--On Tuesday, March 26, 2019 8:58 AM +0100 Ulrich Windl
> I recommend always defining a keepalive interval in the syncrepl
> to avoid these types of issues.
> usually works well, unless the device is configured to close idle
> connections at less than a 5 minute interval.
I don't understand that: Keepalive (as I know it) has nothing to do with
idle connections, but only with dead connections. And what's the magic
with 5 minutes?
You're understanding is generally incorrect. The paramater is called "keep
alive" and not "kill dead" for a reason. When using refreshAndPersist
connections in an environment where you have a traffic device (such as an
F5), the devices are often configured to terminate idle connections after
some period of time (which often defaults to 5 minutes). By configuring a
keepalive in the syncrepl stanza, the connection appears "alive" to the
traffic device even if there is no replication traffic occurring. Thus
There is a *secondary* benefit, in that it does also allow slapd to detect
if a connection was severed, and so re-establish a new connection in that
case, but the primary purpose is to keep it from ever getting severed in
the first place.
If you have no "keepalive" set, and the traffic device severs the
connection, slapd cannot detect this, and will think it's still connected
and no replication will occur until slapd is restarted.
I.e., the primary purpose is to keep the connection alive.
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: