I am not completely sure how new keyservers are determined, one way
seems to be the peering list. If you advertise the same hostname on
multiple keyservers, only one node will be included (see keys1.flanga.io
and keys2.flanga.io are both included in peering lists but only
keys.flanga.io as loadbalancer appears in the sks-keyservers file),
however you will get into troubles if the keyserver is not reachable so
all servers would fall out of the pool (and it has some side effects on
the info about the peering, but I did not find anything that would cause
real operational issues).

If both keyservers are peered over private IP addresses, you can just
add them to the peering file - they are excluded from the pool (for
obvious reasons).

Furthermore, there is a global exclude list, ask Kristian for that.

Best regards,

Am 05.02.18 um 01:26 schrieb Hendrik Visage:
> Good day,
>  As I can’t dump the SKS database while running, and the file snapshot
> setup not quite feasible for my setup(s) yet, I was wondering about a
> gossiping only server (and only gossiping to a limited set servers
> close peers) that isn’t connected/advertised to the SKS pool.
>  This would then be a server I could easily take offline and dump keys
> every so often, not impacting the pool availability etc.
> Which settings should I use to achieve the above, as it seems the
> moment I start the server, it starts to broadcast it’s availability to
> be included in the pool?
> ---
> Hendrik Visage
> HeViS.Co Systems Pty Ltd
> T/A Envisage Systems / Envisage Cloud Solutions
> +27-84-612-5345 or +27-21-945-1192
> hvis...@envisage.co.za <mailto:hvis...@envisage.co.za>
> _______________________________________________
> Sks-devel mailing list
> Sks-devel@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/sks-devel

Attachment: signature.asc
Description: OpenPGP digital signature

Sks-devel mailing list

Reply via email to