--On Friday, May 24, 2024 1:14 PM -0700 Christopher Paul chris.paul@rexconsulting.net wrote:
On 5/24/2024 12:06 PM, Quanah Gibson-Mount wrote:
I would also note, that in OpenLDAP 2.6+, "standard" syncrepl is the safer replication mechanism for multi-provider environments. While in the past, I always went with delta-syncrepl, for my last roles, I've used OpenLDAP 2.6 + standard syncrepl.
I find standard syncrepl is often best, since it's so much simpler to set up. And many sites only have single digit megabytes or less amount of write traffic per day. Of course not all (like a telco I know well), but if the amount of write traffic is low, then delta-syncrepl is an unnecessary complication. In a recent client I worked for who has servers in three continents, we were able to maintain total consistency within 1 second, for any given change.
In OpenLDAP 2.3 and OpenLDAP 2.4, it was not safe to use syncrepl. A lot of work went into improving both delta-sync and syncrepl in OpenLDAP 2.5, but some innate issues with delta-syncrepl leave standard syncrepl the best option at this time. A lot of work was also done on the syncrepl side to reduce its traffic overhead compared to prior releases. So what is best to use varies significantly depending on the release series. At this point, I generally recommend 2.6 for deployments, and using syncrepl for replication.
--Quanah