Re: slapd-mdb network performance

[Jancewicz, Russell]

On Nov 6, 2013, at 14:26, Quanah Gibson-Mount <qua...@zimbra.com> wrote:

> --On Wednesday, November 06, 2013 6:48 PM +0000 "Jancewicz, Russell" 
> <russell.jancew...@uconn.edu> wrote:
> 
>> Just before turning to this list i gave one last shot in the dark attempt
>> running my query using the rootDN. This produced the expected results.
>> 
>> When queried with a typical account DN my system was transmitting around
>> 2.0Mbps to the remote client.  When queried with the rootDN my system was
>> transmitting around 100Mbps to the client.
> 
> The rootdn bypasses all ACL evaluation.  Do you have complex ACLs?
> 
> --Quanah
> 
> --
> 
> Quanah Gibson-Mount
> Architect - Server
> Zimbra, Inc.
> --------------------
> Zimbra ::  the leader in open source messaging and collaboration

The system currently has around 30 olcAccess stanzas, the majority of which 
utilize the set notation to grant access based on groups. 
I decided it might be wise to test the speed of the search using ldapi:/// and 
the account and it does appear to suffer from the same latency issues, so I 
this does likely stem from ALCs.

Is there any cpu tuning or ACL tuning I should do to improve the overall 
response time? 
I haven't adjusted the stock threads and am running on a virtual machine with 2 
VCPUs (though i suspect a single request would only spawn a single thread).
with regard to ACLs would it be better to use groups or individual olcAccess 
lines per account? 

-Russell J. Jancewicz
University of Connecticut