[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: sessionlog question
Turbo Fredriksson wrote:
"Stephan" == Stephan Dühr <stephan.duehr@dass-it.de> writes:
Stephan> the FAQ
Stephan> (http://www.openldap.org/faq/data/cache/1125.html) says
Stephan> that sessionlog is used with a replication id (sessionlog
Stephan> <rid> <changelimit>), but in the Admin-Guide it's session
Stephan> log id (sessionlog <sid> <limit>). This is a bit
Stephan> confusing.
It's only confusing if you take 'sid' and 'rid' literally. The 'r' in
'rid' I asume means REMOTE (and I'm _guessing_ that the 's' in 'sid'
means something like SOURCE - have no idea if that's the case, it just
seem logical to me :).
Basically they say the exact same thing...
No. Guessing is seldom a good way to form an understanding of any system.
rid is replica ID, sid is session ID. The two are different and intended
for different purposes. Whether they're actually of value is a separate
question.
Stephan> That means, even if i have multiple
Stephan> consumers replicating the same stuff from a provider, i
Stephan> only need one sessionlog. Or is it so that the consumer
Stephan> uses the rid to forge the syncrepl cookie?
The 'sessionlog' goes (ONLY) on the provider. The number you specify
(sid or rid - whatever) must match the 'rid=' value you have on the
consumer.
The sessionlog only looks at the sid, and the provider and consumer sid
must match.
So if you have multiple consumers replicating against the same provider,
the consumer configuration option 'syncrepl' is/should be IDENTICAL...
No. The point behind the rid is to allow multiple consumers to be
distinguished from each other. This is used as a shortcut for satisfying
the conditions of draft-zeilenga-ldup-sync-05 section 3.1:
A sequence of Sync Operations where the last cookie returned by the
server for one operation is provided by the client in the next
operation are said to belong to the same Synchronization Session.
The client MUST specify the same content controlling parameters (see
Section 3.5) in each Search Request of the session. The client SHOULD
also issue each Sync request of a session under the same
authentication and authorization associations with equivalent
integrity and protections. If the server does not recognize the
request cookie or the request is made under different associations or
non-equivalent protections, the server SHALL return the initial
content as if no cookie had been provided or return an empty content
with the e-syncRefreshRequired LDAP result code.
The draft recommends calculating a hash of the search parameters and
passing that in the sync cookie to insure that the search parameters
from each sync request are identical. The OpenLDAP implementation uses
an rid instead; so it is assumed that all requests with the same rid are
using identical search parameters.
In practice this requirement is of little value and is contrary to one
of syncrepl's other design points - the provider is not supposed to need
to maintain any special state about individual consumers. Verifying that
the search parameters are identical between requests would require the
provider to maintain a list of all the syncrepl requests it has
received, and OpenLDAP doesn't do this. So in fact this requirement and
the rid are basically ignored.
Looking at the code again, there's another bug here - the consumer
provides no config keyword for specifying the sid. Therefore the only
way to use the sessionlog is by manually specifying a cookie on the
consumer slapd command line.
--
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support