On Mon, 29 Jan 2007, Christopher D. Clausen wrote: > [EMAIL PROTECTED] wrote: > >> I'm moving the server to a new cluster of RHE hosts that use virtual >> interfaces (eg. eth0:1) to allow for failover to a new host while still >> maintaining the original IP address. On this new system I'm getting >> the following error when I run sshd in debug (-ddd) mode: >> >> Wrong principal in request >> >> I have 2 IP addresses and 2 hostnames associated with the 2 interfaces >> (one of them a virtual interface) on my workstation: >> >> interface hostname ip >> ----------------------------------------- >> eth0 gort.home.org 192.168.0.2 >> eth0:1 cvs.home.org 192.168.0.200 > > Can you simply fail-over using the same IP on both interfaces? (I > believe there is a bonding module in Linux that can do this.)
The point of the virt interface is so it can be moved to a different host. If the virt interface has the same IP as the real interface, then it couldn't be moved to another host. In other words, the "fail-over" is to fail over to a completely separate host, not a separate interface on the same host. > I don't think your setup will work b/c Kerberos relies upon proper DNS > records for machines and having the machine change its hostname is bad. But the hostname AND IP don't change... not even if the virt interface is moved to a new host. Or do you mean the hostname the host knows itself as vs the hostname returned for a reverse DNS lookup of the IP associated with the virt interface? ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos