[Pkg-openldap-devel] Bug#731795: failures under load with slapd in wheezy
John Jasen
jjasen at gmail.com
Mon Dec 9 20:35:24 UTC 2013
Package: slapd
Version: 2.4.31-1+nmu2
Placing the slapd server under load, at somewhere between 512 and 1024
simultaneous connections (using TLS, may be higher unencrypted), you
will end up see variations of:
"ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
Under simple tests, I've seen these occur for anywhere between 5 and 50%
of the connection attempts.
I have been able to replicate this on systems ranging from a VM with
256M of ram to an 8GB physical server to a 24GB 12 CPU system (2
physical, 6 cores each), and it all fails in the same range of connections.
Recommendation:
Upgrade to slapd-2.4.38 in jessie and wheezy-backports.
According to the openldap changelogs
(http://www.openldap.org/software/release/changes.html), the following
fix was included in openldap 2.4.32:
"Fixed slapd-bdb/hdb cache hang under high load (ITS#7222)"
I downloaded and compiled openldap 2.4.38 on a 256MB VM system, using
the same configuration options Debian uses. Under current tests, it has
survived over 16k connections without any errors. This is a factor of
4, and still going.
More information about the Pkg-openldap-devel
mailing list