>>> Quanah Gibson-Mount <[email protected]> schrieb am 01.12.2020 um 21:15 in Nachricht <8A3F8DDDE068E83FD6E7561D@[192.168.1.156]>:
> > ‑‑On Tuesday, December 1, 2020 8:20 AM +0000 Tero Saarni > <[email protected]> wrote: > >> I tested only with recent releases and git master, not with very old >> versions since they are bit harder to compile with modern distros. But I >> have compared the code from a random historical release. It seems to be >> the same as today. >> >> Quanah also replied "back‑ldap likely needs a task to check for idle >> connections" so I'm bit puzzled if this has worked previously. Maybe >> ldap_back_getconn() can be called in some other scenario also without >> having traffic from client towards the proxy? > > Howard specifically said the following while I was discussing with him: > > ‑‑‑‑‑‑‑‑‑‑‑ > The current idletimeout code in there is pretty useless. It checks the > timestamp the next time a conn is referenced, so if it's never referenced, > the idle timeout never has any effect. If the conn *is* referenced ‑ you > should just use the conn, instead of killing it. > ‑‑‑‑‑‑‑‑‑‑‑ > > So generally, if a load balancer or other traffic shaper is in use that > closes connections silently, set a keepalive. Overall the idle timeout has > little purpose for back‑ldap connections. Hi! Having written an app myself that had the same problem, I just added a timeout thread that watches the time of last activity for each registered connection (which is a thread in my app). If the last activity is too old, the connection is terminated. In OpenLDAP the monitor database shows there is a monitorConnectionActivityTime, so I can imagine this could be fixed ;-) Regards, Ulrich > > > Regards, > Quanah > > > > ‑‑ > > Quanah Gibson‑Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <http://www.symas.com>
