I'm a bit confused as to your exact problem.
By default, LDAP queries time out after 6 seconds. (ldap_query_timeout). Is your problem that LDAP queries are taking too wrong to run? More than 6 seconds? And because of that, they're timing out?
Or are you saying after a period of perceived inactivity, your NAT setup on your network switch gets dropped, so you need some sort of keep-alive in order to keep this NAT mapping alive at all times?
Spike
On Sun, Sep 1, 2024 at 8:28 PM Jaehwan Kim espoire@samsung.com wrote:
Hello.
We've got a number (thousands) of hosts inside a private network of cloud environment. These all query the FreeIPA server for user and group information using NAT and a gateway server. However we're having issues with the LDAP queries timing out or becoming unresponsive due to NAT timeout. In order to prevent hosts (clients) from being disconnected due to NAT timeout, we wish to try some sssd timeout values. Because we have difficulty to find out proper timeout of sssd.conf.5 manual pages (website), can you advice us on the proper timeout or propose other way?
Thank you. JHK -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue