I have similar problem where replication seems to be stuck.

Replication lags keeps on growing continuously and the only solution that works is restarting slave ldap server.

The below message keeps popping up.

slap_client_connect: URI=ldaps://ldap.xxxxx.com DN="cn=admin,dc=xxxxxx,dc=com" ldap_sasl_bind_s failed (-1)

do_syncrepl: rid=011 rc -1 retrying

Openldap Version: 2.4.23

Thanks,

Ashok

On Wed, Aug 21, 2013 at 10:32 PM, Marco Schirrmeister <marco@schirrmeister.net> wrote:

On 21.08.2013, at 18:20, val john <valjohn1647@gmail.com> wrote:

> Hi guys im running simple ldap replication setup ,
>
> ldap slave node sites behind the firewall and port 389 is open to all
>
> and my ldap replication works fine for most of the time , (slave node getting updated real time )
>
> But some times slave just stop getting the update from the master server , But when is restart slave ldap server replication start again , .... as fallows

Check with your firewall administrator about the idle session timeout.
Firewalls will always terminate idle sessions at one point.

If that is the case I would enable tcp keepalives that there is always a little traffic.