Hello OpenLDAP-technical list,
I'm curious about community perspectives on a specific LDAP replication
timeout and network-timeout settings:
Setting "timeout=0" or "network-timeout=0" within a syncrepl/olcSyncrepl
definition for replication settings is not the best practice for LAN
environments. These parameters, when set to zero, instruct syncrepl to
wait indefinitely for connections and replication operations to conclude.
Within a LAN context, establishing new connections should ideally occur
in less than a second. Delays beyond a couple of seconds should kick in
the retry logic. This suggests that a more fitting network-timeout range
is between 1 to 5 seconds.
Concerning the "timeout" parameter, the ideal range might be between 60
to 120 seconds, to handle operations exceeding a minute, but again,
kicking in retry logic if they exceed two minutes. I admit that my
stance on the "timeout" setting is tentative, given that search
operation duration hinges more on the provider's responsiveness rather
than network speed alone.
This approach ensures that LDAP replication remains both responsive and
resilient, without compromising on efficiency or performance. Thoughts?
--
Chris Paul | Rex Consulting |https://www.rexconsulting.net