[16623] in Kerberos_V5_Development
Re: KDC query client performance
daemon@ATHENA.MIT.EDU (Simo Sorce)
Mon Feb 14 14:00:51 2011
Date: Mon, 14 Feb 2011 14:00:45 -0500
From: Simo Sorce <ssorce@redhat.com>
To: krbdev@mit.edu
Message-ID: <20110214140045.33f53adc@willson.li.ssimo.org>
In-Reply-To: <20110214183514.GG14570@mournblade.imrryr.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Mon, 14 Feb 2011 18:35:14 +0000
"Roland C. Dowdeswell" <elric@imrryr.org> wrote:
> Also, it might be a better idea in the longer term to write a little
> daemon that runs as root, listens on a UNIX domain socket and
> accepts requests from the krb5 libs to have conversations with
> various KDCs. The advantage of this would be that this daemon
> could keep track of which KDCs are up and perhaps even keep track
> of which ones answer the quickest (and are therefore likely the
> closest), etc.
You can do this separately by creating a locator plugin.
That's what we do with the SSSD project at least, so that the sssd
daemon does the discovery and just tells the krb5 libs what is the ip
address to use for the KDC.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
