Package: slapd Version: 2.4.31-1+nmu2 Placing the slapd server under load, at somewhere between 512 and 1024 simultaneous connections (using TLS, may be higher unencrypted), you will end up see variations of:
"ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)" Under simple tests, I've seen these occur for anywhere between 5 and 50% of the connection attempts. I have been able to replicate this on systems ranging from a VM with 256M of ram to an 8GB physical server to a 24GB 12 CPU system (2 physical, 6 cores each), and it all fails in the same range of connections. Recommendation: Upgrade to slapd-2.4.38 in jessie and wheezy-backports. According to the openldap changelogs (http://www.openldap.org/software/release/changes.html), the following fix was included in openldap 2.4.32: "Fixed slapd-bdb/hdb cache hang under high load (ITS#7222)" I downloaded and compiled openldap 2.4.38 on a 256MB VM system, using the same configuration options Debian uses. Under current tests, it has survived over 16k connections without any errors. This is a factor of 4, and still going. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
