Hi,
I have a big performance issue with ldap authentication.
If I login with an local user (eg, admin), it is quite fast (round about 200ms).
But if I login with an ldap user, it is very slowly (round about 9 - 11 seconds).
In this timeout, I waiting and nothing is happen. After this time, the Home page will be loaded.
I have also analysed the network traffic between redmine and active directory. It seems so, the binding will be requested less than 1s. But after the binding, the redmine sending a "ACK" of a "SEQ" from LDAP. Than 9 seconds will be gone before redmine sends a new "SEQ" to LDAP for closing connection ("F" FIN Flag).
cut of TCPDUMP:
15:46:20.126688 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [S], seq 1025944448, win 14600, options [mss 1460,sackOK,TS val 1444996524 ecr 0,nop,wscale 7], length 0
15:46:20.127130 IP 172.16.0.1.ldap > 172.16.20.15.53941: Flags [S.], seq 3646836544, ack 1025944449, win 8192, options [mss 1460,nop,wscale 8,sackOK,TS val 559604960 ecr 1444996524], length 0
15:46:20.127153 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [.], ack 1, win 115, options [nop,nop,TS val 1444996525 ecr 559604960], length 0
15:46:20.127770 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [P.], seq 1:53, ack 1, win 115, options [nop,nop,TS val 1444996525 ecr 559604960], length 52
15:46:20.128774 IP 172.16.0.1.ldap > 172.16.20.15.53941: Flags [P.], seq 1:23, ack 53, win 260, options [nop,nop,TS val 559604960 ecr 1444996525], length 22
15:46:20.128835 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [.], ack 23, win 115, options [nop,nop,TS val 1444996526 ecr 559604960], length 0
15:46:20.130713 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [P.], seq 53:226, ack 23, win 115, options [nop,nop,TS val 1444996528 ecr 559604960], length 173
15:46:20.131263 IP 172.16.0.1.ldap > 172.16.20.15.53941: Flags [P.], seq 23:1307, ack 226, win 259, options [nop,nop,TS val 559604961 ecr 1444996528], length 1284
15:46:20.132559 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [P.], seq 226:431, ack 1307, win 135, options [nop,nop,TS val 1444996530 ecr 559604961], length 205
15:46:20.133220 IP 172.16.0.1.ldap > 172.16.20.15.53941: Flags [P.], seq 1307:1644, ack 431, win 258, options [nop,nop,TS val 559604961 ecr 1444996530], length 337
15:46:20.173091 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [.], ack 1644, win 155, options [nop,nop,TS val 1444996571 ecr 559604961], length 0
*15:46:29.954633 IP 172.16.20.15.53941 > 172.16.0.1.ldap: Flags [F.], seq 431, ack 1644, win 155, options [nop,nop,TS val 1445006352 ecr 559604961], length 0*
15:46:29.955251 IP 172.16.0.1.ldap > 172.16.20.15.53941: Flags [.], ack 432, win 258, options [nop,nop,TS val 559605943 ecr 1445006352], length 0
15:46:29.955298 IP 172.16.0.1.ldap > 172.16.20.15.53941: Flags [R.], seq 1644, ack 432, win 0, length 0
This are my environment:
- We use Active Directory as LDAP.
Environment:
Redmine version 2.3.3.stable
Ruby version 2.0.0-p247 (2013-06-27) [x86_64-linux]
Rails version 3.2.13
Environment production
Database adapter Mysql2
Redmine plugins:
redmine_ckeditor 1.0.11
redmine_git_hosting 0.6.2
redmine_ldap_sync 2.0.2.devel.geef0ea5c5a
redmine_mylyn_connector 2.8.2.stable
redmine_plugin_views_revisions 0.0.1
redmine_questions 0.0.5
Have anyone an idea to solve the issue?
Thanks and best Regards,
Henry
login with ldap very slow