Dave Horsfall wrote:
On Wed, 18 Jul 2007, Aaron Richton wrote:
As of 2.3.28, libldap's connections use TCP keepalives. You should be
able to configure your networking stack to get the desired behavior.
But the connection has yet to be made, so keepalives don't enter into it.
We're a homogenous FreeBSD shop, so I'd like to eliminate either FreeBSD
or OpenLDAP as a possibility before filing this as a bug with one or the
other. Can someone please do:
On client.example.net, set up ldap.conf with
URI ldap://server1.example.net ldap://server2.example.net
Server1, although resolving, does not run an LDAP server (and may not
phyically exist). If it's on the same subnet as the client, then so much
the better as that eliminates any router issues.
What I am seeing is a timeout of a minute before switching to Server2.
That would be normal when trying to contact a nonexistent host, and depends
entirely on your kernel's TCP stack/connection timeouts. As already noted, you
can explicitly set a shorter timeout using LDAP_OPT_NETWORK_TIMEOUT.
Revealingly, should the client attempt to contact itself first (where
there is no server) then the switch-over happens right away, but the
network guru swears up and down that there are no packet filters in the
way.
When a host is alive but simply has no server on the requested port, the TCP
stack immediately sends a "connection refused" response to the client, so
generally there should be no delay. Again, this is normal, and any "network
guru" should know that.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
