Ideally I would rely on a -group- of servers, and then rely on DNS if it is 
down.  I don't want to hammer one server.  We're talking about 500-1000 servers 
running virtual machines, so potentially a lot of traffic.  Got any suggestions 
for that? 

Brian Cook
Solutions Architect, Red Hat, Inc.

On Apr 13, 2012, at 12:30 PM, Rob Crittenden wrote:

> Brian Cook wrote:
>> Has anyone worked any magic to keep DNS, kerberos and LDAP request
>> routed to local servers in an IPA setup where topology is separated by
>> WAN links?
>> I have looked at things like doing sorts in the DNS client
>> configuration, BIND views, etc. but I would like to know if anyone else
>> has tried to tackle this issue.
> Which clients? For some things (logins, etc) you can reverse the order of the 
> servers in /etc/sssd/sssd.conf so a fixed server comes before the _srv_ entry 
> in ipa_server. This way you can point at a desired server but still be able 
> to fall back to DNS if it is down.
> rob

Freeipa-users mailing list

Reply via email to