httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph Dane <jd...@hawaii.edu>
Subject Re: mod_ldap maybe feature request
Date Mon, 24 May 2004 22:47:35 GMT
Graham Leggett <minfrin@sharp.fm> writes:

> This bug describes something similar:
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23548

that is indeed quite similar, but not exactly the same.

in that bug, LDAP connections end up in CLOSE_WAIT, probably because
the LDAP server has decided to close the connection, but the apache
child hasn't noticed yet.

> Apparently the apr_reslist functions are the solution for this in apr-util.
>
> The new code does check for errors properly (in theory), so if a
> connection has timed out, it will gracefully disconnect/cleanup that
> connection before trying to use it again, which might solve
> potentional problems you're having.

that would work fine, I think, as long as the timeout calculation
could be done on the apache side.  that is, do not rely on the LDAP
server timing out and handling the reconnect when apache notices that
the connection has been closed.

my problem was that I had a device that turned an apparently valid
TCP connection into a tarpit.  the LDAP server might decide to close
a given connection after 60 minutes, but this device would, after 45
minutes (say) decide to drop the connection, and would do so in a way
(by dropping frames on the floor) that was undetectable by apache.

so it's hard for me to claim that this is a bug in apache, of
course.  and in our case, the problem was solved by having the LDAP
server close the connection sooner, before the device did its evil
business.

still, it would seem to me to be a useful configuration tool to be
able to say something like "don't keep connections to the LDAP server
open longer than N seconds", or something approximating that, anyhow.

-- 

joe

Mime
View raw message