[27291] in Kerberos
Re: Wrong principal in request using virt interface
daemon@ATHENA.MIT.EDU (Christopher D. Clausen)
Mon Jan 29 17:47:44 2007
Message-ID: <06a901c743f7$749a97a0$0100a8c0@CDCHOME>
From: "Christopher D. Clausen" <cclausen@acm.org>
To: <petesea@bigfoot.com>
Date: Mon, 29 Jan 2007 16:47:25 -0600
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
petesea@bigfoot.com wrote:
> On Mon, 29 Jan 2007, Christopher D. Clausen wrote:
>> Can you simply fail-over using the same IP on both interfaces? (I
>> believe there is a bonding module in Linux that can do this.)
>
> The point of the virt interface is so it can be moved to a different
> host. If the virt interface has the same IP as the real interface,
> then it couldn't be moved to another host. In other words, the
> "fail-over" is to fail over to a completely separate host, not a
> separate interface on the same host.
Uhh, can I ask why you are doing this? Kerberos already has a master/slave architecture. There is no need to "cluster" Kerberos servers in the manner you describe. Just setup multiple slave servers.
I thought you wanted more reliable KDCs by having redundant network interfaces.
<<CDC
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos