scaling problems

[John Hascall]

Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:
> >So, logical consequence is that master must answer all TGT requests. 
> Two more things:
> - A hour a long time to wait for password updates between KDCs.  Mine is
>   set to 5 minutes.

    If you are a big site (tens of thousands of principals),
    this is probably not an option.  Most of us in that
    category have invented or adopted some sort of incremental
    update scheme.

> - I don't actually do load balancing between my KDCs, but the load on them
>   is so light, I never notice a problem.

    I think it would take a combination of a pretty big site and
    a pretty lame server for anyone to notice a load problem (ours
    ran on an 8Mhz DECstation for years!)  I think the most common
    reasons for a slave KDC are:
       * reliability (if your main server coughs up a motherboard or ...)
       * slow or unreliable networks (e.g., the podunk branch office problem)

John