 | | | OpenLDAP/nss_ldap Weirdness | OpenLDAP/nss_ldap Weirdness 2003-04-20 - By Dan
Back
Hi all.
I am using OpenLDAP from shrike as an LDAP Server for my network. All
User/Group information is stored in the directory.
Here is the problem:
After a seemingly random period of time, the machine running OpenLDAP
refuses to accept any more connections, hence user/group lookups for
the entire network fail. The machine in question has been up for 8 days,
and this has occured 3 or 4 times during that period. Looking in the
logs on that machine i see:
Apr 21 08:40:23 server slapd[29945]: warning: cannot open
/etc/hosts.allow: Too many open files
I ran netstat on the same machine, which revealed THOUSANDS of LDAP
connections in various states (All consuming file descriptors - Hence
the "Too many open files " error). Restarting OpenLDAP remedies this,
ableit temorarily.
On one of the client machines (also running shrike) i did this:
# netstat | grep ldap | wc -l
2154
This tells me the client has in the order of 2000 connections to the
LDAP server. Some were in state CLOSE_WAIT or other states so this
number possibly is not 100% accurate.
On a client 8.0 machine, I finger/id some users who exist only in the
directory. Running netstat on the server showed that the 8.0 machine had
no lingering/remaining connections whatsoever.
Perfrorming a similar test on a 9.0 Shrike machine, netstat shows
several lingering/remaining connections.
I am still investigating this issue. An almost identical set up, using
8.0 and a P166/64Meg box (The current machine has slightly higher
specs), never had any such problems. I will likely revert to this
configuration for the mean time.
Meanwhile, has anyone encountered anything like this? Anyone shed any light?
Cheers,
Dan
|
|
|