This section contains example configurations related to client affinity, and includes examples for replication delay, verifying write operations, and connection-based routing.
This procedure configures client affinity for all read and write operations that occur up to three seconds after the first write operation.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Configure the affinity parameters for the data source pool.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-policy:read-write-affinity-after-write client-affinity-timeout:3000 \ enable-client-affinity:true |
This procedure configures client affinity for the first read operation after each write operation. The example could be for an application where a specified bind DN validates each write operation by performing a read operation.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Configure the affinity parameters for the data source pool.
$ dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-policy:read-affinity-after-write enable-client-affinity:true |
If an application makes an update using one connection from the pool but then uses a different connection to do the search for that entry, the affinity setting on the connection used to do the update is not used because the search is done from a different connection. The search operation could also be routed to a different server than where the update was performed. In this case, the affinity feature works only within the same client connection.
To resolve this, affinity should be defined at the client level such as an IP address or bind DN. When an update is made by a client, all the connections from that client follow the same affinity rule.
Specify the criteria to determine if the requests are coming from the same client.
dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-criteria:ip-address-and-bind-dn |
For all the options, see client-affinity-criteria(5dpconf).
The server matches the bind DN as well as the IP address of the client requests, if the entries meet the criteria then they are from the same client.
Specify the regular expressions that the bind DN of the connection must match to consider that requests come from the same client.
dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-bind-dn-filters:"uid=boss*" |
Specify the IPv4 or IPv6 address that the IP address of the connection must match to consider that requests come from the same client.
dpconf set-ldap-data-source-pool-prop -h host -p port pool-name \ client-affinity-ip-address-filters:129.157.192.108 |
In versions prior to Directory Proxy Server 6.0, one connection was opened between a client and an LDAP server. The same connection was used for all requests from the client until the connection was closed. This type of routing is called connection-based routing. This procedure describes how to configure client affinity for connection-based routing.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
Ensure that all data sources are attached to the data source pool and that client-cred-mode is set to use-client-identity.