LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 06-12-2009, 07:20 AM   #1
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Rep: Reputation: 40
Using nscd to cache LDAP and DNS entries


Hi all.


We're considering enabling nscd to cache LDAP and DNS entries. We have a very static network network-wise (no DHCP servers), so especially DNS entries remain very static.

Are there any pitfalls we should be aware of before enabling nscd on such a network?

Regards,
kenneho
 
Old 06-13-2009, 01:56 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
Not really, ncsd runs by default on many systems. That said i did recently have an issue with it where we made some modifications to an LDAP account and the cache expiry for the passwd cache didn't seem to be kicking in reliably on some rhel5 boxes and on some I ended up stopping the service, deleting the db file and starting it again (I think i could of formally deleted it with the ncsd program itself but it did the job whatever...). That's the only time i've ever ever touched ncsd though, all the systems it's been running on i'd never had to learn a single thing about it.
 
Old 06-15-2009, 07:34 AM   #3
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Original Poster
Rep: Reputation: 40
Cool. Thanks. We've been testing it for a while, and everthing seems fine. Just wanted some second opinion before using it on production systems.
 
Old 06-17-2009, 02:22 AM   #4
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Original Poster
Rep: Reputation: 40
Just one last question: Is there any reason why starting the nscd could have a negative effect on production systems, such as hickups or anything? My boss is worried that this may happend, but I can't think of any reason why it should...
 
Old 06-17-2009, 02:35 AM   #5
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Rep: Reputation: 52
I maintain roughly 100 servers at my workplace and they all run the nscd service. No problems so far...

-twantrd
 
Old 06-17-2009, 03:08 AM   #6
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Original Poster
Rep: Reputation: 40
Quote:
Originally Posted by twantrd View Post
I maintain roughly 100 servers at my workplace and they all run the nscd service. No problems so far...

-twantrd
And you've never experienced any hickups just as you started the nscd daemon?
 
Old 06-17-2009, 04:47 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
as I said, we did have an issue with a couple of instances caching results too long. Or at least that's what it looked like from everything I knew about nscd at the time. It might have been perfectly logical, but I'm fairly sure it was misbehaving for a while, only a few hours.
 
Old 06-17-2009, 05:47 AM   #8
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Original Poster
Rep: Reputation: 40
Quote:
Originally Posted by acid_kewpie View Post
as I said, we did have an issue with a couple of instances caching results too long. Or at least that's what it looked like from everything I knew about nscd at the time. It might have been perfectly logical, but I'm fairly sure it was misbehaving for a while, only a few hours.
Ah, sorry, I were a little too fast there. Thanks for refreshing my memory.

If that error is the only (big) problem you've had with nscd I'm not very worried. Fortunately, in my organization, we don't use LDAP yet (are working on a LDAP solution using Red Hat Directory Server), and we don't use DHCP for our linux servers. So everything is very, very static, and caching results too long should not be an immediate threat to our production servers.


kenneho
 
Old 06-30-2009, 03:34 PM   #9
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
fyi

http://www.linuxquestions.org/questi...server-731157/
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Managed DNS server lists and dnsmasq DNS cache nitrousoxide82 Linux - Networking 1 02-21-2014 10:34 PM
NSCD and LDAP Rowley Linux - Software 9 07-31-2008 03:11 AM
adding entries in ldap aravind1024004 Linux - Server 10 04-17-2008 09:38 AM
LDAP How to add entries durgap Linux - Networking 4 11-10-2006 04:55 AM
need help to set up caching only dns server to with bogus DNS entries ullas Linux - Networking 1 10-28-2003 01:54 PM


All times are GMT -5. The time now is 08:09 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration