Hi,

I have a simple syncrepl setup that kind of works but every two hours there is a syncing problem from the log on the consumer side:

Jul 14 01:09:57 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 01:09:57 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 03:11:12 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 03:11:12 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 05:12:26 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 05:12:26 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 07:13:41 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 07:13:41 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 09:14:55 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 09:14:55 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 11:16:10 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 11:16:10 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 13:17:24 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 13:17:24 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 15:18:39 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 15:18:39 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left) Jul 14 17:19:53 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't contact LDAP server Jul 14 17:19:53 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 retrying (29 retries left)

log from the provider looks better:

Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 fd=20 ACCEPT from IP=x.x.x.x:1093 (IP=0.0.0.0:389) Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=0 BIND dn="cn=replica,dc=mydomain,dc=com" method=128 Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=0 BIND dn="cn=replica,dc=mydomain,dc=com" mech=SIMPLE ssf=0 Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=0 RESULT tag=97 err=0 text= Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=1 SRCH base="dc=mydomain,dc=com" scope=2 deref=0 filter="(objectClass=*)" Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=1 SRCH attr=* +

Here is the configuration for the consumer:

dn: olcDatabase={1}bdb,cn=config objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: {1}bdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=mydomain,dc=com olcAddContentAcl: FALSE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcRootDN: cn=Manager,dc=mydomain,dc=com olcSyncUseSubentry: FALSE olcSyncrepl: {0}rid=002 provider="ldap://ldaprov1.prod:389/" type=refreshAndPe rsist retry="60 30 300 +" searchbase="dc=mydomain,dc=com" bindmetho d=simple binddn="cn=replica,dc=mydomain,dc=com" credentials=mypasswor d olcMonitoring: TRUE olcDbCacheSize: 1000 olcDbCheckpoint: 1024 15 olcDbNoSync: FALSE olcDbDirtyRead: FALSE olcDbIDLcacheSize: 0 olcDbIndex: objectClass pres,eq olcDbIndex: cn pres,eq,sub olcDbIndex: uid pres,eq,sub olcDbIndex: uidNumber pres,eq olcDbIndex: gidNumber pres,eq olcDbIndex: mail pres,eq,sub olcDbIndex: ou pres,eq,sub olcDbIndex: loginShell pres,eq olcDbIndex: sn pres,eq,sub olcDbIndex: givenName pres,eq,sub olcDbIndex: memberUid pres,eq,sub olcDbIndex: nisMapName pres,eq,sub olcDbIndex: nisMapEntry pres,eq,sub olcDbIndex: entryCSN eq olcDbIndex: entryUUID eq olcDbLinearIndex: FALSE olcDbMode: 0600 olcDbSearchStack: 16 olcDbShmKey: 0 olcDbCacheFree: 1 olcDbDNcacheSize: 0

And from the consumer side everything looks good if I manual ldapsearch with the replica account "cn=replica,dc=mydomain,dc=com"

Can anyone shed some lights on how to troubleshoot this kind of problems?

Thanks, Daniel