Hi,
We have a four-node MultiMaster setup, symas 2.5.14, and everyhing seems to work perfectly now. With some (highly appreciated) help from this list.
However, there is one observation we don't understand, that we would appreciate feedback on. On directory edits, such as a password change, using the rootDN:
ldappasswd -H ldaps://ldap01.company.com -D "cn=admin,o=company,c=com" -W -S "uid=username,ou=Users,o=company,c=com" New password: <new_userpw> Re-enter new password: <new_userpw> Enter LDAP Password: <very_secret_root_pw>
we always receive several (mostly three, sometimes four) of these messages instantly:
do_syncrep2: rid=212 CSN too old, ignoring 20230710140929.887114Z#000000#0de#000000 (uid=username,ou=Users,o=company,c=com)"
But actually: content *is* replicated instantly (within the same second) and the actual served contents between the four ldap (MultiMaster) servers matches. The RID changes, and is always one of the configured replication lines, and the date/time on the four involved hosts is in sync.
Is this 'just an informational message', and 'normal', and should we ignore it? Or is it something to worry about and investigate further?
In the latter case, of course I will share our configs, which are taken from https://www.openldap.org/doc/admin25/replication.html#N-Way%20Multi-Master
As otherwise everything seems to be working correctly, I don't expect major issues there. (but again: of course willing to share!)
--On Tuesday, July 11, 2023 2:26 PM +0200 cYuSeDfZfb cYuSeDfZfb cyusedfzfb@gmail.com wrote:
Hi,
We have a four-node MultiMaster setup, symas 2.5.14, and everyhing seems to work perfectly now. With some (highly appreciated) help from this list.
But actually: content *is* replicated instantly (within the same second) and the actual served contents between the four ldap (MultiMaster) servers matches. The RID changes, and is always one of the configured replication lines, and the date/time on the four involved hosts is in sync.
Is this 'just an informational message', and 'normal', and should we ignore it? Or is it something to worry about and investigate further?
Yes, it's informational. Think of it this way:
Server A receives the modification. Servers B, C, D, replicate the change. Server A sees that a change was made on Server B, then sees it's too old and discards it. Same happens when Server A sees the change show up on Servers C & D as well. And same thing happens for B with servers C & D, and Server C with B & D, etc. The replication protocol can be very chatty with MMR because it's constantly noting it is skipping changes it already received.
--Quanah
openldap-technical@openldap.org