LDAP at Michigan Tech Michigan Tech Campus Map Site Map Campus Search Directory from A to Z LDAP at Michigan Tech
   Home  |  FAQ  |  Technical Information  |  Developer Information  |  Links  |  Misc


MTU Directory Server ldapmaster.mtu.edu Configuration


All settings here are based on information found in Sun ONE's Directory Server documentation. This documentation could be release notes, administration guides, etc. All references have been noted below.

Parameter Setting Reason
sizelimit 300 entries No one should need to return 300 entries on a search. If they do, they may be doing something wrong or in an inefficient manner. Either way, the directory server administrator should be contacted to discuss the matter.
timelimit 300 seconds A timelimit of 5 minutes should be plenty of time to perform any operation that requires less than 100 entries (sizelimit).
idletimeout 60 seconds Sometimes clients "forget" to disconnect when they are done using the server. If they don't "remember" within 1 minute the server will disconnect them automatically to help save system resources.
lookthroughlimit 1000 entries A search operation that requires the directory to look through more than 1000 entries probably has inappropriate criteria in the search filter.
allidsthreshold default (4000) Information on how to use allidsthreshold to increase directory server performance can be found in the Sun ONE Directory Server Administrator's Guide. Based on this information we get:

4,000 / 0.005 = 800,000
4,000 / 0.05 = 80,000
4,000 / 0.50 = 8,000

So, an allidsthreshold of 4000 is good for a directory server that has between 8,000 and 800,000 entries, but is ideal for 80,000 entries. The MTU directory server has ~25,000 entries (rounded up). The ideal allidsthreshold for a directory server of this size would be:

25,000 * 0.05 = 1,250

However, setting it to this value doesn't leave much room to grow in size. Leaving it at 4,000 allows us to grow by 45,000 entries before the value should be changed. This is important because changing the allidsthreshold value requires all of the data in the directory server to be exported and then imported.

Currently the allidsthreshold value is 1.6% of 25,000 which is acceptable.
dbcachesize 1024 MB (1 GB) Information on how to use dbcachesize to increase directory server performance can be found in the Sun ONE Directory Server Administrator's Guide. Based on this information we get:

The machine ldapmaster.mtu.edu is running on has a total of 4096 MB of system memory. Around 3800 MB of that was free at the time of this calculation. However, two directory servers are running on this machine, the master directory server, and a separate directory server replica that exists only to be a backup for the master. So, we have half the free memory to work with for each directory server yielding:

(3800 MB / 2) - cachesize - "safety space"
cachesize = 256 MB
"safety space" = 100 MB

Final Calculation
1900 - 256 - 100 = 1544 MB


However, we like multiples of 2 so we reduced this to 1024 MB or 1 GB 'cuz that's all we really need. The separate replica needs even less because it is never searched so it gets 256 MB. That leaves the system with 1808 MB free.
cachesize 256 MB Information on how to use cachesize to increase directory server performance can be found in the Sun ONE Directory Server Administrator's Guide. Based on this information we get:

The cachesize parameter is measured in bytes to cache. The MTU directory server has approximately 25,000 entries in it, 17,000 of which will be accessed more frequently than others (person entries). Each entry is around 2 KB in size. Usually a search is executed once and rarely executed again so a large cachesize is unnecessary. We want to be able to cache at least 512 entries at any given time. Given that, the amount of available memory free, and the impact a large cachesize would have on the dbcachesize parameter, we get the following:

cachesize = 512 entries * 2 KB per entry = 512 * 2 KB = 1 MB

This seemed rather small to me so I gave it 256 MB because I had a lot left and the larger the cache the faster the performance.
db_idl_divisor 4 Given the size of our directory server setting this to 4 could be considered excessive. However, there is no reference stating that setting this slightly higher than usual will have any negative impact on performance. Real world tests indicate no performance degradation and it leaves us room to grow up to 1,000,000 entries before it would be necessary to change this. Changing this requires data to be exported and imported in order to manipulate write-block IDs. Avoiding an export/import sequence is almost always a good idea.

References

Sun ONE Directory Server Documentation
Performance Tuning Formulas
db_idl_divisor information - This site may no longer exist.
Home   |   MTU Information Technology   |   Michigan Technological University