Vampire D wrote:
We will not be using LDAP in the traditional sense.
Instead of authentication, we will be using it to perform lookups upon
incoming mail.
We plan on having tens of thousands of email addresses stored in LDAP,
every message that comes in is verified via LDAP that it is allowed,
and then it is processed by our system. We plan on caching entries
(positive and negative) for 24 hours, so as long as the look up has
been done in the last 24 hours and the 1M record cache isn't exhausted
it will not perform a look up. This should cut down a lot of the
demand. Initially we are looking at about 100k lookups an hour, as we
expand the service that can go up by 50-100k at a time.
It isn't clear to me how often you'll be adding, deleting or modifying
the LDAP entries.
Your search workload seems very low -- you should be able to achieve on
the order
of 10-50k searches/s on modern hardware with on the order of a million
entries.
However, like all databases that use a WAL, you will struggle to achieve
a few
hundred writes/s without very high end storage hardware (solid state
disks for example).
It may not be worthwhile caching search results inside your application
because
the LDAP server is caching too. You'd only save the network round trip
overhead.
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
