[PATCH] winbindd: control number of winbindd's client connections
urisimchoni at gmail.com
Wed Jun 3 00:12:06 MDT 2015
This patch handles a case we've encountered in which winbindd opened
client connections up to the process limit on open file descriptors.
It actually happened in the field with a samba 3.3.16-based NAS
appliance serving 200-300 SMB clients. Other factors that caused this
- winbindd is contacting the DC for each session-setup (Bug 11259)
- serving the requests was slow because winbindd was reopening the
ldap connection for each request (Bug 11267 - already fixed)
- DNS misconfiguration on site made serving the requests even slower
However, the basic behavior is that the winbindd client limit is not a
hard limit and I've been able to reproduce it with latest master using
a specially-crafted program which opened multiple requests to
This patchset is divided into two parts:
- parts 1-4 modify winbindd to make the client limit a hard limit -
stop accepting new connections when the limit is reached and resume
accepting when possible.
- part 5 modifies the client side, removing the policy to retry up to
10 times if winbindd doesn't answer within 30 seconds (after
connection has been opened and request sent). This change prevent a
vicious cycle of piling more and more requests on winbindd if it is
already too busy. Instead the client timeout is increased to 300
seconds (30 seconds x 10), relying on winbindd to respond earlier with
a failure code according to "winbind request timeout".
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 14924 bytes
Desc: not available
More information about the samba-technical