought that
the ACL evaluation time will be uniform because the whole set of rules
would be evaluated. this makes sense to someone?
This give me an extra advantage because I can sort the most important
servers first to grant a fast response to critical apps.
ACL evaluation results are stored in the idl cache, so the more a
given rule is exercised, the quicker the result sets to that rule
should be, if you have a good idl cache setting.
No they are not. Index lookups are cached by the IDL cache; that has
nothing to do with ACL evaluation.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
