Kerberos behind load balancer?
Sam Hartman
hartmans at MIT.EDU
Wed Oct 6 13:52:50 EDT 2004
>>>>> "Jason" == Jason T Hardy <jthardy at uta.edu> writes:
Jason> Sam, Actually, a load balancer simplifies client deployment
Jason> in our case (we can't utilize DNS load balancing on our
Jason> campus). We can, with a load balancer, have all of the
Jason> KDC's share one hostname. Our kadmin server can also share
Jason> that hostname.
I think what I'm questioning here is the need for load balancing of
the KDC. I agree that if you need to load balance a KDC, using a load
balancer is one way to do it. If you don't actually need to load
balance access to your KDCs, you'll find you get a much simpler
deployment without the load balancer.
--Sam
More information about the Kerberos
mailing list