You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2009/02/21 12:12:20 UTC
DO NOT REPLY [Bug 46749] New: Ldap cache cleaning is broken when
LDAPSharedCacheSize is too small
https://issues.apache.org/bugzilla/show_bug.cgi?id=46749
Summary: Ldap cache cleaning is broken when LDAPSharedCacheSize
is too small
Product: Apache httpd-2
Version: 2.3-HEAD
Platform: PC
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_ldap
AssignedTo: bugs@httpd.apache.org
ReportedBy: sf@sfritsch.de
util_ald_cache_purge() is only called when the max number of entries as defined
by LDAPCacheEntries/ LDAPOpCacheEntries is reached. If LDAPSharedCacheSize is
too small and the max number of entries is never reached, the ldap cache is
never purged and the cache hit rate drops rapidly.
The comment "/* should be safe to add an entry */" in util_ldap_cache_mgr.c is
simply wrong. At the very least, there should be a warning logged when memory
allocation fails. Also, a cache purge should be triggered in this case. When
the cache is filled less than the 3/4 watermark, it is not possible to do the
normal purge. In this case it may make sense to just purge the whole cache.
This will still yield a higher cache hit rate than leaving old entries in the
cache indefinitely.
Maybe the LDAPCacheEntries/ LDAPOpCacheEntries could also be adjusted
automatically, but this may be problematic as (AFAICS) all caches share the
same shared memory segment.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 46749] Ldap cache cleaning is broken when
LDAPSharedCacheSize is too small
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46749
--- Comment #3 from Justin Johnson <ju...@honesthacker.com> 2009-09-24 09:28:28 PDT ---
Thank you for the quick reply! I'm implementing your suggestions and will add
another comment with the results, which will take an hour or so to see.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 46749] Ldap cache cleaning is broken when
LDAPSharedCacheSize is too small
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46749
--- Comment #1 from Justin Johnson <ju...@honesthacker.com> 2009-09-24 06:10:16 PDT ---
What version of httpd did this first show up in? I have a Subversion server
running httpd 2.2.11 and Subversion 1.6.4 that does authentication against
Active Directory LDAP. The cache settings are below. As usage increases the
cache hits drop to between 80-90% and when this happens sporadically the time
for Subversion operations to complete can increase up to 100 fold. In my
testing I have isolated this to the use of LDAP authentication and am
suspecting it is some sort of bug in the caching. Could that possibly be
related to this bug?
LDAPSharedCacheSize 200000
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 46749] Ldap cache cleaning is broken when
LDAPSharedCacheSize is too small
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46749
--- Comment #4 from Justin Johnson <ju...@honesthacker.com> 2009-09-24 12:47:04 PDT ---
That resolved it! Woohoo! Thanks for your help Stefan!
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 46749] Ldap cache cleaning is broken when
LDAPSharedCacheSize is too small
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46749
--- Comment #2 from Stefan Fritsch <sf...@sfritsch.de> 2009-09-24 08:53:12 PDT ---
(In reply to comment #1)
I believe the bug was introduced when porting mod_auth_ldap from 1.3 to 2.0. At
least 2.0.63 has the same problem.
> Could that possibly be related to this bug?
Yes. In my experience, LDAPSharedCacheSize 200000 is too small for
LDAPCacheEntries 1024 (of course it depends on the particular mod_authnz_ldap
configuration). Try increasing LDAPSharedCacheSize by a factor of 10 while
leaving the other settings constant and see if that helps.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 46749] Ldap cache cleaning is broken when
LDAPSharedCacheSize is too small
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46749
Stefan Fritsch <sf...@sfritsch.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |FixedInTrunk
--- Comment #5 from Stefan Fritsch <sf...@sfritsch.de> 2009-10-06 12:41:34 PDT ---
Fixed in trunk in r822458
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org