Hi List,

I have trouble with my fresh setup openLDAP Master/Slave sync.

The slave stops syncing every few hours with the message shown below. If I restart the slave things start working again. I monitored the network connectivity between th hosts and there is no issue with that.

Debug output running slapd -d 256 -d 128
5b23c9dc do_syncrep2: rid=001 (-1) Can't contact LDAP server
5b23c9dc do_syncrepl: rid=001 rc -1 retrying (4 retries left)

/var/log/syslog
Jun 15 16:14:52 ldap-server slapd[5178]: do_syncrep2: rid=001 (-1) Can't contact LDAP server
Jun 15 16:14:52 ldap-server slapd[5178]: do_syncrepl: rid=001 rc -1 retrying (4 retries left)

I'm running
Ubuntu 16.04.4
openLDAP 2.4.42 (from Ubuntu repository)
on both servers.

I setup the sync using these LDIFs on the master.

dn:
        olcDatabase={1}mdb,cn=config

changetype:
        modify

delete:
        olcAccess

olcAccess:
        {0}

-

add:
        olcAccess

olcAccess:
        {0}to
        attrs=userPassword,shadowLastChange

  by
        dn="cn=admin,dc=domain,dc=com" write

  by
        dn="cn=replicator,dc=domain,dc=com" write

  by
        self write

  by
        anonymous auth

  by *
        none

-

delete:
        olcAccess

olcAccess:
        {2}

-

add:
        olcAccess

olcAccess:
        {2}to
        *

  by
        dn="cn=admin,dc=domain,dc=com" manage

  by
        dn="cn=replicator,dc=domain,dc=com" manage

  by
        self write

  by
        anonymous auth

  by
        users read

dn:
        cn=module{0},cn=config

changetype:
        modify

add:
        olcModuleLoad

olcModuleLoad: syncprov.la

dn:
        olcDatabase={1}mdb,cn=config

changetype:
        modify

add:
        olcDbIndex

olcDbIndex:
        entryUUID,entryCSN eq

dn:
        olcOverlay=syncprov,olcDatabase={1}mdb,cn=config

changetype:
        add

objectClass:
        olcOverlayConfig

objectClass:
        olcSyncProvConfig

olcOverlay:
        syncprov

On the Slave I imported these LDIFs

dn:
        cn=module{0},cn=config

changetype:
        modify

add:
        olcModuleLoad

olcModuleLoad: syncprov.la

dn:
        olcDatabase={1}mdb,cn=config

changetype:
        modify

add:
        olcDbIndex

olcDbIndex:
        entryUUID,entryCSN eq

dn:
        olcDatabase={1}mdb,cn=config

changetype:
        modify

add:
        olcSyncRepl

olcSyncRepl:
        rid=001

  provider=ldap://ldap-master.domain.com/

  bindmethod=simple

  binddn="cn=replicator,dc=domain,dc=com"

  credentials=PASSWORD

  searchbase="dc=domain,dc=com"

  scope=sub

  schemachecking=on

  type=refreshAndPersist

  retry="30 5 300 3"

  interval=00:00:00:30

  starttls=yes

  tls_reqcert=allow

I'm really new to openLDAP so please let me know how to provide additional Info if you need them.

Thanks and best regards,
Kai