[Fedora-directory-devel] Re: Please Review: Add LDAPI (LDAP over unix domain sockets)
Howard Chu
hyc at symas.com
Wed Feb 21 01:21:45 UTC 2007
> Date: Mon, 19 Feb 2007 14:08:16 -0800
> From: Pete Rowley <prowley at redhat.com>
> This is a feature that exists in OpenLDAP (but has no RFC that I am aware of).
> Heimdal uses this feature exclusively for its directory interactions (making it
> incompatible with other LDAP directories), and Samba testing is often performed
> over unix domain sockets (a convenience for them). There are advantages: no TCP
> overhead for local connections
This turns out to be pretty significant too - using TCP connections to
localhost, a connection soak test will use up all available port numbers in a
matter of seconds, after which all connection attempts fail. (Because there
is a mandatory 2MSL timeout before a closed port may be made available for
reuse.) Using ldapi we can process thousands of connections per second
indefinitely. (Perhaps someone ought to suggest to the kernel folks that a
2MSL timeout on loopback sockets is unnecessary, since presumably the TCP
close handshake can't get misrouted/lost there. ;)
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the Fedora-directory-devel
mailing list