[Pkg-openldap-devel] Bug#660917: Bug#660917: fileno ulimit regression: slapd rejects connections approaching 1024 simultaneous connections
Chris Hiestand
chiestand at salk.edu
Thu Feb 23 01:28:14 UTC 2012
On Feb 22, 2012, at 3:55 PM, Quanah Gibson-Mount wrote:
> I would note the only reason this is being hit at all is because slapd has been linked to tcpwrappers. I personally frown on such linking, as you can do much more sophisticated filtering at the ACL level in OpenLDAP, and all it does is create issues such as this one. If you aren't using hosts.{allow,deny} then rebuild w/o the tcpwrappers linking, and this problem will disappear entirely.
>
> --Quanah
I think this is a reasonable suggestion and iptables is another suitable alternative for this functionality.
However, this doesn't address my concern by itself. When I removed the link to tcpwrappers (by setting --disable-wrappers in debian/configure.options) I still hit a ceiling at ~1130 connections:
> Feb 21 15:08:59 test slapd[449]: daemon: accept(8) failed errno=24 (Too many open files)
If I raise the nofiles limit to 2048, I hit the ceiling around 2160 connections. nofiles limit 8192: ceiling ~8300.
-Chris
More information about the Pkg-openldap-devel
mailing list