Hello,
I’m trying to set up an additional slave KDC in a new location (different
network), and I’m having trouble kprop’ing the database.
There is some tricky networking / routing going on between the network where
the master KDC is and the network where the slave will be, that I am in the
sit
On Wed, 23 Dec 2015, Jerry Shipman wrote:
> I think that kpropd is trying to look up the hostname of the master in DNS,
> and seeing the public IP, instead of the private IP which the connection is
> coming from, and then aborting because of that mismatch (or something like
> that).
> On a lark
On 12/23/2015 03:50 PM, Jerry Shipman wrote:
> Is there a way to do what I’m trying to do?
> Or, is there a reason that it is dangerous to avoid verifying that IP match,
> and I shouldn’t try to work around it?
The only really useful purpose of checking addresses is preventing
reflection attacks,
