Hello,
We need some help to resolve the intermittent sync replication issue.
We have configured mirror mode replication with two nodes.
Node1 syncrepl
{0}rid=1 provider=ldaps://AWPCISQL22.otxlab.net:6366 type=refreshAndPersist
searchbase="o=otxlab.net" schemachecking=off bindmethod=simple
binddn="cn=Directory Manager,o=otxlab.net" credentials=d retry="60 10 300 +"
timeout=60 tls_reqcert=never tls_cacert="C:\Program
Files\OpenText\CARS\defaultInst\certificates\AWPCISQL22.otxlab.net-cert.cer"
tls_cert="C:\Program
Files\OpenText\CARS\defaultInst\certificates\AWPCISQL22.otxlab.net-cert.cer"
tls_key="C:\Program
Files\OpenText\CARS\defaultInst\certificates\AWPCISQL22.otxlab.net-key.pvk"
Node2 syncrepl
{0}rid=2 provider=ldaps://AWPCTHA1.otxlab.net:6366 type=refreshAndPersist
searchbase="o=otxlab.net" schemachecking=off bindmethod=simple
binddn="cn=Directory Manager,o=otxlab.net" credentials=d retry="60 10 300 +"
timeout=60 tls_reqcert=never tls_cacert="C:\Program
Files\OpenText\CARS\defaultInst\certificates\AWPCTHA1.otxlab.net-cert.cer"
tls_cert="C:\Program
Files\OpenText\CARS\defaultInst\certificates\AWPCTHA1.otxlab.net-cert.cer"
tls_key="C:\Program
Files\OpenText\CARS\defaultInst\certificates\AWPCTHA1.otxlab.net-key.pvk"
olcMultiProvider is ON.
We have tested replication and observed that inserting an entry into Node1
syncs to Node2, and adding an entry to Node2 syncs to Node1. Similarly, delete
and update operations are working as expected.
However, during continuous updates to Node1 (while both Node1 and Node2 are
running, and operations like importing an .ldif file from JXplorer to Node1),
some entries are not syncing to Node1. The replication logs show the following
message:
"rid=002 entry 'cn=GetCollection,cn=Method Set ISVPackage,cn=Cordys
ESBServer,cn=cordys,cn=defaultInst,o=otxlab.net'
csn=20231124172411.004202Z#000000#001#000000 not new enough, ignored"
We created ticket 10136 to address this issue but did not identify the root
cause initially. Upon analysis, we found that all entries producing the "not
new enough, ignored" message are not syncing to Node2.
We were previously using OpenLDAP 2.4 version, and this scenario worked
correctly. However, we started noticing the issue after upgrading to OpenLDAP
2.5.13 version. Upon reviewing the syncrepl defect fixes, we identified this
fix:
https://git.openldap.org/openldap/openldap/-/commit/8d428f3163e56f90cb84cddfd2d5640eefc8c996,
which appears to be causing the problem. We reverted this fix locally, rebuilt
OpenLDAP, and tested it. The issue is not reproducible with the reverted fix.
In summary, the basic scenario of adding entries to Node1 is not syncing to
Node2 sometimes. Do you have any suggestions to avoid this issue?
