[Date Prev][Date Next] [Chronological] [Thread] [Top]

Syncrepl losing connection

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Syncrepl losing connection
From: Nick Milas <nick@eurobjects.com>
Date: Wed, 1 Mar 2017 08:48:02 +0200
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eurobjects.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Date:Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Ed8Ngxjf1c3PZ48Q44i+dkzYpwRHMKDILyMAez5BZOQ=; b=sm0GfyT1k5SWof9XyQ2hCdWLII JEfrPW04YNPlGzCcUwosW0iXXkyTpRkFJaUFGaZaG5Pw8ryngETH0WkSlkrkl1vSK4QIYOkBvkN2s O/0WiPleMfXwvqGk5mMFSxViNqoL/XUoBPBo4QTPyUd7mLItxbW/hxxGdQl1i9OSwohhjZ+prMO6R R8uzKdDBx0dSVQhMg3117G9V9trSi5s1+89IcvCeOKEaWLIM1s6aaeNYwTY9yVNKBKet/8uRCaDsy PJbD4SIrsu3DoH8zD2mNPmTdKribSTfebAU+gpPJPXqtyKcTBtCPDTEcoaEaDtNDjRhkPz8k6U+jY xPfmJEkQ==;
User-agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1

Hello,

I have recently installed two syncrepl consumers using 2.4.44 on CentOS7 using LTB rpm packages.

I am almost daily facing issues with consumers losing connection to themaster. I always have to restart the consumer in order to re-establishconnection.

Note 1: These two consumers have replaced two older ones running 2.4.39LTB (and earlier versions) on CentOS 5 without any such issues.


Note 2: Master is using 2.4.44 version as well (but on CentOS 5).

Is this a known bug or I need to change/add something in the config whenusing this OpenLDAP version so that the problem gets resolved?

Below follows a log example from one of them (it includes my restart tore-establish connection):


OpenLDAP Log excerpt:
===========================================================================

Feb 28 16:19:20 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEFeb 28 16:19:20 vdns slapd[10375]: do_syncrep2: rid=353cookie=rid=353,csn=20170228140139.002723Z#000000#000#000000Feb 28 16:19:20 vdns slapd[10375]: slap_queue_csn: queueing0x7f9314225d90 20170228140139.002723Z#000000#000#000000Feb 28 16:19:20 vdns slapd[10375]: slap_graduate_commit_csn: removing0x7f9314225d90 20170228140139.002723Z#000000#000#000000

Feb 28 16:19:21 vdns slapd[10380]: [OK] OpenLDAP started

Feb 28 18:19:23 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverFeb 28 18:19:23 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Feb 28 18:20:23 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEFeb 28 20:20:37 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverFeb 28 20:20:37 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Feb 28 20:21:37 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEFeb 28 22:21:52 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverFeb 28 22:21:52 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Feb 28 22:22:52 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEMar 1 00:23:06 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverMar 1 00:23:06 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Mar 1 00:24:06 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEMar 1 02:24:21 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverMar 1 02:24:21 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Mar 1 02:25:21 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEMar 1 04:25:35 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverMar 1 04:25:35 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Mar 1 04:26:35 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEMar 1 06:26:50 vdns slapd[10375]: do_syncrep2: rid=353 (-1) Can'tcontact LDAP serverMar 1 06:26:50 vdns slapd[10375]: do_syncrepl: rid=353 rc -1 retrying(14 retries left)Mar 1 06:27:50 vdns slapd[10375]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEMar 1 08:17:54 vdns slapd[18585]: [INFO] Using /etc/default/slapd forconfiguration

Mar  1 08:17:54 vdns slapd[18590]: [INFO] Halting OpenLDAP...
Mar  1 08:17:54 vdns slapd[10375]: daemon: shutdown requested and initiated.

Mar 1 08:17:54 vdns slapd[10375]: slapd shutdown: waiting for 1operations/tasks to finish

Mar  1 08:17:54 vdns slapd[10375]: slapd stopped.
Mar  1 08:17:55 vdns slapd[18594]: [OK] OpenLDAP stopped after 1 seconds
Mar  1 08:17:55 vdns slapd[18595]: [INFO] No data backup done

Mar 1 08:17:55 vdns slapd[18607]: [INFO] Using /etc/default/slapd forconfigurationMar 1 08:17:55 vdns slapd[18612]: [INFO] Launching OpenLDAPconfiguration test...Mar 1 08:17:56 vdns slapd[18626]: [OK] OpenLDAP configuration testsuccessful

Mar  1 08:17:56 vdns slapd[18637]: [INFO] No db_recover done
Mar  1 08:17:56 vdns slapd[18638]: [INFO] Launching OpenLDAP...
Mar  1 08:17:56 vdns slapd[18639]: [OK] File descriptor limit set to 1024

Mar 1 08:17:56 vdns slapd[18640]: @(#) $OpenLDAP: slapd 2.4.44 (Feb 152016 11:14:35)$#012#011clement@centos7.unix.example.com:/home/clement/build/BUILD/openldap-2.4.44/servers/slapd

Mar  1 08:17:56 vdns slapd[18641]: slapd starting

Mar 1 08:17:56 vdns slapd[18641]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - SYNC_ID_SETMar 1 08:17:56 vdns slapd[18641]: do_syncrep2: rid=353LDAP_RES_INTERMEDIATE - REFRESH_DELETEMar 1 08:17:56 vdns slapd[18641]: do_syncrep2: rid=353cookie=rid=353,csn=20170301060829.837823Z#000000#000#000000Mar 1 08:17:56 vdns slapd[18641]: slap_queue_csn: queueing0x7f33f4225d90 20170301060829.837823Z#000000#000#000000Mar 1 08:17:56 vdns slapd[18641]: slap_graduate_commit_csn: removing0x7f33f4225d90 20170301060829.837823Z#000000#000#000000

Mar  1 08:17:57 vdns slapd[18646]: [OK] OpenLDAP started

===========================================================================

Configuration on this consumer:
===========================================================================

include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/eduperson.schema
include /usr/local/openldap/etc/openldap/schema/postfix.schema
include /usr/local/openldap/etc/openldap/schema/dyngroup.schema
include /usr/local/openldap/etc/openldap/schema/misc.schema
include /usr/local/openldap/etc/openldap/schema/ppolicy.schema
include /usr/local/openldap/etc/openldap/schema/schac-20090326-1.4.0.schema
include /usr/local/openldap/etc/openldap/schema/dnsdomain2.schema
include /usr/local/openldap/etc/openldap/schema/proftpd-quota.schema
include /usr/local/openldap/etc/openldap/schema/kerberos.schema
include /usr/local/openldap/etc/openldap/schema/localemail.schema
include /usr/local/openldap/etc/openldap/schema/entryaccess.schema
include /usr/local/openldap/etc/openldap/schema/radius.schema

pidfile         /usr/local/openldap/var/run/slapd.pid
argsfile        /usr/local/openldap/var/run/slapd.args

modulepath      /usr/local/openldap/lib64

loglevel sync

sizelimit unlimited
timelimit unlimited

TLSCACertificateFile /usr/local/openldap/etc/openldap/cacerts/DigiCertCA.crt

TLSCertificateFile/usr/local/openldap/etc/openldap/cacerts/vdns_noa_gr-1058189.crtTLSCertificateKeyFile/usr/local/openldap/etc/openldap/cacerts/vdns_noa_gr-1058189.key


TLSVerifyClient never

database     mdb

suffix       "dc=noa,dc=gr"
rootdn       "cn=Manager,dc=noa,dc=gr"

rootpw       {SSHA}<SECRET>

include      /usr/local/openldap/etc/openldap/acl.conf

directory    /usr/local/openldap/var/mdb

maxsize      10737418240

index   objectClass              eq,pres
index   cn                       eq,pres,sub
index   uid                      eq,pres
index   ou                       eq,pres
index   owner                    eq
index   entryCSN,entryUUID       eq
index   associatedDomain         pres,eq,sub
index   dc                       eq

syncrepl rid=353
        provider=ldaps://ldap.noa.gr
        type=refreshAndPersist
        tls_reqcert=never
        retry="60 15 180 +"
        searchbase="dc=noa,dc=gr"
        schemachecking=off
        bindmethod=simple
        binddn="uid=syncuser,dc=noa,dc=gr"
        credentials="secret"

database monitor

access to *
   by dn.exact="cn=Manager,dc=noa,dc=gr" read
   by * none
===========================================================================

Please let me know of any hint/advice to resolve this issue!

Thanks in advance,
Nick

Prev by Date: How correctly convert ldif dump size to mdb olcDbMaxSize value
Next by Date: Re: RE24 testing call (2.4.45) LMDB RE0.9 testing call (0.9.20)
Index(es):
- Chronological
- Thread