Tero Saarni wrote: > Hi, > > As a user of slapd-ldap I've bumped into few corner cases related to handling > retries and timeouts [1][2][3][4]. I think it demonstrates how non-trivial > problem proxying really is, even if it might seem quite simple for casual user > at first. While working with a patch for [1] I was wondering following: > > My use case: > > I have many proxies in the network: one per Kubernetes cluster, but large > number of clusters in the network. I'd like to reduce the number of long- > running connections to centralized server to the absolute minimum. The number > of concurrent TCP connections handled by the remote LDAP server is the > bottleneck. Optimally, all connections should be dropped as soon as client > is done with the LDAP query.
In any heavily loaded environment you'll find that connection establishment becomes serious overhead in itself. Thus it's better to aim for longer lived connections that get reused as much as possible. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
