scaling problems

[Russ Allbery]

John Hascall <john at iastate.edu> writes:
> Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:

>> - A hour a long time to wait for password updates between KDCs.  Mine is
>>   set to 5 minutes.

>     If you are a big site (tens of thousands of principals),
>     this is probably not an option.  Most of us in that
>     category have invented or adopted some sort of incremental
>     update scheme.

We have tens of thousands of principals and we haven't run into serious
performance issues with doing full replication yet.  I think the scaling
factor is more in the hundreds of thousands of principals.

>     I think it would take a combination of a pretty big site and
>     a pretty lame server for anyone to notice a load problem (ours
>     ran on an 8Mhz DECstation for years!)  I think the most common
>     reasons for a slave KDC are:
>        * reliability (if your main server coughs up a motherboard or ...)

Yes, it's probably the best way to do KDC backups.  :)

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>