> > > > > > I am doing some basic testing with ldap with this command. > > > > > > ldclt \ > > > -a 400 \ > > > -H ldap://x.x.x.x:xxxx \ > > > -e bindeach,bindonly,close \ > > > -D "uid=test,dc=me,dc=local" \ > > > -w yyyyyy \ > > > -n 1 > > > > > > I was testing this on two container test environments. Both are > running > > > with ~500MB, 1 core. > > > > > > 1. alpine - slapd 2.6.3, mdb still with default slapd.conf > > > ldclt[5594]: Average rate: 12627.00/thr (1262.70/sec), total: 12627 > > > ldclt[5594]: Average rate: 0.00/thr ( 0.00/sec), total: 0 > > > ldclt[5594]: All threads are dead - exit. > > > > > > 2. alpine - slapd 2.6.6, mdb configured with acl's, ssl, modules etc. > > > ldclt[8900]: Average rate: 1495.00/thr ( 149.50/sec), total: 1495 > > > ldclt[8900]: Average rate: 1498.00/thr ( 149.80/sec), total: 1498 > > > ldclt[8900]: Average rate: 1490.00/thr ( 149.00/sec), total: 1490 > > > > > > What should I be expecting from this? It looks like maybe slapd of 1. > > is > > > not 100% with this 'threads are dead' messages. While slapd of 2. > with > > > 150 req/sec is that to be expected normal? > > > > Doing a search on self gives me values that I would expect more (2 > being > > faster than 1) > > > > -e esearch \ > > -f '(&(objectClass=xxxx)(cn=test))' \ > > -D "cn=test,dc=me,dc=local" \ > > -b "cn=test,dc=me,dc=local" \ > > > > 1. > > ldclt[8415]: Average rate: 54358.00/thr (5435.80/sec), total: 54358 > > ldclt[8415]: Average rate: 53850.00/thr (5385.00/sec), total: 53850 > > ldclt[8415]: Average rate: 53957.00/thr (5395.70/sec), total: 53957 > > ldclt[8415]: Average rate: 54594.00/thr (5459.40/sec), total: 54594 > > > > 2. > > ldclt[8223]: Average rate: 90102.00/thr (9010.20/sec), total: 90102 > > ldclt[8223]: Average rate: 93745.00/thr (9374.50/sec), total: 93745 > > ldclt[8223]: Average rate: 92066.00/thr (9206.60/sec), total: 92066 > > ldclt[8223]: Average rate: 91523.00/thr (9152.30/sec), total: 91523 > > ldclt[8223]: Average rate: 96301.00/thr (9630.10/sec), total: 96301 > > > > Any ideas why these binds on 2. could be so slow? > > > > > > > Binds are always going to be > > slower than other operations since they involve things such as TLS (if > > used), DNS, and other items. Well written LDAP clients bind, and then > > use > > a persistent connection to do their operations. > > I just searched a bit and did some requests on https files and it looks > like most are reporting results between 100 - 200. So I guess this is > sort of ok.
So probably it would be faster if I authenticate users via a 'manager' bind and wich has access to user dn/passwords? Or is it possible to use an existing bind and 'switch' to a different user bind?
