I am looking for a a proper configuration for a LDAP backend, so far I have:
frontend ldap_service_front mode tcp bind 10.11.6.26:389 log global description LDAP Service option socket-stats option tcplog option tcpka timeout client 5s default_backend ldap_service_back backend ldap_service_back server ldap-1-test ldap1test.embl.de:389 check fall 1 rise 1 inter 2s server ldap-2-test ldap2test.embl.de:389 check fall 1 rise 1 inter 2s mode tcp balance roundrobin stick-table type ip size 200k expire 30m stick on src option tcpka option ldap-check timeout server 2s timeout connect 1s
But when I browse the LDAP servers with the Apache LDAP browser, it seems that every one or two checks it close connection and open a new one, so it is impossible to browse it.
I wouldn’t like to bind the source IP to a specific backend node, since I will have so many different clients that will act on differents way, some of them will just open a connection, get some attributes and close it, but some others will open a LDAP connection and will fetch several attributes and afterwards will close is.
So I am somehow looking for some persistency. Well, I am open to any suggestion.