cgrosjean(a)janua.fr wrote: > Full_Name: Cyril Grosjean > Version: 2.4.26 > OS: Red Hat Enterprise Linux Server release 5.4 (Tikanga) > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (82.66.198.206) > > > My OpenLDAP server freezes, after a few requests, and I can't > understand why. > I have a few LDAP clients (ldapsearch, a custom Java app. and > ApacheDirectoryStudio), running from different systems, either > locally on the > OpenLDAP server, or on another OpenLDAP server, or on a remote > workstation, and > none manages to get an answer from OpenLDAP. The connection is > established but > each client gets stuck waiting for any result. > > We can reproduce the freeze, after a few requests coming from the > custom Java > application. The problem doesn't occur if we don't use that application. > > > The last time, it occured only a few minutes after the OpenLDAP > daemon was > restarted, under very low load. > I use OpenLDAP 2.4.26, over Red Hat Enterprise Linux Server release 5.4 > (Tikanga), Kernel version 2.6.18-164.el5, amd64 architecture over > VMWare. > I also use BDB 4.8.30, and OpenLDAP's been compiled with the > following options: > > ./configure --prefix=/opt/openldap-2.4.26 --enable-dynamic=yes > --enable-dynlist=yes --enable-memberof=yes --enable-ppolicy=yes > --enable-accesslog=yes --enable-sssvlv=yes > > I noticed only 60 to 70 established connections on port 389 > (according to > netstat) when the freeze occurs. > > The OpenLDAP server is set in syncrepl mirror mode replication, and > the other > OpenLDAP server (only used as a hot stand-by) works fine (but doesn't > receive > any load). However, one can reproduce the problem with replication > disabled. Looks like you have a thread blocked trying to modify a record, while all the other writer threads are blocked waiting for that writer to complete. The output of db_stat -CA would help to indicate why the writer is blocked. It also looks like you've configured your replication with mirrormode and delta-syncrepl. This combination is not yet supported in OpenLDAP, certainly not in 2.4.26. It may be supported in 2.4.27, depending on how our ongoing testing turns out.