Hi Liam,
IMHO you'd be better off using a hardware/software failover device. There are several free linux based ones that will run on commodity or dedicated hardware.
Then you have complete control of the failover policy. Using a single app server to provide failover for some other app server(s) is like cracking walnuts with a ming vase. It will work until it breaks.
Software like pfSense works at a low level, does ip pooling, and itself can be made redundant.. And run as an appliance on vmware etc.,
Ditto setting up 2 new servers with centos/redhat you get LVS, but is a bit harder to configure unless you are willing to spend the extra time learning how..
The openldap code probably is not ideal the way you are using it, probably because other people in the past have not done failover like you are doing it..
Cheers Brett
On 24/08/2012, at 7:22 PM, Liam Gretton liam.gretton@leicester.ac.uk wrote:
On 24/08/2012 12:48, harry.jede@arcor.de wrote:
I am really not astonished about your results. Run your tests again, but use "reject" as iptables target.
"drop" means, that you never ever get an answer.
Ok, tried that.
For scenario 1, search against slapd times out after about 3s, doesn't attempt to contact host1.
For scenario 3 it makes no difference, after about 15 mins slapd times out against host1 and contacts host2 instead.
-- Liam Gretton liam.gretton@le.ac.uk HPC Architect http://www.le.ac.uk/its IT Services Tel: +44 (0)116 2522254 University of Leicester, University Road Leicestershire LE1 7RH, United Kingdom