Jason Thorpe <thorpej@shagadelic.org> writes:

> On Mar 16, 2005, at 9:07 AM, Nathan J. Williams wrote:
> 
> > That doesn't sound right. The KDC is principally providing a
> > network-wide service. The other services in the world trying to use it
> > have to cope with it not being there while the KDC's host is booting;
> > other servers that run on the KDC machine (you run other services on
> > the KDC machine?!?!?!?!) can cope just as well with that as with the
> > temporary disappearance of a foriegn KDC.
> 
> ...unless the KDC is running a caching name server.  Consider e.g. an
> Open Directory server, that provides DNS, LDAP, and Kerberos services.

I'm sorry, but I can't make heads or tails of that sentence. If the
KDC (host) is running a caching name server, then the LDAP and DNS
services can't handle the temporary nonexistance of the kdc (process)?

> Not by itself, but it is a fundamental component of some directory
> services.

My point is that it's a network service, and as such other things that
have to use it have to handle the case of it not being
reachable. Ordering during boot is just a special case of it not being
reachable.

        - Nathan