I first met the problem on a pre-production openldap server. One URI was
corresponding to a load-balancer VIP routing to 2 target LDAP servers. As
both of them were stopped, the vip:port was unreachable. And as this URI was
ahead in the list, all other URI were unreachable either.
I then reproduced the same problem several times adding URI correpond to
non-existant targets at different locations. Returned entries were
systematically coming from URI above the non-existant URI.
Do you need any further information ?
The behavior you describe is a bug. However, I just checked, and
everything seems to work as expected. We definitely need to see your
exact setup (i.e. the slapd.conf of the proxy); also, we need to know the
exact definition of "unreachable". For example, I simply added to an
existing configuration a target that points to a non-existent server,
which is unreachable (connect(2) fails). I didn't check, for example, the
case of a server that results in a hanging connect(2) or so.