KDC performance test - lookaside cache impact, testing framework
Nico Williams
nico at cryptonector.com
Mon Jun 18 10:47:24 EDT 2012
What's the point of the lookaside cache? A: To avoid re-computing
replies to retransmited requests, which might occur in the event that
the KDC is much too busy. But... it might just be just as good to
drop requests when the KDC is too busy, or better, to have an
EAGAIN-like error code to send back in a KRB-ERROR so the clients can
immediately back off longer.
Also, how would the lookaside cache work in the multi-processor option
case? For a multi-threaded KDC you'd want to make sure to lock only
lookaside table buckets so as to decrease contention.
Anyways, I vote for removing this feature altogether.
Nico
--
More information about the krbdev
mailing list