Preference values for replica LDAP servers

Preference values for replica LDAP servers

Each replica LDAP server must have a preference value (1 to 10) that determines its priority.
Priority is based on one of the following selections:

The primary read-only access server
A backup read-only server during a failover

The higher the number, the higher the priority. If the primary read-only server fails for any reason, the server with the next highest preference value is used. If two or more servers have the same preference value, a least-busy load balancing algorithm determines which one is selected.
Remember the master LDAP server can function as both a read-only and a read/write server. For read-only access, the master server has a hardcoded default preference setting of 5. Use this preference setting to set replica servers at values higher or lower than the master to obtain the required performance. For example, with appropriate preference settings, we can prevent the master server from handling everyday read operations.
We can set hierarchical preference values to allow access to a single LDAP server with failover to the other servers. We can also set equal preferences for all servers and allow load balancing to dictate server selection. Table 1 illustrates some possible preference scenarios. M is a reference to the master (read-only/read-write) LDAP server; R1, R2 and R3 are references to the replica (read-only) LDAP servers.

M R1 R2 R3 Failover preference

5 5 5 5 All servers have the same preference values. Load balancing determines which server is selected for each access operation.

5 6 6 6 The 3 replica servers have the same preference value. This value is higher than the master server value. Load balancing determines server selection among the 3 replicas. The master is used only if all 3 replica servers become unavailable.

5 6 7 8 Server 3 (with the highest preference value) becomes the primary server. If server 3 fails, server 2 becomes the primary server because it has the next highest preference value.

Preference values affect the read-only access to the LDAP database and the read-write access to the replica LDAP servers. ISAM always uses the master (read/write) server when we need to change the LDAP database.
Some Security Verify Access daemons such as the policy server override the preference settings in their configuration files to indicate the read/write server is preferred. This override occurs because those daemons usually make update operations that go to the master LDAP server.
Parent topic: LDAP failover configuration

M	R1	R2	R3	Failover preference
5	5	5	5	All servers have the same preference values. Load balancing determines which server is selected for each access operation.
5	6	6	6	The 3 replica servers have the same preference value. This value is higher than the master server value. Load balancing determines server selection among the 3 replicas. The master is used only if all 3 replica servers become unavailable.
5	6	7	8	Server 3 (with the highest preference value) becomes the primary server. If server 3 fails, server 2 becomes the primary server because it has the next highest preference value.