Thanks for your suggestion, but I'm afraid this doesn't apply
to my network situation. All Linux computers are on the same
switch, which is an HP J4093A ProCurve Switch 2424M.
Les Mikesell wrote:
On Tue, 2003-04-01 at 08:03, Maarten Buiter wrote:However, when I turn off the first LDAP server's computer, TCP/IP is no longer able to deny an attempt to make a connection to the LDAP port, and I suspect the pam_ldap module (on a random client PC) to start waiting for ages before it eventually moves to the second server (it does move, but really, it takes very long, and I suspect these delays to accumulate).Is the first ldap server on the other side of a router from the clients? As soon as your arp cache for the IP address times out you should get a quick failure when you attempt to contact a host that is down. Individual hosts typically have fast timeout on their arp cache but routers might keep a dead entry for 20 minutes. If it is a Cisco you can use the command 'clear arp' to make it realize the address is unreachable. --- Les Mikesell les@xxxxxxxxxxxxxxxx _______________________________________________ Pam-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/pam-list
