[20415] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Behaviour around _kerberos-master._tcp

daemon@ATHENA.MIT.EDU (Tushar Prasad via krbdev)
Thu Mar 9 21:15:29 2023

To: "krbdev@mit.edu" <krbdev@mit.edu>
Date: Fri, 10 Mar 2023 02:14:06 +0000
Message-ID: <MN2PR15MB3215BB6D3D60D5FEFFD9FB6FE1BA9@MN2PR15MB3215.namprd15.prod.outlook.com>
Content-Language: en-SG
MIME-Version: 1.0
From: Tushar Prasad via krbdev <krbdev@mit.edu>
Reply-To: Tushar Prasad <Tushar.Prasad@ibm.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

HI

Our product makes use of Kerberos client in a proxy.

The product needs to send Kerberos token to the Application.

When that needs to be done, _kerberos-master._tcp  DNS query seems to be sent  at everything a token request is made

Is it as per design? Or there is a caching of master kdc possible(planned) so that _kerberos-master._tcp  can be resolved and DNS and can be cached (for some interval) so that a repetitive query is not sent?

At this point, we are aware of master_kdc entry but looking for options other than making configuration changes in krb5.conf?

Thanks
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20415] in Kerberos_V5_Development

Behaviour around _kerberos-master._tcp

daemon@ATHENA.MIT.EDU (Tushar Prasad via krbdev)Thu Mar 9 21:15:29 2023

daemon@ATHENA.MIT.EDU (Tushar Prasad via krbdev)
Thu Mar 9 21:15:29 2023