Re: Long-lived connections with 2.3.x stop returning attributes?

[Howard Chu <hyc@symas.com>]

John Morrissey wrote:
> I have a cluster of several LDAP servers currently running 2.1.30 behind a
> hardware load balancer. I'm working on upgrading them to 2.3.25, but I've
> encountered a problem with long-lived connections. Currently, I only have
> one machine upgraded to 2.3.25.
>
> We have a Perl-based daemon (using Net::LDAP) which can keep a single LDAP
> connection open for several days, or even weeks. It performs synchronous
> searches on this connection at the rate of one or two per second. All of its
> searches match a single entry and it requests two attributes.
>
> After this daemon has been connected to the 2.3.x machine in the cluster for
> about a day, it begins receiving no values in response to its searches. The
> search succeeds and a result (including the found entry's DN) is returned,
> but there are no attributes present.
>
> Any thoughts?
>   

Run the server with debug enabled (-d -1) and keep a log of everything 
up until it first starts misbehaving.  Since it's still returning the 
entries, it sounds like perhaps an ACL problem is kicking in.

--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/