Hello,
Here at UCI we have just deployed syncrepl to replicate our LDAP directory. Unfortunately, we use an old directory structure (PH/QI) for our master database, and ldap gets updates from that system in batch. The batch process updates our master LDAP server, and syncrepl is used to push the changes out to all the other LDAP servers. This causes somewhere around 100 to 1000 entries to be updated all at once (out of 80k + entries in the LDAP directory).
The problem we are experiencing is that when a syncrepl slave receives a bunch of updates, queries to these slaves slow down tremendously. We are talking going from a sub second query time for a single LDAP entry, to, in some cases, over 20 seconds response time for simple queries. This is causing all sorts of problems for us. One thing to note: the master does basically the same updates, but through an normal ldap client, rather than through syncrepl -- and it does not experience this slowness.
We are using BDB, Openldap ver. 2.3.28 and our syncrepl entry looks something like this:
syncrepl rid=11 provider=ldap://ldap3.nac.uci.edu:389 type=refreshAndPersist interval=0:00:00:05 searchbase="OU=University of California Irvine, O=University of California, C=US" filter="(objectClass=*)" scope=sub schemachecking=off sizelimit=0 timelimit=0 updatedn="cn=root,OU=University of California Irvine, O=Universi ty of California, C=US" bindmethod=simple binddn="uid=nsp,OU=University of California Irvine, O=University of California, C=US" credentials="REMOVED" starttls=yes retry=1,2,3,4,5,+
Any help would be appreciated,
-Paul Main Network and Academic Computing Services University of California, Irvine