Manualshelf

LDAP-UX Integration Performance and Tuning Guidelines

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
11121314151617181920
LDAP-UX Integration Performance and Tuning Guidelines
It can be difficult to determine how well pwgrd will reduce the demands of the LDAP-UX client on the LDAP
server. One of the best ways is to measure an actual client.
Performance vs. NIS
NIS is a dedicated name service subsystem, designed only to serve Posix-style naming information. LDAP’s design
allows it to be a highly adaptable tool, and has many uses. NIS’s limitation in flexibility and scalability allow its
design to be much simpler and thus able to achieve higher through-put than an LDAP directory server. Some of the
significant factors that differentiate performance between NIS and LDAP:
The NIS protocol runs on top of UDP. This is a connectionless protocol, and has less overhead than the TCP
protocol used by LDAP.
NIS uses a simple key-to-entry query scheme to find data. LDAP uses a flexible, but complex, base/scope/filter
search criteria.
NIS does not perform authentication. LDAP performs authentication.
NIS does not perform access control to data. LDAP servers can restrict access to certain data sets using highly
flexible access control mechanism.
Because of this difference between LDAP and NIS performance, it’s important to consider migration plans from
NIS to LDAP. One should not assume that NIS servers can be replaced by LDAP servers in a one to one ratio.
Before replacing NIS servers with LDAP servers, calculate the existing request load. The best way to do this is to
use a network monitoring tool to filter out requests that are sent to the ypserv daemon on the NIS server.
Determine the RPC port number used by the ypserv daemon:
rpcinfo -p | grep ypserv
Determine the IP address of the NIS server:
nslookup $(hostname)
Set up a network monitoring tool (such as Microsoft’s netmon, HP’s Lan Analyzer or other) with the IP and
port number determined above as a filter to capture packets.
Monitor the network using the above filter, for an extended period of time, to determine the average requests /
second handled by the NIS server.
Page 11