[SERVER-58460] Increase LDAP timeoutMS in ldap_fastest_host_selection.js Created: 12/Jul/21  Updated: 29/Oct/23  Resolved: 17/Sep/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.1.0-rc0

Type: Improvement Priority: Major - P3
Reporter: Varun Ravichandran Assignee: Varun Ravichandran
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Backwards Compatibility: Fully Compatible
Sprint: Security 2021-07-26, Security 2021-08-09, Security 2021-08-23, Security 2021-09-06, Security 2021-09-20
Participants:
Linked BF Score: 23

 Description   

The ldap_fastest_host_selection.js test uses a proxy program to add a delay before responses are sent from ldaptest.10gen.cc to the MongoDB server. This allows the test to simulate an environment where multiple LDAP hosts with varying latencies exist and mongod has been configured to try connecting to fast hosts first. 

Although the server is able to connect to the non-delayed proxies most of the time, sometimes it connects to one of the delayed proxies instead due to the test's parallelization (50 connections to the LDAP proxy servers repeated 50 times). When that happens, the delayed response takes almost as much time as the default ldapTimeoutMS of 10 seconds, triggering an authentication failure that appears as a BF.

The best way of reducing the likelihood of this BF is by explicitly setting the ldapTimeoutMS to a higher value (such as 20 seconds) so that it is tolerant of the delays brought on by the proxies and the high number of concurrent LDAP auth attempts.



 Comments   
Comment by Vivian Ge (Inactive) [ 06/Oct/21 ]

Updating the fixversion since branching activities occurred yesterday. This ticket will be in rc0 when it’s been triggered. For more active release information, please keep an eye on #server-release. Thank you!

Comment by Githook User [ 21/Sep/21 ]

Author:

{'name': 'Varun Ravichandran', 'email': 'varun.ravichandran@mongodb.com', 'username': 'varunravi98'}

Message: SERVER-58460: Increase LDAP timeout threshold in ldap_fastest_host_selection.js
Branch: SERVER-58852
https://github.com/10gen/mongo-enterprise-modules/commit/bbcea5a65a88f4238d47089450abf7146136d666

Comment by Githook User [ 17/Sep/21 ]

Author:

{'name': 'Varun Ravichandran', 'email': 'varun.ravichandran@mongodb.com', 'username': 'varunravi98'}

Message: SERVER-58460: Increase LDAP timeout threshold in ldap_fastest_host_selection.js
Branch: master
https://github.com/mongodb/mongo/commit/a577220e309997510d1ef054896640395f6532d7

Comment by Githook User [ 17/Sep/21 ]

Author:

{'name': 'Varun Ravichandran', 'email': 'varun.ravichandran@mongodb.com', 'username': 'varunravi98'}

Message: SERVER-58460: Increase LDAP timeout threshold in ldap_fastest_host_selection.js
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/bbcea5a65a88f4238d47089450abf7146136d666

Generated at Thu Feb 08 05:44:35 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.