On 2/24/11 5:32 PM, Ado Dao wrote:
Also not that if you are on linux, the default number of handles you can
open is 1000, which is far too low for a LDAP server, assuming you might
have ten of thousands opened connections. Tune your system.
I also agree you. But I
suspect that the number of
open connections is steadily increasing, because
the error occurred after several days. After a
restart the ldap server it was OK.
It looks like some
clients do not terminate
the connection. Therefore, the
question whether there is
an option for the
server, which terminates such
open connections after a timeout.
If the client disconnect without notice, yes, the connection will remain
until we detect it.
One option would be to tune the TCP stack to close idle connections.
Usually, it's set to 30 minutes.
Regarding the support of idle connection in the server, I don't think we
handle that atm, but it would be a good addition. Feel free to create a
JIRA, it should not be a complicated modification in the server to
handle idle connections with a configurable timeout.
Also note that due to the connected nature of LDAP, one client might be
connected for a very long time without sending a new request, so be very
conservative with such a configuration. Establishing a connection is
costly and requires you store the credentials on the client, when
manaing tens of thousands connection which do nothing is just a no
brainer...
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
