I am testing an OpenLDAP server with 3000 fake 'people' entries, but it does not perform as well as I would expect. I have added some tweaks based on my research of the documentation. Is there anything I am missing here? Is there any way to further tune this setup?
I have written a script to test the directory. It is written in PHP using the standard LDAP libraries. Both the script, and the LDAP server are running on the same box. The script is calling the server via the public interface (not the loopback) using standard port 80. It basically does a search on a matching query. The search query was "sn=BE*". Below is the info for my setup:
Linux Debian etch system
OpenLDAP version: # /usr/sbin/slapd -V @(#) $OpenLDAP: slapd 2.3.30 (Mar 9 2007 05:43:02) $
Here are my additions to the slapd.conf file (other than these, the file is essentially like the default):
. . . . TLSCipherSuite HIGH TLSCACertificateFile /etc/ldap/demoCA/cacert.pem TLSCertificateFile /etc/ldap/newcert.pem TLSCertificateKeyFile /etc/ldap/newreq.pem TLS_REQCERT never
############################################### # Performance tweaks added by me -JLP
index sn subinitial
cachesize 100000 dbcachesize 1000000
# Tells openldap how many threads to use # more does not necessarily mean better performance unless you have multiple cpus threads 8
# Tells slapd to close connections that have been idle for 30 seconds or more. idletimeout 30
# Tells slapd to store the 20,000 most used IDL's frequented when accessing entries in memory. idlcachesize 20000 EOF
tia,
Jason