Using nscd to cache LDAP and DNS entries
Hi all.
We're considering enabling nscd to cache LDAP and DNS entries. We have a very static network network-wise (no DHCP servers), so especially DNS entries remain very static. Are there any pitfalls we should be aware of before enabling nscd on such a network? Regards, kenneho |
Not really, ncsd runs by default on many systems. That said i did recently have an issue with it where we made some modifications to an LDAP account and the cache expiry for the passwd cache didn't seem to be kicking in reliably on some rhel5 boxes and on some I ended up stopping the service, deleting the db file and starting it again (I think i could of formally deleted it with the ncsd program itself but it did the job whatever...). That's the only time i've ever ever touched ncsd though, all the systems it's been running on i'd never had to learn a single thing about it.
|
Cool. Thanks. We've been testing it for a while, and everthing seems fine. Just wanted some second opinion before using it on production systems.
|
Just one last question: Is there any reason why starting the nscd could have a negative effect on production systems, such as hickups or anything? My boss is worried that this may happend, but I can't think of any reason why it should...
|
I maintain roughly 100 servers at my workplace and they all run the nscd service. No problems so far...
-twantrd |
Quote:
|
as I said, we did have an issue with a couple of instances caching results too long. Or at least that's what it looked like from everything I knew about nscd at the time. It might have been perfectly logical, but I'm fairly sure it was misbehaving for a while, only a few hours.
|
Quote:
If that error is the only (big) problem you've had with nscd I'm not very worried. Fortunately, in my organization, we don't use LDAP yet (are working on a LDAP solution using Red Hat Directory Server), and we don't use DHCP for our linux servers. So everything is very, very static, and caching results too long should not be an immediate threat to our production servers. :) kenneho |
|
All times are GMT -5. The time now is 08:15 AM. |