Project sponsored by



Project hosted on

SourceForge Logo



The LDAP performance results with OpenLDAP were very disappointing. LDAP is supposed to be a very high performance, read optimized, hierarchal database. So I expected it to easily outperform the SQL databases. Instead, the LDAP driver yielded the lowest performace of any driver.

I was completely shocked at how long it took to load the LDAP database. Most other databases were loaded in anywhere from a few minutes to about a half hour. Using slapadd it took almost an entire day to load the data into the LDAP database. For those who are less familiar with LDAP, slapadd is a utility program for loading the OpenLDAP database backend directly instead of going through the LDAP server. It creates the LDAP server's database files while the LDAP server is not running. The idea is that using slapdadd is more efficient and faster than transporting all the data across the network when bulk loading your LDAP database.

I tried my best to optimize the OpenLDAP server as much as possible. I even suffered through deleting and reloading the LDAP database several times in an effort to find a configuration with better performance. Perhaps someone can look over this configuration and suggest further optimizations that will improve performance.

The configuration below was used in the LDAP performance tests. This configuration uses the Berkeley DB for the LDAP database. In addition to the settings below, I created a DB_CONFIG file in the Berkeley DB environment to set the BDB cache to 512MB. This cache size appeared optimal, as a larger cache caused virtual memory disk swapping, and a lower cache reduced performance.

# schema's
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/dlz.schema

pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args

# bdb database definitions

database bdb
suffix "o=bind-dlz"
rootdn "cn=Manager,o=bind-dlz"
rootpw secret
directory /var/lib/ldap

# cachesize is the number of entries to hold in memory
cachesize 2000

# Indices to maintain for this database
index dlzHostName,dlzZoneName,dlzRecordID,dlzType eq,pres
index objectClass,ou,o,cn,dc                      eq,pres
dlz "ldap zone" {
        database "ldap 2 v3 simple
        {cn=Manager,o=bind-dlz} {secret} localhost
        ldap:///dlzZoneName=%zone%,ou=dns,o=bind-dlz???objectclass=dlzZone
        ldap:///dlzHostName=%record%,dlzZoneName=%zone%,ou=dns,o=bind-dlz?dlzTTL,
dlzType,dlzPreference,dlzData,dlzIPAddr,dlzPrimaryNS,dlzAdminEmail,dlzSerial,
dlzRefresh,dlzRetry,dlzExpire,dlzMinimum?sub?objectclass=dlzAbstractRecord";
};