Hello.
I recently encoutered a poblem that nubmer of concurrent connecitons are decreased in FreeIPA servers.
[Architecutre - replication topology] My replication topology which is circular (ring-shaped), consists of 13 FreeIPA servers. These 13 servers are grouped as 3 clusters, of which members are 5, 4, 4 respectively. NLBs(network load balancers) to share request from clients for ipa login, kerberos authenticaion, ldap connections, are assinged to each cluster. Therefore 3 NLBs have 5, 4, 4 FreeIPA servers as their nlb backend pool, repectively.
This architecture has been worked successfully for 2 years, but recently I encountered a problem that 867 host_add per hours to one cluster results in "# of concurrent connections decrement" for all clusters. Command to get # of concurrent connections is dsconf -D "cn=Directory Manager" ldap://server.example.com monitor server | grep currentconnections: About 2K connections are observed for each servers, by this command.
I also found that if servers which replication info isn't transfered to, this symptom doesn't happen, even though those are in the same replication topology ring. Hence, I guess that "# of concurrent connections decrement" symptom is related to replcation.
I tried to tune the parameters like dtablesize = 65535, repl-release-timeout = 120, nnsslapd-threadnumber = authomatic thread tuning, db and entry cache auto-sizing (nsslapd-cache-autosize = 80, with failure.
I want to ask help to solve this symptom, if posible.
Thank you. JHK