[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: 1024 fd limit ?

To: "Yann Dupont" <Yann.Dupont@IPv6.univ-nantes.fr>, <openldap-software@OpenLDAP.org>
Subject: RE: 1024 fd limit ?
From: "Howard Chu" <hyc@highlandsun.com>
Date: Thu, 16 Nov 2000 10:31:31 -0800
Importance: Normal
In-reply-to: <3A13A87D.8F9E95FB@IPv6.univ-nantes.fr>

> Hello.
>
> I've a problem which is not directly OPENLDAP related, but I don't know
> how to fix this properly.
>
> We have 3 openLdap Servers : One master, 2 slaves. (all under linux
> 2.2, openldap 2.0.7, NOT THREADED (cause we had strange crash with
> threads))
>
> And a bunch (several hundred) of clients doing authentification & nss
> against the 2 slaves (using libnss-ldap)
>
> the problem we have is that our 2 slaves hit more or less often the
> 1024 open file descriptor limit. (we were quite suprised that any
> client process use a distinctive socket to the LDAP server)

Sounds like libnss-ldap opens a connection per invocation, or something
similar. Since nss is a system-wide service, perhaps it should only open
a single connection per client machine. Failing that, set up an LDAP proxy
on every client machine that will accept requests on multiple connections
and forward them thru a single connection to the main servers.

Unfortunately, the back-ldap proxy in slapd is not written to behave this
way,
but you could change it...

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc

Follow-Ups:
- Re: 1024 fd limit ?
  - From: Julio Sánchez Fernández <j_sanchez@stl.es>

References:
- 1024 fd limit ?
  - From: Yann Dupont <Yann.Dupont@IPv6.univ-nantes.fr>

Prev by Date: RE: 1024 fd limit ?
Next by Date: Re: Question about restrictions on username in SASL authorization
Index(es):
- Chronological
- Thread