On 1.5.2014 16:44, Rob Crittenden wrote:
Steven Jones wrote:
Hi,

We have a master at our DR site which is "further way" than our 2 local
masters, is there a way (in DNS say) that we could "encourage" clients to
use the closer IPA masters?

eg

host -t SRV _ldap._tcp.ods.vuw.ac.nz
_ldap._tcp.ods.vuw.ac.nz has SRV record 0 100 389 serveripa3
_ldap._tcp.ods.vuw.ac.nz has SRV record 0 100 389 serveripa2
_ldap._tcp.ods.vuw.ac.nz has SRV record 1 100 389 serveripa1

?

or what would be the best way?

You're looking for DNS site support. IPA doesn't currently support this. For
details see ticket https://fedorahosted.org/freeipa/ticket/2008

This is not entirely correct. Sites support is necessary if you want to use different priorities for different clients. Is it your case, Steven?

SRV records shown above should route all requests *from all clients* to (serveripa3 or serveripa2). Serveripa1 should be used only as fallback if neither serveripa3 nor serverip2 is available.

It is a bug (not related to sites support at all) if this doesn't work.

Steven, please tell us what is your use case.

BTW how did you test it? Did you use SSSD/"ipa"command/something else?

--
Petr^2 Spacek

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to