From: Quanah Gibson-Mount quanah@zimbra.com To: espeake@oreillyauto.com, openldap-technical@openldap.org Date: 06/10/2015 04:09 PM Subject: Re: Syncrepl issue with one node
--On Tuesday, June 09, 2015 8:50 AM -0500 espeake@oreillyauto.com wrote:
We are running openLDAP 2.4.39 in an MMR replication on Ubuntu 14.04. I have one node that is not wanting to sync with other nodes giving the following error:
Jun 9 06:51:35 tn-ldap-a-1 slapd[3138]: do_syncrep2: rid=005 CSN too
old,
ignoring 20150609115135.153480Z#000000#003#000000
As you can see the CSN shows the exact same time the time that is being logged. We are in the U.S. Central timezone. I have checked our ntp service on my three nodes. All three are pointed to the same ntp and are in sync. Would be possible that one node might still be just a few miliseconds too fast and the csn timestamp would appear wrong? Is there
a
logging level I can set for that specific issue? I am currently logging the sync records. I can go to debug in needed.
a) Please don't resend your emails to the list. The first one got through fine, which you could easily verify by looking at the list archives.
b) Not enough information provided here to go on. Are all server IDs unique? Are all syncrepl clauses unique per DB? Personally I've never found ntpd particularly good at keeping clocks in sync. I've generally resorted to running ntpdate frequently out of cron, particularly for VMs.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
All of the nodes have unique ID's:
olcServerID: 1 ldap://tn-ldap-a-1.mydomain.com olcServerID: 2 ldap://tn-ldap-a-2.mydomain.com olcServerID: 3 ldap://tn-ldap-a-3.mydomain.com
Each database has it's one Syncrepl clause 001, 002,& 003 rids sync configuraiton changes, and 004,005, & 006 sync the user data.
All configuration changes replicate with no issue. Data changed on servers 2&3 replicate between each other, but server 1 gives the CSN too old error. If I change user data on node 1 it replicates to nodes 2 & 3 with no issues.
I stopped the ntp service on the offending node and ran ntpdate-debian. I still get the CSN too old errors in the logs.
Is there a setting in the syncrepl that I can use to expand out the window for a CSN "age"? Below is the configuration I have for user data.
olcSyncrepl: {0}rid=004 provider=ldap://tn-ldap-a-1.mtdomain.com binddn="uid=admin,dc=mydomain,dc=com" bindmethod=simple credentials=secret searchbase="dc=mydomain,dc=com" type=refreshAndPersist retry="5 5 5 +" timeout=1
Thank you, Eric
This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS � 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.