On Mon, 2005-03-28 at 05:11, Abhishek Daga wrote: > We have been running a virtual, multi domain mail server with the > following configuration. > Redhat 9, Postfix, Courier, openLDAP, Spamassassin, Razor, squirrelmail, > amavis, maildrop. > openLDAP is used for authentication. > > Facing the following issues with openLDAP from time to time. > > a) OpenLdap seems to get locked up every once in a while. i.e. While the > process is running, it fails to authenticate. > Because process is still running, our monitoring system, Monit, does not > recognize that as a failure. > > Then we need to stop slapd. delete the /usr/var/openldap-data/__db.00* > files, restart ldap for it to start working again. > > > b) When the server load becomes high, 4 to 5 then authentication is > irratic. It works sometimes and sometimes it does not. > When server load became high to the tune of 16/18, ldap failed > authentication. > > What could be the reason for the above? anyone faced similar issues? I > wouldnt mind looking at commercial alternatives to openLDAP if the above > problems can be sorted out. ofcourse the best would be if the problem > lies with us and not the software as fixing it would be easier than > reinventing the ldap wheel. > > Any and all help is always appreciated. > Abhi, Make sure that you fine tuned your OpenLDAP server: - Berkeley DB configuration - indexes What version of OpenLDAP and BDB are you using? If your LDAP server is properly tuned I would second Jens. Your hardware may not be suitable anymore for your environment. How many users do you support? How many LDAP operations/min. does your server handle? What is your hardware configuration? Have you looked at loadbalancing solution such as LVS and KeepAlived/UltraMonkey? Hope this helps. Sam
Attachment:
signature.asc
Description: This is a digitally signed message part