[EXT] Multiple LDAP servers best practice
Tony Skalski
ajs at stolaf.edu
Wed Feb 15 21:42:56 UTC 2023
We do have "idle_timeout = 60" set, but also "lifetime = 0". Does "lifetime
= 0" mean 0 seconds or infinite?
And we are on the RH-approved 3.0.20.
On Wed, Feb 15, 2023 at 3:27 PM Alan DeKok <aland at deployingradius.com>
wrote:
> On Feb 15, 2023, at 3:59 PM, Tony Skalski via Freeradius-Users <
> freeradius-users at lists.freeradius.org> wrote:
> >
> > Thanks for the ideas! I am curious, say I start FR and I have 4
> connections
> > open to 4 unique ldap servers (start = 4), what methodology does FR use
> to
> > select a connection to use?
>
> It tries to use the same one over and over. The reason is that it's
> likely to be faster.
>
> If that one is in use, it picks the next-most recently used.
>
> > Notwithstanding issues with the LDAP servers, given I have "min = 3", I
> > would expect there to be a minimum of 3 connections at all times,
> correct?'
>
> Mostly. If you also set "idle_timeout", it will close connections.
>
> > Are there any scenarios where FR will violate that? We had a wireless
> > outage this morning and when I first checked I noticed there were 0
> > connections to our ldap servers - it wasn't an LDAP outage as other
> > services did not have any issues. An FR restart got FR reconnected.
>
> I haven't seen that. Are you using 3.2.1?
>
> Alan DeKok.
>
>
--
*Tony Skalski (he/him/his)*
System Administrator | IT
Office: 507-786-3227 <(507)786-3227>
1510 St. Olaf Avenue Northfield, MN 55057
stolaf.edu
More information about the Freeradius-Users
mailing list