Error: [ldap] All ldap connections are in use

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Nov 21 14:15:17 CET 2012


On 21 Nov 2012, at 13:00, Phil Brown <phil.brown at port.ac.uk> wrote:

> We have started seeing problems our radius server with the Error
> "Error:   [ldap] All ldap connections are in use"
> 
> We have  increased the "ldap_connections_number" from 5 to 20 which has
> largely resolved the issue.
> 
> we now receive over 100,000 authentications a day, is there any guide
> to "ldap_connections_number"  for the number of authentications or
> should we just keep increasing the number until the issue goes away

For 2.0 I would usually make it as big as the thread pool. The only reason to make it smaller
is if processing that many requests in parallel has a negative impact on the overal
TPS (transactions per second) of the LDAP server, or if you get so few requests sent via 
a connection that it gets cleaned up via some intermmediary bit of networking equipment.

If you have the time/resources you could do a plot of increasing numbers of parallel requests
vs overall TPS, and find the sweet spot for your specific LDAP cluster/server.

If you upgrade to 3.0 the connection pool code there allows you to specify
elastic pools which automatically add or remove connections to/from the connection
pool to cope with the current server load.

-Arran


More information about the Freeradius-Users mailing list