I have never had any problems up until now with syncrepl. 1 consumer is always in sync, yet the 2 newer ones start out in sync but after about 10 minutes they don't sync at all. It is always fixed by restarting slapd on the 2 problem consumers.
Various debugging and tcpdumps just confirm that it isn't staying in sync but nothing as far as errors. This same configuration is running on another instance (although openldap 2.3.27, db-4.4.20) with 1 provider and 9 consumers without any issues.
Configuration :
1 provider 3 consumers
All are openldap-2.3.32 with db-4.4.20 plus the 4 patches.
provider config :
database monitor access to dn.subtree=cn=monitor by dn.exact=cn=Manager,dc=company,dc=com write by dn.subtree=dc=company,dc=com read by * none
access to dn="" by * read access to attrs=userPassword by self write by dn="cn=Manager,dc=company,dc=com" write by anonymous auth by * none access to * by self write by dn="cn=Manager,dc=company,dc=com" write by * none
access to attrs=userPassword by self write by anonymous auth by dn.base="cn=dcAuth,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" write by * none access to * by self write by dn.base="cn=dcAuth,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" write by * read
access to * by dn="cn=replicator,ou=Service,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" write by * read
database bdb suffix "dc=company,dc=com"
overlay ppolicy ppolicy_default "cn=dc,ou=Policies,dc=company,dc=com"
rootdn "cn=Manager,dc=company,dc=com" rootpw {crypt}asdf directory /blah/openldap/var/openldap-data
overlay syncprov syncprov-checkpoint 10 60 syncprov-sessionlog 500
# Indices to maintain for this database index objectClass eq,pres index sudoUser eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index entryUUID eq index entryCSN eq
consumer config (same on all 3, except for rid)
database monitor access to dn.subtree=cn=monitor by dn.exact=cn=Manager,dc=company,dc=com write by dn.subtree=dc=company,dc=com read by * none
access to dn="" by * read access to attrs=userPassword by self write by dn="cn=Manager,dc=company,dc=com" write by anonymous auth by * none access to * by self write by dn="cn=Manager,dc=company,dc=com" write by * none
access to attrs=userPassword by self write by anonymous auth by dn.base="cn=dcAuth,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" write by * none access to * by self write by dn.base="cn=dcAuth,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" write by * read
access to * by dn="cn=replicator,ou=Service,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" write by * read
database bdb suffix "dc=company,dc=com" overlay ppolicy ppolicy_default "cn=dc,ou=Policies,dc=company,dc=com" rootdn "cn=Manager,dc=company,dc=com" rootpw {crypt}adsf directory /blah/openldap/var/openldap-data
# Indices to maintain for this database index objectClass eq,pres index sudoUser eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index entryUUID eq
syncrepl rid=2 provider=ldaps://10.0.0.1 type=refreshAndPersist retry=60,10,300,3 searchbase="dc=company,dc=com" filter="(objectClass=*)" scope=sub schemachecking=off bindmethod=simple binddn="cn=replicator,ou=Service,ou=Applications,ou=Prod,ou=Project,dc=company,dc=com" credentials=adsf