--On Tuesday, December 1, 2020 8:20 AM +0000 Tero Saarni
<[email protected]> wrote:
I tested only with recent releases and git master, not with very old
versions since they are bit harder to compile with modern distros. But I
have compared the code from a random historical release. It seems to be
the same as today.
Quanah also replied "back-ldap likely needs a task to check for idle
connections" so I'm bit puzzled if this has worked previously. Maybe
ldap_back_getconn() can be called in some other scenario also without
having traffic from client towards the proxy?
Howard specifically said the following while I was discussing with him:
-----------
The current idletimeout code in there is pretty useless. It checks the
timestamp the next time a conn is referenced, so if it's never referenced,
the idle timeout never has any effect. If the conn *is* referenced - you
should just use the conn, instead of killing it.
-----------
So generally, if a load balancer or other traffic shaper is in use that
closes connections silently, set a keepalive. Overall the idle timeout has
little purpose for back-ldap connections.
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
