[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LVS and kerberos

"Jonathan Higgins" <jhiggins@kennesaw.edu> writes:

> working on a lvs cluster, and attempted to place a few kdc's inside the
> cluster.
> Got several errors from kinit, about incorrect address and after thinking
> about it, because the way that lvs works it would always have the wrong
> address.
> was wondering if someone had experience with this, or is there a known
> alternative for load balancing kdc's (besides dns round-robin).

If the LVS hids the clients ip and only show the LVS "master" adress as the
client address, you need to turn off address checking.

See about check-ticket-addresses in krb5.conf


PGP signature