Ideally I would rely on a -group- of servers, and then rely on DNS if it is
down. I don't want to hammer one server. We're talking about 500-1000 servers
running virtual machines, so potentially a lot of traffic. Got any suggestions
Solutions Architect, Red Hat, Inc.
On Apr 13, 2012, at 12:30 PM, Rob Crittenden wrote:
> Brian Cook wrote:
>> Has anyone worked any magic to keep DNS, kerberos and LDAP request
>> routed to local servers in an IPA setup where topology is separated by
>> WAN links?
>> I have looked at things like doing sorts in the DNS client
>> configuration, BIND views, etc. but I would like to know if anyone else
>> has tried to tackle this issue.
> Which clients? For some things (logins, etc) you can reverse the order of the
> servers in /etc/sssd/sssd.conf so a fixed server comes before the _srv_ entry
> in ipa_server. This way you can point at a desired server but still be able
> to fall back to DNS if it is down.
Freeipa-users mailing list