Re: slapd-mdb network performance

On Nov 6, 2013, at 14:26, Quanah Gibson-Mount quanah@zimbra.com wrote:

--On Wednesday, November 06, 2013 6:48 PM +0000 "Jancewicz, Russell" russell.jancewicz@uconn.edu wrote:

...

Just before turning to this list i gave one last shot in the dark attempt running my query using the rootDN. This produced the expected results.

When queried with a typical account DN my system was transmitting around 2.0Mbps to the remote client. When queried with the rootDN my system was transmitting around 100Mbps to the client.

The rootdn bypasses all ACL evaluation. Do you have complex ACLs?

--Quanah

--

Quanah Gibson-Mount Architect - Server Zimbra, Inc.

---

Zimbra :: the leader in open source messaging and collaboration

The system currently has around 30 olcAccess stanzas, the majority of which utilize the set notation to grant access based on groups. I decided it might be wise to test the speed of the search using ldapi:/// and the account and it does appear to suffer from the same latency issues, so I this does likely stem from ALCs.

Is there any cpu tuning or ACL tuning I should do to improve the overall response time? I haven't adjusted the stock threads and am running on a virtual machine with 2 VCPUs (though i suspect a single request would only spawn a single thread). with regard to ACLs would it be better to use groups or individual olcAccess lines per account?

-Russell J. Jancewicz University of Connecticut