[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP hangs requiring slapd stop and deleting __db.00* files



On Mon, 2005-03-28 at 05:11, Abhishek Daga wrote:
> We have been running a virtual, multi domain mail server with the 
> following configuration.
> Redhat 9, Postfix, Courier, openLDAP, Spamassassin, Razor, squirrelmail, 
> amavis, maildrop.
> openLDAP is used for authentication.
> 
> Facing the following issues with openLDAP from time to time.
> 
> a) OpenLdap seems to get locked up every once in a while. i.e. While the 
> process is running, it fails to authenticate.
> Because process is still running, our monitoring system, Monit, does not 
> recognize that as a failure.
> 
> Then we need to stop slapd. delete the /usr/var/openldap-data/__db.00* 
> files, restart ldap for it to start working again.
> 
> 
> b) When the server load becomes high, 4 to 5 then authentication is 
> irratic. It works sometimes and sometimes it does not.
> When server load became high to the tune of 16/18, ldap failed 
> authentication.
> 
> What could be the reason for the above? anyone faced similar issues? I 
> wouldnt mind looking at commercial alternatives to openLDAP if the above 
> problems can be sorted out. ofcourse the best would be if the problem 
> lies with us and not the software as fixing it would be easier than 
> reinventing the ldap wheel.
> 
> Any and all help is always appreciated.
> 

Abhi,

Make sure that you fine tuned your OpenLDAP server:
- Berkeley DB configuration
- indexes

What version of OpenLDAP and BDB are you using?

If your LDAP server is properly tuned I would second Jens. Your hardware
may not be suitable anymore for your environment.

How many users do you support? How many LDAP operations/min. does your
server handle? What is your hardware configuration? Have you looked at
loadbalancing solution such as LVS and KeepAlived/UltraMonkey?

Hope this helps.

Sam

Attachment: signature.asc
Description: This is a digitally signed message part