How often does MIT krb5 request for KDC info through DNS?
nico at cryptonector.com
Tue Aug 5 16:48:03 EDT 2014
On Tue, Aug 5, 2014 at 3:17 PM, Tom Yu <tlyu at mit.edu> wrote:
> Nico Williams <nico at cryptonector.com> writes:
>> On Tue, Aug 5, 2014 at 2:50 PM, <Spike_White at dell.com> wrote:
>>> Doesn't "name service caching" via nscd solve this?
>> nscd is specifically about Unix name services, lookups in the
>> hosts(4), passwd(4), ... DBs.
>> We're talking about DNS SRV RR lookups though; nscd does nothing about those.
> I thought the A and AAAA lookups for the addresses of 30+ KDCs were what
> were at issue here, unless I'm misunderstanding something.
Ah, those would get cached by nscd, yes.
More information about the krbdev