Why krb5kdc and kadmind sets up ports for listening differently ?

Vipin Rathor v.rathor at gmail.com
Wed Feb 20 04:28:48 EST 2008


On 2/19/08, Ken Raeburn <raeburn at mit.edu> wrote:
> The UDP service offered by the KDC needs to respond from the same IP
> address that the client used to reach it.  That's not possible with a
> wildcard-address listener unless your system has support for
> IP_PKTINFO or IPV6_PKTINFO, which is now supported in our code as
> well.  The TCP listener does use a wildcard address.
>
Does that mean, if wildcard is used over UDP for KDC, then on a
multi-IP machine, same IP will not be returned to the client?
Whereas TCP with wildcard, takes care of returning same IP, due to
it's reliability feature?

-- 
-Rathor



More information about the Kerberos mailing list