directory server setting fail toterminate idle connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is actually an apache webserver making the connections to directory
server.  What I see through tcpdump and netstat is that apache creates
an LDAP connection to perform a search, and the connection sits idle for
hours in established state.  The webserver eventually re-uses the random
port it made the initial request on to talk to a client, so the LDAP
connection no longer shoes up as established on the client side.  On the
server side, however, it still shows the connection as established
forever.  There are many other apache children talking to the same LDAP
server in parallel, and the number of open filehandles constantly
increases.  

 

I realize that it is possible that the webserver is not properly tearing
the connection down or a firewall may be blocking it, but shouldn't the
server application notice that that connection was idle for more than
20min and time it out anyway?

 

________________________________

From: fedora-directory-users-bounces at redhat.com
[mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Ulf
Weltman
Sent: Friday, August 10, 2007 12:49 PM
To: General discussion list for the Fedora Directory server project.
Subject: Re: directory server setting fail
toterminate idle connections

 

Idle timeout enforcement is passive, it occurs when we've polled some
activity and we're walking over the connection table.  If you had made
an additional connection or sent an operation on another established
connection the idle one should have been disconnected.

Brian Fender wrote: 

I ran into issues hitting the max filedescriptors setting and found that
it was because the server never terminates idle connections.  I have an
idle timeout setting of 1200 seconds (20min).  If I make an LDAP request
from a client to the directory server, the tcp connection stays in
ESTABLISHED state on the server side forever.  I ran tcpdump on the
client side and not a single packet of traffic was sent to the server
during for hours.  

 

Any idea why this connection would not be terminated after 1200 sec?

 



________________________________



 
--
Fedora-directory-users mailing list
Fedora-directory-users at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20070813/fb18d8b6/attachment.html
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux