[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: back-meta hangs (ITS#3058)

To: openldap-its@OpenLDAP.org
Subject: Re: back-meta hangs (ITS#3058)
From: ando@sys-net.it
Date: Fri, 25 Jun 2004 13:06:57 GMT

>
>>I remember that sentence (I might have written it myself); the point is
>>that the  mechanism, AFAIR, is quite gross, in that the failover occurs
>>when the connection is first initialized; since back-ldap (I don't recall
>>back-meta) pools connections, if the failure occurs and there's no
>>connection re-init, you're stuck.
>>
> I've tested back-ldap, it does failover very well (at least as well as
> back-meta). When I have multiple target servers in the uri, separated by
> spaces, back-ldap always tries to contact the first one. If it doesn't
> respond, back-ldap retries with the next target. If it finds a working
> target server, it returns the results to the client.
> All this is completely transparent to the client.
>
> However, since the list of targets for back-ldap is space or
> comma-separated, I have to drop the base DN from uri specification (as
> it contains a comma - it's a DN after all...).

back-ldap doesn't need any DN portion of the URI; actually,
for some time checks were were in place to enforce its absence!

>
> My setup looks approximately like this (back-ldap is a separate slapd
> instance that listens on port 391):
>
> -------BEGIN-------
> database        ldap
> suffix          "dc=example,dc=com,o=Organization"
> rootdn    "cn=Manager,dc=example,dc=com,o=Organization"
> rootpw    secret
> uri           "ldap://localhost:389/ ldaps://ldapreplica.example.com"
>
> # dla starego base DN "o=altkom.com.pl":
> database        ldap
> suffix          "o=altkom.com.pl"
>
> uri           "ldap://localhost:389/ ldaps://ldapreplica.example.com"
> suffixmassage  "o=example.com" "dc=example,dc=com,o=Organization"
>
> # for empty base DN:
> database        ldap
> suffix          ""
>
> uri           "ldap://localhost:389/ ldaps://ldapreplica.example.com"
>
> rewriteEngine on
> rewriteContext searchBase
> rewriteRule   "$" "dc=example,dc=com,o=Organization" ":"


^^^ this rule is weird, I don't understand it.

Apparently, it maps *** anything *** into
"dc=example,dc=com,o=Organization"; hope it's intended!

If what you want to accomplish is redirect searches
for an unrecognized base to the database serving
"dc=example,dc=com,o=Organization", you may want to have
a look at the "defaultSearchBase" directive in slapd.conf(5);
otherwise, the same effect could be obtained by

rewriteEngine on
rewriteContext searchBase
rewriteRule   ".*" "%0,dc=example,dc=com,o=Organization" ":@"

at the cost of an extra back-ldap processing!

p.

> -------END-------
>
> Now I have to see whether back-ldap won't exhibit the deadlock problem
> back-meta did... This will require some weeks of stable operation.



-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: OpenLDAP 2.2.14 linking against 2.1.x (ITS#3203)
Next by Date: Re: back-meta hangs (ITS#3058)
Index(es):
- Chronological
- Thread