[389-users] openldap client HA for multimaster replication
Christopher Wood
christopher_wood at pobox.com
Fri Jul 6 18:34:33 UTC 2012
On Fri, Jul 06, 2012 at 06:27:31PM +0000, Ryan Palamara wrote:
> I am using a mix of CentOS 5 and 6 servers using openldap for client ldap.
> I have 2 289 Directory servers that are using multi-master replication.
>
>
>
> When dirsrv stops working on the first server listed under URI,
> authentication picks up seamlessly on the second LDAP server listed.
>
> However if the first server is down completely, it then takes a long time
> for authentication for go to the second server.
>
>
>
> Any suggestions on what can be done with openldap, to allow the seamless
> failover to the second server when the first one is down completely?
Depending on how expensive this slow authentication is, you could do anything from a shared IP via haproxy to buy a BigIP pair from F5 and have your load balancer check that the backend ldap daemons are up. Then the frontend will stop using a non-functioning backend for ldap.
>
>
>
>
> Thank you,
>
>
>
> Ryan Palamara
>
> ZAIS Group, LLC
>
> 2 Bridge Avenue, Suite 322
>
> Red Bank, New Jersey 07701
>
> Phone: (732) 450-7444
>
> [1]Ryan.palamara at zaisgroup.com
>
>
>
> --------------------------------------------------------------------------
>
> This e-mail message is intended only for the named recipient(s) above.
> It may contain confidential information. If you are not the intended
> recipient you are hereby notified that any dissemination, distribution
> or copying of this e-mail and any attachment(s) is strictly prohibited.
> If you have received this e-mail in error, please immediately notify
> the sender by replying to this e-mail and delete the message and any
> attachment(s) from your system. Thank you.
>
> This is not an offer (or solicitation of an offer) to buy/sell the
> securities/instruments mentioned or an official confirmation. This is
> not research and is not from ZAIS Group but it may refer to a research
> analyst/research report. Unless indicated, these views are the author's
> and may differ from those of ZAIS Group research or others in the Firm.
> We do not represent this is accurate or complete and we may not update
> this. Past performance is not indicative of future returns.
>
> IRS CIRCULAR 230 NOTICE:.
>
> To comply with requirements imposed by the IRS, we inform you that any
> U.S. federal tax advice contained herein (including any attachments),
> unless specifically stated otherwise, is not intended or written to be
> used, and cannot be used, for the purpose of (i) avoiding penalties
> under the Internal Revenue Code or (ii) promoting, marketing or
> recommending any transaction or matter addressed herein to another
> party. Each taxpayer should seek advice based on the taxpayer's
> particular circumstances from an independent tax advisor.
>
> "ZAIS", "ZAIS Group" and "ZAIS Solutions" are trademarks of ZAIS Group,
> LLC.
>
> References
>
> Visible links
> 1. mailto:Ryan.palamara at zaisgroup.com
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
More information about the 389-users
mailing list