LDAP timeouts during failure conditions

Alexander Clouter alex at digriz.org.uk
Tue Jun 28 21:01:45 CEST 2011

Phil Mayers <p.mayers at imperial.ac.uk> wrote:
>> I'd really like 3.0 to have generic connection pools.  That would 
>> solve this problem by having common code, instead of stuff in 
>> rlm_sql, rlm_ldap, etc.
> Do you have any pointers how to get started on this? Off the top of my 
> head it seems we'd need something like the code below; a struct to hold 
> module-supplied connection create/keepalive/delete functions, some code 
> in the server core to set and re-set "last used" times and call a 
> keepalive function, and delete
I probably would not bother with keep alive (or 'last used').  I would 
imagine in practice your 'idle' time should be shorter that any NAT or 
server daemon concept of idleness?  What I'm trying to say is the cost 
of an open idle link is low, tearing it down and rebuilding it is...if 
the connection has been idle for a long time the server (or 
NAT/firewall) would have probably killed it.

If you really want keep alives, it probably would be better to go for 
SO_KEEPALIVE (as NOOP as you can get)?  No doubt this would have to be 
done in the driver rather than the layer you are constructing?

As a passing not, I susepect you do not care for async LDAP queries?  
It's probably the only database FreeRADIUS supports that supports this 
anyway so probably not worth thinking about.


Alexander Clouter
.sigmonster says: Don't read everything you believe.

More information about the Freeradius-Devel mailing list