[Fedora-directory-users] temporary resource unavailable problem with fedora directory server
Rich Megginson
rmeggins at redhat.com
Tue Mar 11 13:04:50 UTC 2008
M Vallapan wrote:
> How do you figure out which clients are grabbing the available
> connections and not letting go ? Could you please provide an example ?
>
Take a look at the directory server access log. When a client first
connects, you will see the connection logged with the client's IP
address. The connection will be assigned a number (conn=4364 for
example). Then search through the access log from that point looking
for conn=XXXX to see all operations on that connection. You should
eventually see a disconnect. If you do not, find out what client is on
the other end of that connection (by IP address or by the types of
operations it performs).
> On Sat, Mar 1, 2008 at 2:32 AM, Rich Megginson <rmeggins at redhat.com> wrote:
>
>> M Vallapan wrote:
>> > Thanks ! the settings you mentioned work, but only for some time then
>> > the problem arises again. then I have to manually restart fedora-ds to
>> > break off all the idle sessions for it to be okay again for a little
>> > while. How do I go about this ?
>> >
>> First, figure out what the clients are which are grabbing all of the
>> available connections and not letting them go . . .
>>
>> The server does not close idle connections until some other connection
>> is made. So you could use ldapsearch to write a script that "pings" the
>> server every few minutes to force it to close idle connections.
>>
>>
>>
>> > On Wed, Feb 27, 2008 at 1:31 AM, Rich Megginson <rmeggins at redhat.com> wrote:
>> >
>> >> Low Kian Seong wrote:
>> >> > Wow ... a bit of ip information there could someone please take out
>> >> > the last email i sent ? How do i request an email be removed ?
>> >> >
>> >> And in your reply, you copied the entire previous message - I've
>> >> contacted Red Hat support to remove the messages from the archive. But
>> >> there is no way to revoke the messages once they are sent.
>> >>
>> >> This information is interesting:
>> >>
>> >>
>> >> ----- Total Connection Codes -----
>> >>
>> >> B1 11480 Bad Ber Tag Encountered
>> >> U1 5877 Cleanly Closed Connections
>> >> T1 2187 Idle Timeout Exceeded
>> >>
>> >> B1 usually means the client just exit()'ed without first calling close()
>> >> or shutdown() on the TCP/IP socket. Which is fine. It's the T1 which
>> >> are odd. Of these 2187, 1864 come from the same client:
>> >>
>> >> 13800 XXX.XXX.XXX.129
>> >>
>> >> 8254 - B1 Bad Ber Tag Encountered
>> >> 3608 - U1 Cleanly Closed Connections
>> >> 1864 - T1 Idle Timeout Exceeded
>> >>
>> >> Take a look at the access log where you get the T1 error upon
>> >> disconnect. You want to find out what the conn=XXXXX is. From there,
>> >> go back in the access log looking for the operations on that
>> >> connection. What are they? What application are they from? Why is
>> >> that application opening connections and just leaving them open? If it
>> >> is a monitoring application like nagios, you will need to increase the
>> >> idle timeout for that application. You can do this by using a dedicated
>> >> BIND dn for that application, then you can increase the idle timeout for
>> >> that user without affecting any of the other users - see
>> >> http://tinyurl.com/2sy8bl
>> >>
>> >> If you have a lot of applications that open connections and leave them
>> >> open for a long time, you will need to figure out how many file
>> >> descriptors you need for other clients, and you will need to increase
>> >> the number of file descriptors available for the directory server as
>> >> well as the size of the directory server connection table -
>> >> http://tinyurl.com/35qddb and
>> >> http://directory.fedoraproject.org/wiki/Performance_Tuning#Linux
>> >>
>> >> See http://tinyurl.com/35qddb for real time server connection monitoring
>> >> information.
>> >>
>> >>
>> >>
>> >> --
>> >> Fedora-directory-users mailing list
>> >> Fedora-directory-users at redhat.com
>> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> >>
>> >>
>> >>
>> >
>> > --
>> > Fedora-directory-users mailing list
>> > Fedora-directory-users at redhat.com
>> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> >
>>
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>>
>>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080311/8440f35d/attachment.bin>
More information about the 389-users
mailing list