From owner-freebsd-questions@FreeBSD.ORG Tue Sep 20 08:04:33 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B2014106564A for ; Tue, 20 Sep 2011 08:04:33 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3fd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id 281F48FC14 for ; Tue, 20 Sep 2011 08:04:33 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [81.187.76.163]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id p8K84SXf043260 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Tue, 20 Sep 2011 09:04:29 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.8.3 smtp.infracaninophile.co.uk p8K84SXf043260 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1316505869; bh=RFBO8JikodCHozLjjdoZLDqxQE1u4rjLMj66cnfe+cw=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Cc:Content-Type:Date:From:In-Reply-To: Message-ID:Mime-Version:References:To; z=Message-ID:=20<4E784905.1080007@infracaninophile.co.uk>|Date:=20T ue,=2020=20Sep=202011=2009:04:21=20+0100|From:=20Matthew=20Seaman= 20|User-Agent:=20Mozilla/5.0=20(M acintosh=3B=20Intel=20Mac=20OS=20X=2010.6=3B=20rv:6.0.2)=20Gecko/2 0110902=20Thunderbird/6.0.2|MIME-Version:=201.0|To:=20Rafael=20NAV AZA=20|CC:=20freebsd-questions@freebsd.org|Su bject:=20Re:=20OpenLDAP=20+=20CARP|References:=20|In-Reply-To:=20|X-Enigmail-Version:=201.3.1|OpenPGP:=20id= 3D60AE908C|Content-Type:=20multipart/signed=3B=20micalg=3Dpgp-sha1 =3B=0D=0A=20protocol=3D"application/pgp-signature"=3B=0D=0A=20boun dary=3D"------------enigBC71ECEB3BA396E531E6E626"; b=SmH5i8PU+S6buqZBNQYYCtmtRwVALDxT4CBkgj2tqcupflhF6gyEOW4U13I+EnGp+ pJGMdAKQY+TkrzhAmVPJBkym2ifNzk2EsC4o5o5uJT/ByHn0PLBqUDVNwTEjRgGyBb v5KFnPyJl5X5PxPiI32Ye464H/ASj1x67MErD85s= Message-ID: <4E784905.1080007@infracaninophile.co.uk> Date: Tue, 20 Sep 2011 09:04:21 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2 MIME-Version: 1.0 To: Rafael NAVAZA References: In-Reply-To: X-Enigmail-Version: 1.3.1 OpenPGP: id=60AE908C Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigBC71ECEB3BA396E531E6E626" X-Virus-Scanned: clamav-milter 0.97.2 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-0.6 required=5.0 tests=BAYES_05,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: OpenLDAP + CARP X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Sep 2011 08:04:33 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigBC71ECEB3BA396E531E6E626 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 19/09/2011 15:54, Rafael NAVAZA wrote: > Is there a way to setup an OpenLDAP HA cluster (intersite multimaster) = with CARP on FreeBSD ? Hmmm... So long as both the LDAP servers are on the same network segment, and so long as they have separate addresses for their replication channel, then I can't see why that wouldn't work. However, LDAP, by its nature has a failover capability built in. You can just list several LDAP servers in your ldap.conf and each will be tried in turn until you get an answer. Or put a comma separated list of several servers into a ldap:/// or ldaps:/// style URI. There's also a way you can use SRV records with LDAP -- that gives you weighted load distribution over a number of servers. See RFC 3088. Note that not all LDAP clients support this, and its still only an experimental service. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enigBC71ECEB3BA396E531E6E626 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk54SQwACgkQ8Mjk52CukIxyCACeOrj6Fv58hWyESlgEt0bgt8Lc n5MAnRk6byR6F4N52y8+sUM7/6j0TGu6 =xOdp -----END PGP SIGNATURE----- --------------enigBC71ECEB3BA396E531E6E626--