> On 2 Sep 2021, at 00:50, Michael Starling <mlstarling31@xxxxxxxxxxx> wrote: > > Thank you, Paul. > > This is our current setting. Looks like we are at 5 minutes so we should be ok. > > net.ipv4.tcp_keepalive_intvl = 75 > net.ipv4.tcp_keepalive_probes = 9 > net.ipv4.tcp_keepalive_time = 300 There are also a number of IO tuning options for connection life inside LDAP you can tune to help discard and cycle out stale connections quicker. https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/configuration_command_and_file_reference/core_server_configuration_reference#cnconfig-nsslapd_ioblocktimeout_IO_Block_Time_Out If we receive a partial message, how long to wait for the remaining components to be recieved. https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/configuration_command_and_file_reference/core_server_configuration_reference#cnconfig-nsslapd_idletimeout_Default_Idle_Timeout If a client is idle with no messages being received, how long before we disconnect them. https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/configuration_command_and_file_reference/core_server_configuration_reference#cnconfig-nsslapd_conntablesize Maximum number of connections. IIRC this might be automatically set from FD's in the system, but if not you may need to set this to probably 80% of your FD limit frlom the systemd service tunings you have provided. Hope that helps, -- Sincerely, William Brown Senior Software Engineer, Identity and Access Management SUSE Labs, Australia _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure