Description of problem: There are quite often customer cases about shortage of file descriptors and LDAP client requests not being processed. The shortage is usually caused by a low value set for the nsslapd-conntablesize parameter. The documentation mentions: ========================================== The number of descriptors available for TCP/IP to serve client connections is determined by nsslapd-conntablesize, and is equal to the nsslapd-maxdescriptors attribute minus the number of file descriptors used by the server as specified in the nsslapd-reservedescriptors attribute for non-client connections, such as index management and managing replication. ========================================== Nonetheless the gap usually observed between nsslapd-conntablesize and nsslapd-maxdescriptors ( default values ) looks pretty high. Eg: # dsconf -D "cn=Directory Manager" ldap://localhost:10389 config get nsslapd-conntablesize nsslapd-maxdescriptors Enter password for cn=Directory Manager on ldap://localhost:10389: nsslapd-conntablesize: 1024 nsslapd-maxdescriptors: 262144 # Would it be possible to make sure that the default value for nsslapd-conntablesize is set to something around ( nsslapd-maxdescriptors / 2 ) while keeping it capped to 64K [1] ? [1] https://github.com/389ds/389-ds-base/blob/641221788c6081481d47e658c572fc0b32aed955/ldap/servers/slapd/libglobs.c#L4842 Version-Release number of selected component (if applicable): RHDS 11.4 on RHEL 8.5. How reproducible: Always on my test systems and at customer sites. Steps to Reproduce: Install RHDS and check the default values of both parameters. Actual results: nsslapd-conntablesize is set to 1K Expected results: Have a higher default value. Additional info:
Upstream ticket: https://github.com/389ds/389-ds-base/issues/5469