Oracle Virtual Directory Performance Tuning 23-5

23.3.2 Join Adapters

If you are using Join Adapters, join only appropriate sources. For example if a deployment requires only to link attributes in the primary source under cn=users branch, create a primary adapter that only exposes this branch. And then create the join rule with that adapter. This can reduce the need for Oracle Virtual Directory to try to join entries that may never have corresponding linked entries.

23.3.3 General Filter Tuning

If a known client search filter does not apply to certain adapters, apply the filter to all applicable Exclude Filters to improve performance and reduce network traffic.

23.3.4 Load Balancer Local Store Adapter Tuning

Some load balancers query an LDAP server to determine if it is up or down. If your load balancer uses this feature - consider creating a local store adapter with a separate namespace for example dc=loadbalancer that is used only for the load balancer. While the performance impact of the load-balancer is probably not noticeable, by keeping it in a separate namespace. it makes it easier to exclude the load-balancer KeepAlive requests from creating large log files during troubleshooting.

23.3.5 Cache Plug-In Tuning

The CachePlug-in provides an in-memory cache for Oracle Virtual Directory. It has the ability to cache query results from any source for re-use by LDAP clients. This plug-in can improve performance for those applications where queries are highly repetitive. To review cache operation and configuration, set VE logging level to ’Dump’ to see more details. Because the cache is a normal plug-in, the cache can be configured to run anywhere within Oracle Virtual Directory. It can be executed globally, or within the context of a single adapter. It can also be restricted to specific namespaces by using the namespace filtering available in standard plug-in configuration.

23.3.5.1 Cache Hit Logic

The cache works by storing query results and making them available for later use. If a query is repeated by the same user and the same attributes or a subset of attributes are requested, the cache can return its results instead of having Oracle Virtual Directory pull the information from the source. The plug-in can also be configured to allow cache hits to be shared between users. Sharing cache entries between users should not be used unless the pass credentials are not being passed to back-end sources and Oracle Virtual Directory is solely responsible for security enforcement. Careful consideration should be given when sharing cache hits between users as it would then be possible for one user to see something they should not, since they may have access to a cache result from a more privileged user.

23.3.5.2 Cache Plug-in Memory Management

This plug-in periodically reviews the cache and checks for expired results, or entries that have been invalidated by a previous modify transaction. In the event that the cache quota is exceeded, the plug-in attempts to trim memory by purging the queries that were least recently used LRU. Tip: Always make sure that the attributes used by join rules are properly indexed. 23-6 Oracle Fusion Middleware Performance and Tuning Guide Table 23–3 describes some parameters used to tune the Memory Management Plug-in:

23.3.6 LDAP Listener Tuning

Table 23–4 describes some parameters used to tune the LDAP Listener: Table 23–3 Memory Management Plug-in Settings Parameter Value Notes Size Default: 1000 entries The maximum number of entries that may be cached at any one time. MaxResultSize Default: 1000 entries The maximum number of entries that may be cached for any particular query. Trimsize Default: 1000 entries When the maximum cache size is exceeded, the amount by which the cache manager must reduce the balance. Note: when necessary, trimming is done by purging expired queries first followed by queries in order of least recent use. MaximumAge Default: 600 seconds The maximum age in seconds for any queryentry stored in the cache. MaintenanceInterval Default: 60 seconds The interval in seconds between when the cache manager checks for expired queries. BySubject Default: 1 not shared A flag 1 or 0 indicating whether cache results are shared between subjects. A value of 1 indicates that results are not be shared between subjects. Table 23–4 Listener Parameters Parameter Value Notes Backlog Default: 128 requests Specifies the maximum number of pending connection requests that are allowed to queue up before the server starts rejecting new connection attempts. The default value is sufficient in most cases and the need to change this value is very rare. Reuse address Default: False This option determines whether LDAP listener should reuse socket descriptors. If enabled, the SO_REUSEADDR socket option is used on the Oracle Virtual Directory server listen socket to potentially allow the reuse of socket descriptors for clients in TIME_WAIT state.