Novell Home

System Requirements for NDS eDirectory

Articles and Tips: article

Nancy McLain
Senior Technical Writer
DeveloperNet University
nmclain@novell.com

01 Jul 2000


Thanks to Robert Koestler, Subbu K. K., Mike Neuenschwander, and Girish Kumar who contributed information and took the time to ensure that the information I gathered was accurate.

Even though NDS eDirectory makes efficient use of whatever hardware platform it is running on, you can fine-tune it to improve performance. This AppNote summarizes the system requirements for NDS eDirectory on the various platforms it supports, and outlines the adjustments you can make for better performance.

NDS eDirectory on Intel Platforms

On the Intel platform, NDS eDirectory runs on NetWare 5.1 and Windows NT.

NDS eDirectory on NetWare 5.1

If you're running NDS on NetWare 5.1, you'll need:

  • A PC with a Pentium 200 MHz or higher processor as a minimum

The Pentium 200 MHz processor is a suggestion for those who want to run on minimum hardware and are willing to sacrifice performance to do so. If you want to truly evaluate eDirectory, you should use at least a Pentium II 300 MHz processor. A Pentium II 400 MHz processor would be even better.

  • A VGA or higher resolution display adapter. Novell recommends SVGA. The display adapter should be VESA compliant.

  • 64 MB of RAM minimum

    • If you're running Java-based applications, you'll need 128 MB RAM minimum.

    • If you're upgrading to NetWare 5.1 and installing only the standard products, you'll need 128 MB RAM minimum.

    • If you're upgrading to NetWare 5.1 and installing all the products, except for WebSphere, you'll need 256 MB RAM minimum.

    • If you're upgrading to NetWare 5.1 and installing all the products, including WebSphere, you'll need 512 MB RAM minimum.

  • One or more network boards

  • A CD-ROM drive that can read ISO 9660-formatted CD-ROM disks. Computers with bootable CD-ROM drives must fully support the El Torito specification.

  • 350-700 MB of available disk space (50 MB for a boot partition, 650 MB for a NetWare partition)

    • If you're installing the NetWare 5 Operating System only, you'll need 350 MB of disk space.

    • If you're installing NetWare 5 with default product selections, you'll need 450 MB of disk space.

    • If you're installing NetWare 5 with all the product selections, you'll need 550 MB of disk space.

    • If you're installing NetWare 5 with all the products and all the documentation, you'll need 700 MB of disk space.

Determining the Size of the NetWare Boot Partition.    Depending on the size of your storage devices and the amount of server memory you have, you can make the boot partition much larger than the recommended minimum. A larger boot partition allows the server to dump its memory to the local drive so that you can troubleshoot server problems. NetWare 5 supports core dumps that exclude unused cache. For example, one test server with 167 MB of RAM, including a swap file, created a core dump of 14 MB. But, if the server had been using all of its RAM, it would have created a core dump of 167 MB. The more RAM available, the less likely it will be that the core dump will be the size of the amount of installed RAM.

Tuning NDS eDirectory to Perform Efficiently on NetWare.    To best use your server hardware, you should tune NDS properly. Without being properly tuned, even the most powerful hardware will not perform to its potential. The following list discusses the settings Novell used to optimize NDS's performance during testing. These settings are the ones Novell found to really impact performance. Only use these settings if you have more than 64 MB RAM, as some of these settings could exceed the available memory if you have only minimum memory.

Max TCP Port Limit

The Max TCP Port Limit parameter sets the upper boundary for the number of dynamic ports used by the system. The lower bound is set at 1024. The upper bound can be set to 55,000. NDS eDirectory uses three dynamic ports per authenticated connection.

This parameter can only be set using an updated IP stack available from support. The shipping IP stack is fixed with about 3,750 dynamic ports. eDirectory uses 3 dynamic connections per authenticated user connection.

Maximum Pending TCP Connection Requests

The default for maximum pending TCP requests is 128. The maximum is 4096. This parameter allows the server to handle a larger number of connection requests that may occur in this testing configuration. Once the max pending limit is reached, the NetWare server will begin to refuse connections.

Maximum Packet Receive Buffers

The Maximum Packet Receive Buffers parameter limits the number of buffers that the receiving protocol stack has available. The number will depend on available memory. The default is 500. This value should be approximately three times the minimum receive buffer parameter.

Minimum Packet Receive Buffers

The operating system will allocate the minimum number of receive buffers as a contiguous block of memory at startup. These buffers are used to handle all received communications. The default is 128. LDAP worker threads use these buffers during searches. The minimum limit should be set to two per anticipated client.

Maximum Physical Receive Packet Size

The Maximum Physical Receive Packet Size specifies the limit on the size of packet receive buffers. The default limit is 4224. The limit is set to 2048 in order to conserve memory. TCP packets will always be less than 2K in size. This change should be made only when running in an all TCP/IP environment.

Maximum Concurrent Disk Cache Writes

The Maximum Concurrent Disk Cache Writes parameter is used to limit the number of writes to give priority to reads. Newer disk systems can handle more writes faster, so this value can be increased. The default for this parameter is 750. Novell set it to 2000 to tune for Bulk Loader.

Maximum Concurrent Directory Cache Writes

The Maximum Concurrent Directory Cache Writes parameter is a tuning parameter for updates. The default is 75. Novell set this to 500 for Bulk Loader tuning. You can also use this parameter to increase update performance at the expense of search performance.

Maximum Directory Cache Buffers

Novell set the Maximum Directory Cache Buffers parameter to its maximum value of 200000. Its default is 500, which is its minimum value. This parameter controls the number of cache buffers available to the directory for use. Larger size databases require more buffers. This is not database cache. This memory is allocated at eDirectory startup. Database cache is controlled separately

Maximum Number of Internal Directory Handles

The Maximum Number of Internal Directory Handles parameter limits the number of directory handles available to server NLMs accessing resources. Novell set this parameter higher so that directory handles remain available longer to a connection, thus eliminating the need to re-check rights on the connection. The default is 100. Novell set the value to 1,000.

Maximum Number of Directory Handles

The Maximum Number of Directory Handles parameter limits the number of directory handles available to client applications. Novell set this parameter higher so that directory handles remain available longer to a connection, thus eliminating the need to re-check rights on the connection. The default is 100. Novell set the value to 1,000.

The above parameters are the ones that Novell found to really affect performance. Novell also sets the following parameters, but they haven't been found to have as great an impact.

Maximum Record Locks Per Connection = 10000 (default 500)

Novell set this parameter as a tuning experiment. It doesn't hurt to have this value, but we didn't notice a great performance increase.

Maximum Record Locks = 100000 (default 20000)

Novell set this parameter also as a tuning experiment. It doesn't hurt to have this value, but we didn't notice a great performance increase with this parameter, either.

NCP over UDP = Off (default On)

Novell set this parameter to handle a replication problem found on the Novell corporate tree. We have fixed this problem, but the setting doesn't hurt.

Maximum Outstanding NCP Searches = 500 (default 51)

Novell set this parameter to control the size of the mapping table from 16-bit handles to 32-bit handles. This parameter increases the performance of concurrent or highly recursive Find First/Find Next operations.

NDS Janitor Interval = 720 (default 720)

Novell doesn't change this parameter. This parameter controls when the NDS janitor processes kick off. It's set to spread out instances of the janitor processes.

Dirty Directory Cache Delay

Sometimes, you'll see a recommendation to set the Dirty Directory Cache Delay Time to 0. Keep in mind that setting this parameter to 0 dramatically reduces performance. If you want to tweak this parameter, remember that:

  • Increasing the delay time in the Dirty Directory Cache parameter gives slightly quicker performance, but increases the probability of the directory tables becoming corrupted.

  • Decreasing the delay time slightly reduces the chance of directory tables becoming corrupted, but can reduce performance slightly.

NDS eDirectory on Windows NT

If you're running the NDS eDirectory on Windows NT, you'll need:

  • A Pentium 200 with 96 MB RAM. Keep in mind that Windows NT requires 64 MB of RAM by itself.

  • Windows NT4.0 Server with Service Pack 3 or higher and with Y2K patches applied. Novell recommends that you install Service Pack 6.

  • A static IP address on the Windows NT server.

  • The Monitor Color Palette set to a number higher than 16 colors.

  • All NetWare servers must have at least NDS version 6.09 installed.

  • NetWare 5 servers must have Service Pack 2 installed for the minimum version of NDS.

NDS eDirectory on UNIX-based Operating Systems

At this time, NDS supports Linux and Solaris as UNIX-based operating systems. For best NDS performance, tune Linux and Solaris to handle a large number of short-term connections. For a good reference on performance monitoring and tuning these environments, see the book Sun Performance and Tuning by Adrian Cockroft (April 7, 1998 Prentice Hall; ISBN: 0130952494).

NDS eDirectory on Linux

If you're running the NDS eDirectory on Linux, you'll need:

  • 32 MB RAM minimum, 64 MB recommended for the Linux server. To run NDS and the LDAP server on the same machine, you need at least 128 MB RAM.

  • 21 MB free diskspace for the software. You need 35 KB additional disk space for every 100 certificates in the replica.

  • 2 MB disk space per thousand user objects for the replica

  • Linux Kernel 2.2 (RedHat 6.1, glibc-2.1.2-11 and kernel 2.2.12-20, or RedHat 6.2, glibc.2.1.3-6 and kernel 2.2.14-5.0, if SSL is required). You can download glibc-2.1.3-6 and later versions from ftp://ftp.redhat.com/pub/redhat/redhat-6.2beta/i386/RedHat/RPMS/glibc-2.1.3-6.i386.rpm or from ftp://ftp.redhat.com/pub/redhat/redhat-6.2beta/i386/RedHat/RPMS/nscd-2.1.3-6.i386.rpm

  • RedHat Package Manager (RPM) v3.0 or later (for Installation)

NDS eDirectory on Solaris

If you're running the NDS eDirectory on Solaris, you'll need:

  • Solaris 2.6 or Solaris 7 (SPARC Platform edition). You will also need the Sun-recommended patches available at ftp://sunsolve.sun.com/pub/patches. This site contains monthly patches. You can also access patches at http://access1.sun.com. You can also check the Novell Knowledgebase, with the keywords "NDS4SOL" or "NDSonSOL" at http://support.novell.com/.

  • A minimum of 64 MB RAM for Solaris 6 and 128 MB of RAM for Solaris 7 and later. If you're running the NDS server and an LDAP server, you'll need a minimum of 256 MB of RAM.

  • 21 MB of disk space for the NDS server (this includes the LDAP server and the Novell Public Key Cryptography Services). Add 35 KB of disk space for every 100 certificates and 3 MB of disk space for every 1000 NDS User objects in the replicas held on your server.

  • Novell Client for Windows 95/98 version 3 or higher, or for Windows NT version 4.5 or higher.

  • NetWare 5 with Support Pack 2 installed, if you're installing NDS in a mixed Solaris and NetWare environment.

ConsoleOne and Management Tools Requirements.    To run ConsoleOne version 1.2 or later and the management tools, you'll need:

  • Windows 95/98 or Windows NT system with 64 MB of RAM and 125 MB of disk space to install the ConsoleOne and management tools.

  • This requirement is only for ConsoleOne and other management tools, not for NDS. Soon, ConsoleOne will run natively on both Linux and Solaris.

Setting the NDS Database Cache Level

The setting that most affects NDS eDirectory performance is the NDS database cache size. You can configure the amount of RAM that NDS will use as cache. As a rule of thumb, make your cache a little smaller than the directory database set (DIB set). As more of the DIB becomes caches, NDS's performance improves. As an extremely general rule, the performance improves the closer you get 1:1 ratio of cache to the size of the DIB Set. You should keep in mind, though, The 1:1 ratio recommendation assumes that you require your entire DIB in cache. Your system might not need to cache your entire DIB set. This is because your DIB might have attributes or objects that you rarely need to access. So, caching them would make very little difference in your performance, and would ultimately waste memory.

As you configure the database cache, consider the memory requirements for the other services running on the server. If the server is an application server, you should allow the cache to use no more than 40% of the memory. If the server is used only on NDS, you can allow up to 80% of your memory to be used. You need to allow sufficient memory to remain for caching, backups, and mounting the volumes. Keep in mind that you can set the cache size to zero, if you need to.

NetWare can use all the memory for NDS, but that maximum cache memory isn't required for optimal performance. NetWare can cache some NDS entries more than once, and that isn't necessary.

Remember, too, that more NDS database cache is used when you use DSREPAIR to repair the database. Also, you'll use more database cache if you run DSREPAIR a few times in a row.

The table below shows how to set the database cache level to 2 MB on NetWare, NT, and Solaris/Linux.


Platform
Where to Do the Procedure
Procedure

NetWare

ndstrace screenor _ndsdb.ini

Set DSTRACE=!mb2097152 Create the _ndsdb.ini file in the \Novell\NDS\DIB directory. Set the cache parameter as cache=2097152 (Note you don't have to use the !mb if you set the cache size in _ndsdb.ini)

NT

_ndsdb.ini

Create the __ndsdb.ini file in the \Novell\NDS\DIB directory.Set the cache parameter as cache=2097152 (Note you don't have to use the !mb if you set the cache size in _ndsdb.ini)

Solaris/Linu x

ndstrace screenor _ndsdb.ini

Set DSTRACE=!mb2097152 Create the _ndsdb.ini file in the \var\nds\dib directory. Set the cache parameter as cache=2097152 (Note you don't have to use the !mb if you set the cache size in _ndsdb.ini)

 

If you want a different size of database cache, replace the value 2097152 with the size you need. On non-NetWare platforms, you must restart the server after you change _ndsdb.ini.

Remember that if you enter the incorrect syntax, the database cache will be set to 0. To check that the database cache has not been set to 0:

  1. SET DSTRACE=OFF

  2. SET DSTRACE=ON

  3. SET DSTRACE=*P

  4. Toggle to the dstrace debug screen and check the SMI Max cache setting.

Estimating Disk Space for the NDS Database

You can optimize server performance by increasing the amount of server memory, disk space, and processor speed. However, remember that these guidelines are the minimum guidelines.

One of the current major limitations to tree size now is your disk space and the disk input/output limitations. A typical NDS object in NDS eDirectory is 2 to 5 KB in size. Knowing this, you can quickly calculate disk space requirements for a given number of users. You only have to multiple the number of users you have times the size of their user object. For example, if you have 100 users, you multiply 100 x 5 KB. In this case, your disk space would have to accommodate 500 KB of information.

Keep in mind that an object's size varies depending upon how many attributes the object has and what the data is that the attributes are holding. If an object will hold BLOB (Binary Large Object) data, (such as picture, sounds and biometrics) the object will be substantially larger than the 2 to 5 KB guideline.

Recommendations for NDS eDirectory on Windows NT and Linux

The version of NDS used in eDirectory has been shown to efficiently scale. The table below shows typical implementation recommendations for NDS with 100,000 objects, 1 million objects, and 100 million objects. This table gives suggestions for the minimum hardware requirements necessary to run NDS, the operating system, and other basic services.


Number of Objects
Minimum Processor Speed
Number of Processors
Minimum Hard Disk Size
Minimum Amount of Memory (RAM)

100,000

Pentium III 450-700 MHz

1

500 MB

384 MB

1,000,000

Pentium III 450-700 MHz

2

5 GB

2 GB

100,000,000

Pentium III 450-700 MHz

2 to 4

500 GB

4 GB

The suggestions in this table were based upon 5MB per 1,000 users. That figure assumes an average object size of 5 KB. As you add and use new attributes in the directory, your hard disk requirements will increase.

As a general rule, Novell recommends that you set aside 20-30% of the memory for the operating system and leave 70-80% of the memory for the NDS database cache. You must remember that is a general guideline only. If your server is running any other services besides NDS, including e-mail or file and print, you will have to give less memory to the database cache. Also, remember that these guidelines are for trees with moderate usage. If you have huge amounts of database requests, you will probably need more memory. Please talk with Novell Consulting Services for assistance.

If you are planning to have 1,000,000 to 100,000,000 objects in your tree, please contact Novell Consulting Services. Setting up a tree this large involves a number of issues that will be unique to your situation. Novell Consulting Services has the resources to help you be successful and achieve the best performance http://www.novell.com/consulting/.

You might need more or more powerful processors and more memory if your server is running additional services, including file and print, or handling a very large number of authentications and reads and writes. Encryption and indexing can be processor-intensive. Additional memory is always helpful because NDS can use it to cache more of the directory into memory and speed performance.

NDS Design Limits

The following table gives the recommended design limits for NDS eDirectory.


Partition size

Unlimited

Total number of partitions in the tree

Unlimited

Number of child partitions/per parent

150 partitions

Number of replicas/per partition

50 replicas

Number of replicas per Replica Server

250 replicas

These rules apply to general distributed environments, such as corporate enterprises. They might not apply to e-business. Typical e-business uses require that all the data be stored on a single server.

CNN: An Example of NDS's Efficient Use of Hardware

CNN chose NDS eDirectory because it could store personalized content for each user object. In their implementation, NDS is currently supporting 25,000,000 HTML page views per day. CNN is planning on an exploding growth rate. To implement this huge load, CNN is running four NetWare 5 servers hosting NDS eDirectory. CNN used an open-standard LDAP SDK to build an NSAPI (NetWare Server Application Programming Interface) plug-in to the Web server that makes LDAP calls to retrieve data from NDS.

The Web servers are loaded with the NSAPI LDAP client (with a simple load balancing algorithm) to distribute the requests across the NDS servers. CNN is running four Compaq ProLiant 6400s with 2GB RAM-1.5GB dedicated to NDS cache and 500 MB for NetWare 5. To handle the packet load, each server has three Intel EtherExpress Pro/100 Intelligent Server Adapters. Currently, only one of the network cards has a TCP/IP protocol stack bound. In the future, as the load grows, two of the network cards could be load balanced for one IP address and bound to LDAP. The third network card would then handle only the NDS replication traffic by using WAN Traffic Manager to set a cost that will force NCP traffic onto its own channel.

Although CNN has yet to display content based on a user's preference, NDS is handling 25,000,000 HTML page views per day. These page views have a one-to-one correlation to NDS searches. With this load, NetWare servers are experiencing an average CPU utilization of less than 10%. The average response time is 5 milliseconds. As the directory database grows, the response time will grow slightly because a reply with data takes longer than a reply with no data. However, CNN has planned for this. Their current hardware allows for significant growth without additional processing or storage needs.

Given the traffic that CNN is currently handling and their plans for the future, their hardware implementation with NDS is extremely lean. Yet, it is extremely efficient. See success story http://www.novell.com/success/cnn.html.

Conclusion

It doesn't take a lot of high-powered hardware to efficiently run the NDS eDirectory. Fine-tuning that hardware allows the most efficient NDS performance possible. The guidelines given in this article should help you choose the appropriate hardware for your site and adequately tune it.

* Originally published in Novell AppNotes


Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© 2014 Novell