[4630] in Kerberos
kerberos with multi-home hosts.
daemon@ATHENA.MIT.EDU (Ian Johnston)
Thu Feb 16 02:16:42 1995
To: kerberos@MIT.EDU
Date: 16 Feb 1995 05:42:05 GMT
From: Ian Johnston <xv02834@powers.phoenix.telecom.com.au>
I have a little problem with using kerberos with multi-homed hosts
when using the DNS to resolve hostnames. The setup I have is like
this
------------------------------ 144.135.4.X
|.7 |.8
[ ] [ ]
[ A ] [ B ]
[ ] [ ]
|.5 |.6
------------------------------ 144.135.7.X
Both hosts are HP9000/800 running HP-UX 9 with the HP-UX named.
Kerberos is being used as a part of the TOP END transaction monitor
software on these machines.
Each machine has two ethernet cards but each machine has the lan0
and lan1 cards connected to opposite networks.
When machine A does an nslookup of machine B address 144.135.4.8
is returned first. When B does an nslookup of A the address
144.135.7.5 is returned. This means between these two machines
travel on two different networks depending on the direction.
The problem the TOP END people have come to me with is that the
kerberos authentification is failing because host A sees host B as
144.135.4.8 and host B sees itself as 144.135.7.6. This is causing
much confusion.
So now the questions;
1) Is our DNS setup defective? Should both machines be talking on
the one network?
2) What does kerberos do with these IP addresses? Does Kerberos
expect to get the same hostname from reverse lookups of the
two different interface cards?
Any thoughts would be appreciated. Please feel free to either email
me or respond to this newsgroup.
Thanks in advance
Ian J
