DNS SRV Records

Daniel Henninger daniel at unity.ncsu.edu
Thu Jan 8 16:18:56 EST 2004


Folk,

I'm trying to figure out what all of the current (and future supported)
SRV records for Kerberos are, and some meanings here and there.

So here's the type of entries I have:

For various dns domains:
_kerberos			TXT	"EOS.NCSU.EDU"
 to map all machines ending in eos.ncsu.edu to the EOS.NCSU.EDU krb realm.


For the slave kerberos servers (pretend name is 'kslave'):
_kerberos._udp			SRV	0 0 88 kslave
_kerberos-iv._udp		SRV	0 0 750 kslave
_krb524._udp			SRV	0 0 4444 kslave


For the master kerberos server (pretend name is 'kmaster'):
_kerberos-master._udp		SRV	0 0 88 kmaster
_kerberos-adm._udp		SRV	0 0 749 kmaster
_kpasswd._udp			SRV	0 0 464 kmaster


Ok, something I haven't added that I just saw is:
_kerberos._tcp			SRV	0 0 0 .
Now.  I don't know what that's supposed to mean.  Does that fact that it's
a 0 port and a . for the host mean "we don't support tcp kerberos yet"?
An indication to windows clients of sorts?  (I only say this in the
windows documentation)

Also, are the other records that I'm missing/don't know about?  Are there
ones above that absolutely nothing uses?  How do you manage to tell krb4
to use dns lookups instead of krb.conf and krb.realms?

Thanks!

Daniel

-- 
/\\\----------------------------------------------------------------------///\
\ \\\      Daniel Henninger           http://www.vorpalcloud.org/        /// /
 \_\\\      North Carolina State University - Systems Programmer        ///_/
    \\\                   Information Technology <IT>                  ///
     """--------------------------------------------------------------"""


More information about the Kerberos mailing list