Prashant,
In response to your questions:
I can see reconnect timeout attribute in LDAP Connector and default timeout as 60 sec but what will be the timeout value when first time Gateway connecting to LDAP instance?
Response: The initial connection timeout is 5s and is controlled by the cluster wide property (CWP) ldap.connection.timeout default 5s. Another setting ldap.read.timeout default 30s for responses to be read from the LDAP.
How many time retry will happen ?
Response: No retries are attempted.
What will happen in case LDAP server is not listening request from gateway ?(down/slow in response/network glitch )
Response: If the gateway is unable to connect to the LDAP server is will place it on the blacklist and will continue on to the next server listed in the LDAP Host URL. The blacklist time can be controlled through the CWP ldap.reconnect.timeout default 60000 ms or on the individual LDAP Provider configure as Reconnect Timeout (Introduced in version 9.2).
What Load balancer mechanism will apply in case we are adding multiple host in LDAP URL?
Response: None it will go through the list starting with the first and will move through the list only if a failure occurs with the first.
Is there any IP caching at gateway end ?
Response: If you are referring to IP caching based on host name, we use a 30 second TTL for DNS configuration within JAVA.
Is Gateway have some inbuilt service to check LDAP instances ?
Response: No
In case we make a connection with LDAP server ,how long that connection will be active ?Is there some process that is closing inactive connection object ?
Response: Once the connection has been deemed inactive it will be cleared out within 60 seconds.
Sincerely,
Stephen Hughes
Broadcom Support