>> >> I suspect that solutions to this problem probably falls outside of what can be configured in 389? > >While it's not a 389-specific suggestion, iptables could easily solve >this problem for you across the board. :) Do you have thoughts on criteria for iptables... how do you differentiate between 800 healthy connections and 800 duff ones if both have an ESTABLISHED state? Do you just assume it will never be that much and limit accordingly or do you do time limit to say that connections should never be maintained longer than x minutes and require clients to re-establish connections? Regards ________________________________________________________________________ In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses. ________________________________________________________________________ -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users