limiting fail timeout for an LDAP module

A.L.M.Buxey at A.L.M.Buxey at
Fri Feb 3 19:01:53 CET 2017


> I am wondering if this is as good as it gets or if there are other
> things to tweak or to try, to get a shorter timeout in this

well, you've set those values to 2 and 2 - so 4 is what you should
expect.... what is the time taken to do a query when the server is working?
you might be able to do a 1s per value, you should also look at using caching
etc to ensure that you hit the LDAP as few times as possible

you have a bad LDAP - what is the issue - why cant it be fixed rather than
putting sticking plasters on rest of intrastrucure... your logs already show a NAS

when no just run a slave OpenLDAP server locally to keep the values you need
on hand and quick?


More information about the Freeradius-Users mailing list