From owner-freebsd-questions@FreeBSD.ORG  Tue Sep 20 08:04:33 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B2014106564A
	for <freebsd-questions@freebsd.org>;
	Tue, 20 Sep 2011 08:04:33 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk
	[IPv6:2001:8b0:151:1:3fd3:cd67:fafa:3d78])
	by mx1.freebsd.org (Postfix) with ESMTP id 281F48FC14
	for <freebsd-questions@freebsd.org>;
	Tue, 20 Sep 2011 08:04:33 +0000 (UTC)
Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk
	[81.187.76.163]) (authenticated bits=0)
	by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id
	p8K84SXf043260
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Tue, 20 Sep 2011 09:04:29 +0100 (BST)
	(envelope-from m.seaman@infracaninophile.co.uk)
X-DKIM: Sendmail DKIM Filter v2.8.3 smtp.infracaninophile.co.uk p8K84SXf043260
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=infracaninophile.co.uk; s=201001-infracaninophile; t=1316505869;
	bh=RFBO8JikodCHozLjjdoZLDqxQE1u4rjLMj66cnfe+cw=;
	h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References:
	In-Reply-To:Content-Type:Cc:Content-Type:Date:From:In-Reply-To:
	Message-ID:Mime-Version:References:To;
	z=Message-ID:=20<4E784905.1080007@infracaninophile.co.uk>|Date:=20T
	ue,=2020=20Sep=202011=2009:04:21=20+0100|From:=20Matthew=20Seaman=
	20<m.seaman@infracaninophile.co.uk>|User-Agent:=20Mozilla/5.0=20(M
	acintosh=3B=20Intel=20Mac=20OS=20X=2010.6=3B=20rv:6.0.2)=20Gecko/2
	0110902=20Thunderbird/6.0.2|MIME-Version:=201.0|To:=20Rafael=20NAV
	AZA=20<rnavaza@hotmail.com>|CC:=20freebsd-questions@freebsd.org|Su
	bject:=20Re:=20OpenLDAP=20+=20CARP|References:=20<DUB102-W60312A9A
	530D84FC783777BE0B0@phx.gbl>|In-Reply-To:=20<DUB102-W60312A9A530D8
	4FC783777BE0B0@phx.gbl>|X-Enigmail-Version:=201.3.1|OpenPGP:=20id=
	3D60AE908C|Content-Type:=20multipart/signed=3B=20micalg=3Dpgp-sha1
	=3B=0D=0A=20protocol=3D"application/pgp-signature"=3B=0D=0A=20boun
	dary=3D"------------enigBC71ECEB3BA396E531E6E626";
	b=SmH5i8PU+S6buqZBNQYYCtmtRwVALDxT4CBkgj2tqcupflhF6gyEOW4U13I+EnGp+
	pJGMdAKQY+TkrzhAmVPJBkym2ifNzk2EsC4o5o5uJT/ByHn0PLBqUDVNwTEjRgGyBb
	v5KFnPyJl5X5PxPiI32Ye464H/ASj1x67MErD85s=
Message-ID: <4E784905.1080007@infracaninophile.co.uk>
Date: Tue, 20 Sep 2011 09:04:21 +0100
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6;
	rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2
MIME-Version: 1.0
To: Rafael NAVAZA <rnavaza@hotmail.com>
References: <DUB102-W60312A9A530D84FC783777BE0B0@phx.gbl>
In-Reply-To: <DUB102-W60312A9A530D84FC783777BE0B0@phx.gbl>
X-Enigmail-Version: 1.3.1
OpenPGP: id=60AE908C
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
	boundary="------------enigBC71ECEB3BA396E531E6E626"
X-Virus-Scanned: clamav-milter 0.97.2 at lucid-nonsense.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-0.6 required=5.0 tests=BAYES_05,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU autolearn=ham version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	lucid-nonsense.infracaninophile.co.uk
Cc: freebsd-questions@freebsd.org
Subject: Re: OpenLDAP + CARP
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Sep 2011 08:04:33 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigBC71ECEB3BA396E531E6E626
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 19/09/2011 15:54, Rafael NAVAZA wrote:
> Is there a way to setup an OpenLDAP HA cluster (intersite multimaster) =
with CARP on FreeBSD ?

Hmmm...  So long as both the LDAP servers are on the same network
segment, and so long as they have separate addresses for their
replication channel, then I can't see why that wouldn't work.

However, LDAP, by its nature has a failover capability built in.  You
can just list several LDAP servers in your ldap.conf and each will be
tried in turn until you get an answer.  Or put a comma separated list of
several servers into a ldap:/// or ldaps:/// style URI.

There's also a way you can use SRV records with LDAP -- that gives you
weighted load distribution over a number of servers. See RFC 3088.
Note that not all LDAP clients support this, and its still only an
experimental service.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew@infracaninophile.co.uk               Kent, CT11 9PW


--------------enigBC71ECEB3BA396E531E6E626
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk54SQwACgkQ8Mjk52CukIxyCACeOrj6Fv58hWyESlgEt0bgt8Lc
n5MAnRk6byR6F4N52y8+sUM7/6j0TGu6
=xOdp
-----END PGP SIGNATURE-----

--------------enigBC71ECEB3BA396E531E6E626--