On 13.11.2012 20:48, Mark Phippard wrote:
> On Tue, Nov 13, 2012 at 2:44 PM, Stefan Küng <tortoisesvn_at_gmail.com> wrote:
>> On 13.11.2012 14:58, Mark Phippard wrote:
>>
>>> We did some testing in our lab, and the KeepAlive settings help a lot
>>> here. Without any KeepAlive, then obviously every Serf request on
>>> every connection needed to be re-authenticated. With KeepAlive on and
>>> the connection limit set high enough then it was reduced to just the 4
>>> connections that Serf opens to the server. So for our case, making
>>> sure this was in place on our server, and then doing some more testing
>>> to figure out the increases we needed to make in our backends was the
>>> main issue to deal with.
>>
>>
>> Did you do some testing with Windows domain authentication as well? Because
>> last time I did some testing with that, KeepAlive doesn't do anything there.
>> For some setups (for example, if the user GUEST is enabled on the domain
>> controller) the re-authentication traffic is more than double the normal svn
>> traffic.
>
> No, we only tested with our own mechanism to make sure that KeepAlive
> would lessen the connection problem. With any mechanism, there would
> have to be some kind of decent caching mechanism in place to not flood
> the server with auth requests. I believe mod_ldap has one by default:
>
> http://httpd.apache.org/docs/2.2/mod/mod_ldap.html#ldapcacheentries
>
> Are you talking about mod_sspi? I do not know much about that module.
Yes, I've tested with mod_auth_sspi because that's the only one I got
working properly.
Even though, this could be a problem if neon isn't available anymore not
even as an option.
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
Received on 2012-11-13 21:03:46 CET