[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Measuring activity/problem with timeouts





--On Monday, January 17, 2005 9:43 AM -0800 Rob Tanner <rtanner@linfield.edu> wrote:

I'm in the process of phasing in an OpenLDAP v2.2.17 (replacing an old
Netscape 4 server), and every night, around midnight and then again at
around 4:30am, the mail system logs a bunch of timeouts accessing the
LDAP server -- timeouts both when binding and searching.  The rest of the
time, everything appears to be running fine.

I've up'd the logging level to 286 looking for issues on the OpenLDAP
server, but nothing appears to be wrong.  The only measure of activity I
have currently is to count log entries, and between 4:39:00am and
4:39:59am, a time when the mail system registered timeouts accessing
OpenLDAP, there were 221 log entries.  A similar count at at 9:10am
showed 168 log entries.  The mta (Postfix) shows a similar pattern in log
entries (counts 72 and 64 respectively).  But in my mind, these numbers
don't really indicate a lot of activity.  Nor is the problem strictly an
issue with the mta since nagios, a system services monitoring tool,
likewise reports timeouts.

What I need to so is figure out what's causing the timeouts.  Any
suggestions as to how, or at least how to measure what the ldap server is
really doing.

Well, if you only have issues around that time, every night, are you sure there isn't something happening on your network at that time? Have you set up a script to do a query to "localhost" from the system, and run it every 2 or 3 minutes in the timeframe you are having problems to see if the that also experiences issues?


Also, do you collect any stats on what is happening on the system during that time period? You might want to take a snapshot of "top" or some other indicator of system activity to see what exactly is happening on the system during that time period, in case the issue is with the system.

On a slightly separate note, OpenLDAP 2.2.17 had memory leak & cacheleak issues. You might want to upgrade to the latest OL stable version (2.2.20). I also have two patches to OL 2.2.20, one that fixes a problem with slurpd replication where changes can be lost if there is a high volume of changes, and one that fixes an issue that can occur with indexing using back-bdb.

See:

<http://www.stanford.edu/services/directory/openldap/configuration/openldap-build.html>

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin