[krbdev.mit.edu #6742] would like to be able to specify listening address for krb5kdc and kadmind
Nico Williams via RT
rt-comment at krbdev.mit.edu
Fri May 25 03:10:48 EDT 2012
On Thursday, May 24, 2012, nalin at redhat.com via RT wrote:
> On Thu, May 24, 2012 at 12:04:30PM -0400, Greg Hudson via RT wrote:
> > We have someone interested in solving this issue. Do you think it would
> > be sufficient to add an inetd option to krb5kdc?
> >
> > Because we serve over UDP and TCP, and because correctly implementing a
> > UDP server in the Unix socket interface is more difficult than it should
> > be, our server network loop is very complicated. Deferring this issue to
> > inetd would have a small UI footprint and would add a small amount of
> > additional complexity. Adding specific address configuration would have
> a
> > larger UI footprint and a larger increase in complexity, I expect. But
> > it's something we could still consider.
>
> It sounds like it could. Would such a setup end up firing up a
> different KDC (or kadmind) process for each listening address that
> received traffic?
>
Yes. That's how intend works. Note the each krb5kdc instance could still
run a number of worker process larger than one.
Nico
--
More information about the krb5-bugs
mailing list