Ideally I would rely on a -group- of servers, and then rely on DNS if it is down. I don't want to hammer one server. We're talking about 500-1000 servers running virtual machines, so potentially a lot of traffic. Got any suggestions for that?
--- Brian Cook Solutions Architect, Red Hat, Inc. 407-212-7079 On Apr 13, 2012, at 12:30 PM, Rob Crittenden wrote: > Brian Cook wrote: >> Has anyone worked any magic to keep DNS, kerberos and LDAP request >> routed to local servers in an IPA setup where topology is separated by >> WAN links? >> >> I have looked at things like doing sorts in the DNS client >> configuration, BIND views, etc. but I would like to know if anyone else >> has tried to tackle this issue. > > Which clients? For some things (logins, etc) you can reverse the order of the > servers in /etc/sssd/sssd.conf so a fixed server comes before the _srv_ entry > in ipa_server. This way you can point at a desired server but still be able > to fall back to DNS if it is down. > > rob
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
