[ https://issues.apache.org/jira/browse/ZOOKEEPER-2858?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16108335#comment-16108335 ]
caixiaofeng commented on ZOOKEEPER-2858: ---------------------------------------- u can try to use https://issues.apache.org/jira/browse/ZOOKEEPER-1467 and server.principal set on both side of client and server. > Disable reverse DNS lookup for java client > ------------------------------------------ > > Key: ZOOKEEPER-2858 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2858 > Project: ZooKeeper > Issue Type: New Feature > Components: java client > Affects Versions: 3.4.6 > Reporter: Andrey > > I have the following setup: > - zookeeper server running in docker container > - kerberos auth > When client setup sasl connection it creates service principal name as: > - "principalUserName+"/"+addr.getHostName()", > where: > - addr.getHostName is the reverse DNS of original server host. > If zookeeper nodes will be deployed behind the firewall or software defined > network (the docker case), then reverse DNS host won't match original server > host. And this is done by design. > If these hosts won't match, then principals won't match and Kerberos auth > will fail. > Is it possible to introduce some configuration parameter to disable reverse > DNS lookups? -- This message was sent by Atlassian JIRA (v6.4.14#64029)