Regarding Bug 3204 - winbindd: Exceeding 200 client connections, no idle connection found
Andrew Bartlett
abartlet at samba.org
Thu Jul 31 22:10:50 MDT 2014
On Fri, 2014-07-18 at 22:44 -0700, Jeremy Allison wrote:
> On Fri, Jul 18, 2014 at 12:09:47PM -0700, Jeremy Allison wrote:
> >
> > Ok, as this went to samba-technical here is a (test) patch
> > for 3.6.x only that attempts to fix this bug.
> >
> > It adds a new [global] parameter:
> >
> > winbind request timeout
> >
> > default value of 60 (seconds). What it does is terminate every client
> > connection that has either remained idle for 60 seconds, or has not replied
> > within 60 seconds. Initially I worried this was a little aggressive, but I
> > don't think so - if a request has take > 60 seconds it's almost certainly dead,
> > and pruning idle clients after 60 seconds is also probably ok. Also it's
> > tuneable :-).
> >
> > If this works for people I can forward port to 4.1.next and 4.0.next.
> >
> > It's also added to the bug report.
> >
> > Let me know if it helps !
>
> And here is a (fixed) version of the patch
> that gets the timeout calculations right
> (and slightly rewritten to make those
> calculations more clear :-).
>
> Timeout calculations are tricky :-).
>
> Also replaced the old bad patch in the bug
> report.
Does this only happen if we are out of connections, or always?
Some operations can be slow, like trying to change the trust password
(because it is forwarded to the PDC). Now 60 seconds is really slow,
but still, I wonder if it is too low.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list