[Samba] howto optimize samba/kerberos for 20k requests per minute - help needed
Stefan Bauer
stefan.bauer at cubewerk.de
Fri Jul 16 05:57:31 UTC 2021
Dear Samba-Users,
we have to use a very bad web-application that does around 20million DAP/Kerberos-requests against our samba domain controller per day.
That renders the system almost unusable due to the high amount of requests.
Server iowait is at 20-30%.
As the web-application does not have any caching options, I'm hoping for help on this list to "optimize" the samba domain cotroller.
iotop reports:
Total DISK READ: 0.00 B/s | Total DISK WRITE: 2.67 M/s
Current DISK READ: 0.00 B/s | Current DISK WRITE: 2.80 M/s
TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND
1996 be/4 root 0.00 B/s 2.55 M/s 0.00 % 27.84 % samba: conn[kdc_tcp] c[ipv4:172.16.2.4:50400] s[ipv4:172.16.2.2:88] server_id[1996.47]
2560 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % samba: conn[ldap] c[ipv4:172.16.2.4:55068] s[ipv4:172.16.2.2:389] server_id[2560]
172.16.2.4 is the web-application.
I record around 15K kerberos request / minute with tcpdump.
Any help is greatly appreciated.
samba is Version 4.10.18-Univention
configuration attached.
thank you.
Kind regards,
Stefan
More information about the samba
mailing list