At 11:27 AM 2/7/2006, Ramseyer, Ken wrote:And of course, a moderately powerful machine can easily service thousands of searches per second. So the other question is,
Can OpenLDAP (slapd) be protected from a runaway client process that
repeatedly calls ldap_search thousands of times a second?
IIRC, slapd(8) will attempt to prevent a single connection to consume more than half thread pool. Of course, client which consumes half the thread pool for even short periods of time can adversely affect service to other clients.
Beyond this, no other slapd(8) features come to mind.
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/