One of our LDAP client machines, which I cannot immediately fix or reinstall, occasionally starts creating thousands of simultaneous connections to our OpenLDAP server, to the point where the server stops responding to other clients.
Is there a way to limit the number of connections from each client machine so that other clients do not suffer? I can't find anything in the slapd.conf man page, but maybe someone more expert can suggest something.
It didn't occur to me until I had already posted the question, but I have found a solution/workaround.
Instead of changing the OpenLDAP server configuration I have told the firewall (iptables in this case, since this is a Linux machine) to limit the number of connections per client to the relevant port. If anyone is interested, the line I have added to /etc/sysconfig/iptables is this:
-A RH-Firewall-1-INPUT -p tcp --dport ldaps -m connlimit --connlimit-above 100 -j REJECT