Thanks ! the settings you mentioned work, but only for some time
then
the problem arises again. then I have to manually restart fedora-ds to
break off all the idle sessions for it to be okay again for a little
while. How do I go about this ?
First, figure out what the clients are which are grabbing all of the
available connections and not letting them go . . .
The server does not close idle connections until some other connection
is made. So you could use ldapsearch to write a script that "pings" the
server every few minutes to force it to close idle connections.
On Wed, Feb 27, 2008 at 1:31 AM, Rich Megginson <rmeggins(a)redhat.com> wrote:
> Low Kian Seong wrote:
> > Wow ... a bit of ip information there could someone please take out
> > the last email i sent ? How do i request an email be removed ?
> >
> And in your reply, you copied the entire previous message - I've
> contacted Red Hat support to remove the messages from the archive. But
> there is no way to revoke the messages once they are sent.
>
> This information is interesting:
>
>
> ----- Total Connection Codes -----
>
> B1 11480 Bad Ber Tag Encountered
> U1 5877 Cleanly Closed Connections
> T1 2187 Idle Timeout Exceeded
>
> B1 usually means the client just exit()'ed without first calling close()
> or shutdown() on the TCP/IP socket. Which is fine. It's the T1 which
> are odd. Of these 2187, 1864 come from the same client:
>
> 13800 XXX.XXX.XXX.129
>
> 8254 - B1 Bad Ber Tag Encountered
> 3608 - U1 Cleanly Closed Connections
> 1864 - T1 Idle Timeout Exceeded
>
> Take a look at the access log where you get the T1 error upon
> disconnect. You want to find out what the conn=XXXXX is. From there,
> go back in the access log looking for the operations on that
> connection. What are they? What application are they from? Why is
> that application opening connections and just leaving them open? If it
> is a monitoring application like nagios, you will need to increase the
> idle timeout for that application. You can do this by using a dedicated
> BIND dn for that application, then you can increase the idle timeout for
> that user without affecting any of the other users - see
>
http://tinyurl.com/2sy8bl
>
> If you have a lot of applications that open connections and leave them
> open for a long time, you will need to figure out how many file
> descriptors you need for other clients, and you will need to increase
> the number of file descriptors available for the directory server as
> well as the size of the directory server connection table -
>
http://tinyurl.com/35qddb and
>
http://directory.fedoraproject.org/wiki/Performance_Tuning#Linux
>
> See
http://tinyurl.com/35qddb for real time server connection monitoring
> information.
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users