[Freeipa-devel] [PATCH] 062 Set SRV discovery for clients only if it succeeded during installation
Simo Sorce
ssorce at redhat.com
Fri Feb 18 20:53:52 UTC 2011
On Fri, 18 Feb 2011 15:27:59 -0500
Rob Crittenden <rcritten at redhat.com> wrote:
> Jakub Hrozek wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > This is a minor optimization that didn't occur to me yesterday when
> > I was reviewing Rob's patch - sorry.
> >
> > The patch only adds _srv_ as the first entry if service discovery
> > succeeded during ipa-client-install. This gets rid of the DNS
> > timeout for cases where Bind is not included.
>
> This seems like a good idea but I'm not seeing an extended delay
> right after sssd is restarted.
>
> The advantage of leaving this in there is if they end up adding SRV
> records later they will be automatically picked up.
>
> So not a nack, this is more of a policy question.
I would not add this patch for this reason. I don;t think it will add
any substantial delay to SSSD as searching for SRV when they do not
exists will get back an immediate response.
I think the main issue we may face here is when someone installs an
sssd client and there is also an AD domain around and SRV records point
to it.
Perhaps we should provide a manual flag to disable using dns records ...
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list