Hi community,

I have implemented two "OpenLDAP mirror directories": ldaps://ldap1 and ldaps://ldap2 (version 2.4.44) and a LDAP proxy with back_ldap + overlay pcache (version 2.4.44).

I am trying to understand behaviors on the LDAP proxy:

1 - I don't succeed to configure a failover switch between OpenLDAP backends. The proxy switches too quickly due to a network disconnection (for example, network stays unavailable during n second).
I would be interested whether there is a way to better control the switch even after network failure, for example, adding LDAP new parameters in order to send 3 attempts before performing failover.


2 - After that, when  the network is up again and the first directory "ldap1" is back, new requests with already established connection to ldap1 are directed again to directory "ldap1"
Is it possible to make all the trafic stay on ldap2?
Is there a way to close open connections to ldap1 directory when the proxy switches to the ldap2 directory?


3. Finally, Is there a way to switch to the second directory when queries are too slow in the first directory?


Thanks in advance.