[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Antw: slapd-mdb network performance
My very first guess is that openLDAP does access checking for every entry and attribute that matches your filter criteria. rootDN is probably checked first and fastest...
>>> "Jancewicz, Russell" <russell.jancewicz@uconn.edu> schrieb am 06.11.2013 um
19:48 in Nachricht <50804E7D-6AEB-4480-8B45-FB24E35014CC@ad.uconn.edu>:
> Hello,
>
> I am experiencing a bit of an issue with mdb network traffic.
> When I request large queries (entire subtrees) from remote hosts my searches
> take hundreds of times longer to complete than they do if I search on the
> local machine (in all expect for one case).
>
> I have attempted to tune the kernel network settings, adjusted tx buffer
> sizes all to no avail.
>
> Just before turning to this list i gave one last shot in the dark attempt
> running my query using the rootDN. This produced the expected results.
>
> When queried with a typical account DN my system was transmitting around
> 2.0Mbps to the remote client.
> When queried with the rootDN my system was transmitting around 100Mbps to
> the client.
>
> The system has an olcLimits rule allowing unlimited time and size to the
> account "typical account" I was testing with.
> ' olcLimits: dn.children="ou=accounts,dc=example,dc=com" time=unlimited
> size=unlimited '
>
> Clearly the server is capable of serving data to the remote machine at
> 100Mbps (given that the rootDN has done so)
>
> I cannot for the life of me find a configuration option or setting would
> should be impacting the transmission bandwidth of searches.
> Any help or advice of where I should be looking would be greatly
> appreciated.
> I have included the relevant cn=config information below.
>
> Thank you,
> -Russell J. Jancewicz
> University of Connecticut
>
> OpenLDAP: slapd 2.4.36 (Sep 19 2013 11:16:48) $
>
> dn: olcDatabase={1}mdb,cn=config
> objectClass: olcDatabaseConfig
> objectClass: olcMdbConfig
> olcDatabase: mdb
> olcDbDirectory: /srv/ldap/example.com
> olcSuffix: dc=example,dc=com
> # ... olcAccess
> olcLimits:
> {0}dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
> time=unlimited size=unlimited
> olcLimits: {1}dn.children="ou=accounts,dc=example,dc=com" time=unlimited
> size=unlimited
> olcRootDN: cn=root,dc=example,dc=com
> olcDbCheckpoint: 512 30
> olcDbNoSync: FALSE
> olcDbMaxSize: 8589934592