[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LVS and kerberos

To: "Jonathan Higgins" <jhiggins@kennesaw.edu>
Subject: Re: LVS and kerberos
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Tue, 17 May 2005 12:12:13 +0200
Cc: <heimdal-discuss@sics.se>
In-Reply-To: <s2832ed5.087@greatowl.kennesaw.edu> (Jonathan Higgins'smessage of "Thu, 12 May 2005 10:24:09 -0400")
References: <s2832ed5.087@greatowl.kennesaw.edu>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)


"Jonathan Higgins" <jhiggins@kennesaw.edu> writes:

> working on a lvs cluster, and attempted to place a few kdc's inside the
> cluster.
>  
> Got several errors from kinit, about incorrect address and after thinking
> about it, because the way that lvs works it would always have the wrong
> address.
>  
> was wondering if someone had experience with this, or is there a known
> alternative for load balancing kdc's (besides dns round-robin).

If the LVS hids the clients ip and only show the LVS "master" adress as the
client address, you need to turn off address checking.

See about check-ticket-addresses in krb5.conf

Love

PGP signature

References:
- LVS and kerberos
  - From: "Jonathan Higgins" <jhiggins@kennesaw.edu>

Prev by Date: Heimdal client crashing Solaris telnetd
Next by Date: Re: ETYPE-INFO & AS-REP questions
Prev by thread: Re: LVS and kerberos
Next by thread: Re: LVS and kerberos
Index(es):
- Date
- Thread