Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-58460

Increase LDAP timeoutMS in ldap_fastest_host_selection.js

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.1.0-rc0
    • Component/s: None
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Sprint:
      Security 2021-07-26, Security 2021-08-09, Security 2021-08-23, Security 2021-09-06, Security 2021-09-20
    • Linked BF Score:
      23

      Description

      The ldap_fastest_host_selection.js test uses a proxy program to add a delay before responses are sent from ldaptest.10gen.cc to the MongoDB server. This allows the test to simulate an environment where multiple LDAP hosts with varying latencies exist and mongod has been configured to try connecting to fast hosts first. 

      Although the server is able to connect to the non-delayed proxies most of the time, sometimes it connects to one of the delayed proxies instead due to the test's parallelization (50 connections to the LDAP proxy servers repeated 50 times). When that happens, the delayed response takes almost as much time as the default ldapTimeoutMS of 10 seconds, triggering an authentication failure that appears as a BF.

      The best way of reducing the likelihood of this BF is by explicitly setting the ldapTimeoutMS to a higher value (such as 20 seconds) so that it is tolerant of the delays brought on by the proxies and the high number of concurrent LDAP auth attempts.

        Attachments

          Activity

            People

            Assignee:
            varun.ravichandran Varun Ravichandran
            Reporter:
            varun.ravichandran Varun Ravichandran
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: