On 11/5/20 12:53 AM, Paul B. Henson wrote: > We're currently using DNS SRV records and all of our kdc's seems to have > fairly equal load. Are DNS SRV records handled differently in terms of > distributing load, or is that just a side effect of the resolver handing > them back in a different order for each lookup?
SRV records contain a priority and a weight. The MIT krb5 implementation orders the records by priority and ignores the weight. If all records have the same priority, we don't randomize the order, but the DNS resolver will typically will. (Heimdal actually uses the weight fields, so that part varies by implementation.) > There's no mechanism for load balancing when using file based > kdc configuration? Correct. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
