-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/18/2014 12:27 PM, Ulrich Windl wrote: >>>> Dennis Leeuw <[email protected]> schrieb am 18.02.2014 um >>>> 12:24 in > Nachricht <[email protected]>: Hi Ulrich, > > No I hadn't, didn't even know it existed. But reading up on it it > seems a server side configuration we do not have. > > Running the getent several times on a host shows nice round-robin > behaviour, so my guess it is somewhere in the client-side config > or caching, or... > >> Do you run nscd?
On some hosts we do on some we don't. > > > Dennis > > On 02/18/2014 12:09 PM, Ulrich Windl wrote: >>>> Hi! >>>> >>>> Did you read the bind manual pages about "sortlist"? >>>> >>>> Ulrich >>>> >>>>>>> Dennis Leeuw <[email protected]> schrieb am >>>>>>> 18.02.2014 um 10:33 in >>>> Nachricht <[email protected]>: Hi all, >>>> >>>> I hope I am on the right list for the problem I am >>>> experiencing. >>>> >>>> We have two subnets 192.168.196. 192.168.222. >>>> >>>> Our main LDAP servers run in 192.168.196. and are >>>> load-balanced by round-robin DNS. The 192.168.196. network is >>>> exhausted, so we added a new LDAP slave to 192.168.222. and >>>> added the IP address to the round-robin pool. But it seems >>>> that it is only used by other servers in the 192.168.222 >>>> network and not by servers in the 192.168.196. network >>>> >>>> This setup has now been running for 6 days, with nscd.conf: >>>> enable-cache hosts yes positive-time-to-live >>>> hosts 3600 >>>> negative-time-to-live hosts 20 suggested-size >>>> hosts 211 >>>> check-files hosts yes persistent hosts >>>> yes shared hosts >>>> yes max-db-size hosts 33554432 >>>> >>>> and nslcd.conf: uid nslcd gid ldap uri >>>> ldap://ldap.div.ourdomain.nl/ base dc=div,dc=ourdomain,dc=nl >>>> ssl no tls_cacertdir /etc/openldap/cacerts >>>> >>>> The LDAP server in the 192.168.222 range serves only 33 >>>> connections all from the 192.168.222 range, and the 2 hosts >>>> in the 192.168.196 range serve 599 and 706 connections. The >>>> last 2 servers do serve the 143.121.222. network also. So >>>> might there be some caching issue? >>>> >>>> $ getent ahost ldap.div.ourdomain.nl 192.168.196.190 STREAM >>>> ldap.div.ourdomain.nl 192.168.196.190 DGRAM 192.168.196.190 >>>> RAW 192.168.196.151 STREAM 192.168.196.151 DGRAM >>>> 192.168.196.151 RAW 192.168.222.179 STREAM 192.168.222.179 >>>> DGRAM 192.168.222.179 RAW >>>> >>>> Is this the right list for this question? And if so can >>>> someone help me understand what is going on? >>>> >>>> With kind regards, >>>> >>>> Dennis Leeuw >>>> - -- ICT Medewerker Divisie Biomedische Genetica UMC Utrecht Heidelberglaan 100 STR2.126 3584 CX Utrecht The Netherlands 06 27744048 intern: 64048 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTA0PgAAoJEMVYYpdbQscoo7UH+wapvrnkYMZaYJeTzoDVKkQQ xRzKLpaFZReuMc7MahfKWPs5Lu5h/04Y0DYxAU3QLIQ7+FN3B5wH+eVi/mFU2PKF 9f5NATEAWNoTfOJ44EtH1LU7qxnaIQSR7SMofskSbxqcxzqaIE6KzhgQG2x1N/Sa Fi8UtuiIB4NANOMUB6D3XTN2AgrGPlZhhQpMmQZ29bcII+2u0WFbddrPMfCsryhs nV5PTNyBgBIoegRizpGcbqqVLfpyXLjDG9us9ID1xTORK23wXmIeZger3HbnnFWc HQNtkT94y0GlWWSxgNJmbYa9N7sJWXlIFcrxp+nzphv38CBf7+2Tu9XdqfyPf4g= =Jq5y -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Het Universitair Medisch Centrum Utrecht is een publiekrechtelijke rechtspersoon in de zin van de W.H.W. (Wet Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat geregistreerd bij de Kamer van Koophandel voor Midden-Nederland onder nr. 30244197. Denk s.v.p aan het milieu voor u deze e-mail afdrukt. ------------------------------------------------------------------------------ This message may contain confidential information and is intended exclusively for the addressee. If you receive this message unintentionally, please do not use the contents but notify the sender immediately by return e-mail. University Medical Center Utrecht is a legal person by public law and is registered at the Chamber of Commerce for Midden-Nederland under no. 30244197. Please consider the environment before printing this e-mail.
