--On Tuesday, May 08, 2012 5:30 PM +0000 "Murray S. Kucherawy"
<msk_at_cloudmark.com> wrote:
>> -----Original Message-----
>> From: Quanah Gibson-Mount [mailto:quanah_at_zimbra.com]
>> Sent: Tuesday, May 08, 2012 9:14 AM
>> To: Murray S. Kucherawy; opendkim-users_at_lists.opendkim.org
>> Subject: RE: SigningTable and LDAP
>>
>> Unfortunately, LDAP failover in OpenDKIM doesn't actually appear to work.
>> This morning I got the following error in syslog:
>>
>> May 8 08:13:46 edge01-zcs opendkim[9749]: error looking up
>> "quanah_at_zimbra.com" in database: Can't contact LDAP server May 8
>> 08:13:46 edge01-zcs opendkim[9749]: 0E7FA14D: error reading signing
>> table
>>
>>
>> There are two problems with this message appearing:
>>
>> a) The LDAP server it was talking to was never down ( I filed sourceforge
>> bug#3524756 on this)
>
> This is a request for TCP keepalive support. I've emailed you separately
> about it because I'll need more information from OpenLDAP to do so.
>
>> and
>>
>> b) OpenDKIM failed to fail over to the other two LDAP servers
>> configured in its pool:
>> [...]
>>
>> Murray, is (b) the issue we were recently discussing recently?
>>
>> Is there a target release where LDAP failover will be working
>> correctly?
>
> I need to know what the problem is first. All of the URIs you provide
> are passed to ldap_initialize(), so I would presume the
> reconnection/fallback logic lives inside OpenLDAP itself. If it's not
> failing over correctly, I have to assume the problem is there, unless I'm
> supposed to tell OpenLDAP something I haven't told it yet.
>
> Besides passing multiple URIs to ldap_initialize(), am I supposed to make
> other calls to OpenLDAP to arrange for automated failure recovery?
Hi Murry,
I've sent you some information offline. ;)
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
Received on Tue May 08 2012 - 18:31:50 PST