Discussion:
ldap replication getting lost
val john
2013-08-21 16:20:11 UTC
Permalink
Hi guys im running simple ldap replication setup ,

ldap slave node sites behind the firewall and port 389 is open to all

and my ldap replication works fine for most of the time , (slave node
getting updated real time )

But some times slave just stop getting the update from the master server ,
But when is restart slave ldap server replication start again , .... as
fallows




Aug 21 11:59:24 ldapmirror slapd[18107]: do_syncrep2: rid=004
cookie=rid=004,sid=002,csn=20130821160107.813479Z#000000#002#000000
Aug 21 11:59:24 ldapmirror slapd[18107]: syncrepl_entry: rid=004
LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)
Aug 21 11:59:24 ldapmirror slapd[18107]: <= bdb_equality_candidates:
(entryUUID) not indexed
Aug 21 11:59:25 ldapmirror slapd[18107]: syncrepl_entry: rid=004 be_search
(0)
Aug 21 11:59:25 ldapmirror slapd[18107]: syncrepl_entry: rid=004
uid=user1,ou=staff,dc=example,dc=com
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_queue_csn: queing 0xcc1060
20130821160107.813479Z#000000#002#000000
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_graduate_commit_csn: removing
0xcc0a40 20130821160107.813479Z#000000#002#000000
Aug 21 11:59:25 ldapmirror slapd[18107]: syncrepl_entry: rid=004 be_modify
uid=user1,ou=staff,dc=example,dc=com (0)
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_queue_csn: queing 0xcc1060
20130821160107.813479Z#000000#002#000000
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_graduate_commit_csn: removing
0x1a55a70 20130821160107.813479Z#000000#002#000000


Ldap slave configuration ..

syncrepl rid=004
provider=ldap://ldap.example.com
bindmethod=simple
binddn="cn=admin,ou=staff,dc=example,dc=com"
credentials="passwd"
searchbase="dc=example,dc=com"
schemachecking=off
type=refreshAndPersist
retry="60 +"

mirrormode on




Is there any reason for such behavior , Please advice

Thank You
John
Quanah Gibson-Mount
2013-08-21 16:42:51 UTC
Permalink
--On Wednesday, August 21, 2013 9:50 PM +0530 val john
Hi  guys im running simple ldap replication setup ,
ldap slave node sites  behind the firewall and port 389 is open to all
OpenLDAP version?

--Quanah


--

Quanah Gibson-Mount
Lead Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
Marco Schirrmeister
2013-08-21 17:02:18 UTC
Permalink
Post by val john
Hi guys im running simple ldap replication setup ,
ldap slave node sites behind the firewall and port 389 is open to all
and my ldap replication works fine for most of the time , (slave node getting updated real time )
But some times slave just stop getting the update from the master server , But when is restart slave ldap server replication start again , .... as fallows
Check with your firewall administrator about the idle session timeout.
Firewalls will always terminate idle sessions at one point.

If that is the case I would enable tcp keepalives that there is always a little traffic.
Ashok Kumar Shah
2013-09-14 08:30:03 UTC
Permalink
I have similar problem where replication seems to be stuck.
Replication lags keeps on growing continuously and the only solution that
works is restarting slave ldap server.

The below message keeps popping up.

slap_client_connect:
URI=ldaps://ldap.xxxxx.comDN="cn=admin,dc=xxxxxx,dc=com"
ldap_sasl_bind_s failed (-1)
do_syncrepl: rid=011 rc -1 retrying


Openldap Version: 2.4.23

Thanks,
Ashok


On Wed, Aug 21, 2013 at 10:32 PM, Marco Schirrmeister <
Post by val john
Post by val john
Hi guys im running simple ldap replication setup ,
ldap slave node sites behind the firewall and port 389 is open to all
and my ldap replication works fine for most of the time , (slave node
getting updated real time )
Post by val john
But some times slave just stop getting the update from the master
server , But when is restart slave ldap server replication start again ,
.... as fallows
Check with your firewall administrator about the idle session timeout.
Firewalls will always terminate idle sessions at one point.
If that is the case I would enable tcp keepalives that there is always a little traffic.
Quanah Gibson-Mount
2013-09-16 16:18:25 UTC
Permalink
--On Saturday, September 14, 2013 2:00 PM +0530 Ashok Kumar Shah
Openldap Version: 2.4.23
Your issue was known fixed in a later release. I would suggest, as I
repeatedly do, that you use a current build.

--Quanah


--

Quanah Gibson-Mount
Lead Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
Ashok Kumar Shah
2013-09-16 16:28:17 UTC
Permalink
Thanks. yup i will upgrade to the latest stable.

~Ashok
--On Saturday, September 14, 2013 2:00 PM +0530 Ashok Kumar Shah <
Openldap Version: 2.4.23
Your issue was known fixed in a later release. I would suggest, as I
repeatedly do, that you use a current build.
--Quanah
--
Quanah Gibson-Mount
Lead Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
Ulrich Windl
2013-08-22 05:57:30 UTC
Permalink
Hi!

The interesting log entries are when replication hangs: Inspect the logs of all servers.
Also if running Linux you could try an strace on the hanging process or try "lsof" (which also shows network connections). "netstat" may also show the state of any connections. If it doesn't help you need to increase debug logs levels I guess.

Regards,
Ulrich
Post by val john
Hi guys im running simple ldap replication setup ,
ldap slave node sites behind the firewall and port 389 is open to all
and my ldap replication works fine for most of the time , (slave node
getting updated real time )
But some times slave just stop getting the update from the master server ,
But when is restart slave ldap server replication start again , .... as
fallows
Aug 21 11:59:24 ldapmirror slapd[18107]: do_syncrep2: rid=004
cookie=rid=004,sid=002,csn=20130821160107.813479Z#000000#002#000000
Aug 21 11:59:24 ldapmirror slapd[18107]: syncrepl_entry: rid=004
LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)
(entryUUID) not indexed
Aug 21 11:59:25 ldapmirror slapd[18107]: syncrepl_entry: rid=004 be_search
(0)
Aug 21 11:59:25 ldapmirror slapd[18107]: syncrepl_entry: rid=004
uid=user1,ou=staff,dc=example,dc=com
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_queue_csn: queing 0xcc1060
20130821160107.813479Z#000000#002#000000
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_graduate_commit_csn: removing
0xcc0a40 20130821160107.813479Z#000000#002#000000
Aug 21 11:59:25 ldapmirror slapd[18107]: syncrepl_entry: rid=004 be_modify
uid=user1,ou=staff,dc=example,dc=com (0)
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_queue_csn: queing 0xcc1060
20130821160107.813479Z#000000#002#000000
Aug 21 11:59:25 ldapmirror slapd[18107]: slap_graduate_commit_csn: removing
0x1a55a70 20130821160107.813479Z#000000#002#000000
Ldap slave configuration ..
syncrepl rid=004
provider=ldap://ldap.example.com
bindmethod=simple
binddn="cn=admin,ou=staff,dc=example,dc=com"
credentials="passwd"
searchbase="dc=example,dc=com"
schemachecking=off
type=refreshAndPersist
retry="60 +"
mirrormode on
Is there any reason for such behavior , Please advice
Thank You
John
Loading...