[Date Prev][Date Next] [Chronological] [Thread] [Top]

question about ldap performance



  Now I am setting a smtp system (postfix) which need to process
query on ldap-server. During the test , I found that when there 
are simultaneously 200 queries on the ldap server, the query will
be very slow. I have to made the timeout of ldap query to 60 
seconds in postfix. But it is too slow that  sending a letter need
too long time.
   I tried to used anonymous no-bind access the ldap to reduce
the load on ldap server. I also tried to enlarged the cache in 
ldapserver.And because I have two smtp server, I set up a local 
slave ldap in each of the server and  point postfix ldap lookups 
to the local host. But it couldn't solve the problem. It seems 
that the ldap query becomes the bottleneck of the mail
system.
   I use the slapd from debian/linux woody version . And the version
information is:
   
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name                Version             Description
+++-===================-===================-======================================================
ii  slapd               2.0.23-6            OpenLDAP server (slapd).

and my ldap server conf:

ldap:/usr/src# cat /etc/ldap/slapd.conf 
# This is the main ldapd configuration file. See slapd.conf(5) for more
# info on the configuration options.

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/local.schema

# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck     on

sizelimit 500
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd.args



# Where to store the replica logs

# Read slapd.conf(5) for possible values
loglevel        256

#dbcachesize 10000000


#######################################################################
# ldbm database definitions
#######################################################################

# The backend type, ldbm, is the default standard
database        ldbm

# The base of your directory
suffix          "dc=dlut,dc=edu,dc=cn"

# Where the database file are physically stored
directory       "/var/lib/ldap"

cachesize 1000000
dbcachesize 10000000

index uid,cn,mailuser eq,pres
#index default none

# Indexing options
#index objectClass eq
#index default pres,eq
#index uid
#index cn pres,eq,sub
#index objectClass eq


# Save the time that the entry gets modified
lastmod on

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
access to attribute=userPassword
        by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
        by anonymous auth
        by self write
        by * none

access to attribute=maildrop
        by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
        by dn="cn=updater,dc=dlut,dc=edu,dc=cn" write
        by self write
        by * read

access to attribute=mailboxlocation
        by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
        by dn="cn=updater,dc=dlut,dc=edu,dc=cn" write
        by self write
        by * read

access to attribute=mailuser
        by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
        by dn="cn=updater,dc=dlut,dc=edu,dc=cn" write
        by self write
        by * read

# The admin dn has full write access
access to *
        by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
        by * read

# For Netscape Roaming support, each user gets a roaming
# profile for which they have write access to
#access to dn=".*,ou=Roaming,o=morsnet"
#        by dn="cn=admin,dc=dlut,dc=edu,dc=cn" write
#        by dnattr=owner write


replogfile      /var/lib/ldap/replog

replica host=maila.dlut.edu.cn
             binddn="cn=updater,dc=dlut,dc=edu,dc=cn"
             bindmethod=simple credentials=...

replica host=mailb.dlut.edu.cn
             binddn="cn=updater,dc=dlut,dc=edu,dc=cn"
             bindmethod=simple credentials=...

        Liu Jinhui
        hui@student.dlut.edu.cn
          2002-11-11