Dave Horsfall wrote:
On Thu, 19 Jul 2007, Howard Chu wrote:
What I am seeing is a timeout of a minute before switching to Server2.
That would be normal when trying to contact a nonexistent host, and depends entirely on your kernel's TCP stack/connection timeouts. As already noted, you can explicitly set a shorter timeout using LDAP_OPT_NETWORK_TIMEOUT.
Which I've now built into our applications, as OpenLDAP itself would appear to have no support for this situation. I suppose I should contribute a patch or something, along the lines of "CONN_TIMEOUT 5" etc.
That is definitely something we consider to be application-specific. Building the setting into your app is the correct solution.
In general, settings in the config file must always be overridable, so a new config option would also need to provide a new command line argument for the ldap* tools.
Otherwise, you might find yourself unable to ldapsearch a distant LDAP server because your timeout that you tuned for your local servers is too short...