RE: directory server setting fail toterminate idle connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is actually an apache webserver making the connections to directory server.  What I see through tcpdump and netstat is that apache creates an LDAP connection to perform a search, and the connection sits idle for hours in established state.  The webserver eventually re-uses the random port it made the initial request on to talk to a client, so the LDAP connection no longer shoes up as established on the client side.  On the server side, however, it still shows the connection as established forever.  There are many other apache children talking to the same LDAP server in parallel, and the number of open filehandles constantly increases. 

 

I realize that it is possible that the webserver is not properly tearing the connection down or a firewall may be blocking it, but shouldn’t the server application notice that that connection was idle for more than 20min and time it out anyway?

 

From: fedora-directory-users-bounces@xxxxxxxxxx [mailto:fedora-directory-users-bounces@xxxxxxxxxx] On Behalf Of Ulf Weltman
Sent: Friday, August 10, 2007 12:49 PM
To: General discussion list for the Fedora Directory server project.
Subject: Re: directory server setting fail toterminate idle connections

 

Idle timeout enforcement is passive, it occurs when we've polled some activity and we're walking over the connection table.  If you had made an additional connection or sent an operation on another established connection the idle one should have been disconnected.

Brian Fender wrote:

I ran into issues hitting the max filedescriptors setting and found that it was because the server never terminates idle connections.  I have an idle timeout setting of 1200 seconds (20min).  If I make an LDAP request from a client to the directory server, the tcp connection stays in ESTABLISHED state on the server side forever.  I ran tcpdump on the client side and not a single packet of traffic was sent to the server during for hours. 

 

Any idea why this connection would not be terminated after 1200 sec?

 






 
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
  
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux