[389-users] openldap client HA for multimaster replication
Howard Chu
hyc at symas.com
Fri Jul 6 22:31:35 UTC 2012
> Date: Fri, 06 Jul 2012 12:29:55 -0600
> From: Rich Megginson <rmeggins at redhat.com>
> On 07/06/2012 12:27 PM, Ryan Palamara wrote:
>> >
>> > I am using a mix of CentOS 5 and 6 servers using openldap for client
>> > ldap. I have 2 289 Directory servers that are using multi-master
>> > replication.
>> >
>> > When dirsrv stops working on the first server listed under URI,
>> > authentication picks up seamlessly on the second LDAP server listed.
>> >
>> > However if the first server is down completely, it then takes a long
>> > time for authentication for go to the second server.
>> >
>> > Any suggestions on what can be done with openldap, to allow the
>> > seamless failover to the second server when the first one is down
>> > completely?
>> >
>
> Can you explain exactly what you mean by "stops working" and "down
> completely"? I'm not sure why that would make a difference.
When the host is down, the TCP connect request must timeout before the client
library will see a failure and move on to the next server. When the host is up
but the directory server is down, the host will immediately send a TCP
connection refused, so the client will switch immediately.
The solution is to look into the LDAP network timeout option, to tell the
OpenLDAP library to wait for a shorter amount of time for the connection
attempt. (LDAP_OPT_NETWORK_TIMEOUT)
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the 389-users
mailing list