Re: (ITS#7013) OpenLDAP freezes and doesn't respond - openldap-bugs

29 Aug 2011


      Thank you for your answer.
We actually could not wait for a solution or workaround anymore, due to 
the project planning and
the time we spent trying to find a solution with OpenLDAP.
So, we decided to test replacing OpenLDAP by OpenDJ, and the tests give 
pretty good results: we don't have the problem anymore.
Howard Chu a écrit :
...
cgrosjean@janua.fr wrote:
...
Full_Name: Cyril Grosjean
Version: 2.4.26
OS: Red Hat Enterprise Linux Server release 5.4 (Tikanga)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (82.66.198.206)
My OpenLDAP server freezes, after a few requests, and I can't 
understand why.
I have a few LDAP clients (ldapsearch, a custom Java app. and
ApacheDirectoryStudio), running from different systems, either 
locally on the
OpenLDAP server, or on another OpenLDAP server, or on a remote 
workstation, and
none manages to get an answer from OpenLDAP. The connection is 
established but
each client gets stuck waiting for any result.
We can reproduce the freeze, after a few requests coming from the 
custom Java
application. The problem doesn't occur if we don't use that application.
The last time, it occured only a few minutes after the OpenLDAP 
daemon was
restarted, under very low load.
I use OpenLDAP 2.4.26, over Red Hat Enterprise Linux Server release 5.4
(Tikanga), Kernel version 2.6.18-164.el5, amd64 architecture over 
VMWare.
I also use BDB 4.8.30, and OpenLDAP's been compiled with the 
following options:
./configure --prefix=/opt/openldap-2.4.26 --enable-dynamic=yes
--enable-dynlist=yes --enable-memberof=yes --enable-ppolicy=yes
--enable-accesslog=yes --enable-sssvlv=yes
I noticed only 60 to 70 established connections on port 389 
(according to
netstat) when the freeze occurs.
The OpenLDAP server is set in syncrepl mirror mode replication, and 
the other
OpenLDAP server (only used as a hot stand-by) works fine (but doesn't 
receive
any load). However, one can reproduce the problem with replication 
disabled.
Looks like you have a thread blocked trying to modify a record, while 
all the other writer threads are blocked waiting for that writer to 
complete. The output of db_stat -CA would help to indicate why the 
writer is blocked.
It also looks like you've configured your replication with mirrormode 
and delta-syncrepl. This combination is not yet supported in OpenLDAP, 
certainly not in 2.4.26. It may be supported in 2.4.27, depending on 
how our ongoing testing turns out.