Re: [Puppet-dev] Re: [PATCH/puppet 1/1] (#3669) Find servers via DNS SRV record

Fri, 11 Mar 2011 11:00:08 -0800 

On Thu, 16 Dec 2010 11:37:49 +1100, Daniel Pittman wrote:
> 
> On Thu, Dec 16, 2010 at 10:40, Nigel Kersten <[email protected]> wrote:
> > On Wed, Dec 15, 2010 at 2:05 PM, Daniel Pittman <[email protected]> wrote:
> >> On Thu, Dec 16, 2010 at 08:04, Ohad Levy <[email protected]> wrote:
> >> > On Wed, Dec 15, 2010 at 6:16 AM, Daniel Pittman <[email protected]>
> >> > wrote:
> >> >> On Wed, Dec 15, 2010 at 15:02, Andrew Forgue <[email protected]>
> >> >> wrote:
> >> >> > On Dec 14, 6:15 pm, Daniel Pittman <[email protected]> wrote:
> >> >> >> On Wed, Dec 15, 2010 at 03:10, Andrew Forgue
> >> >> >> <[email protected]>
> >> > Does it make sense to add another lookup for the CA server?
> >>
> >> I think in the longer term it would make sense to do an SRV lookup for
> >> each unique service that Puppet uses; SRV lookups (RFC2782)
> >> distinguishes based on service and protocol.  Which, I think, would be
> >> vaguely in conflict with the CA requirement, since that uses the same
> >> puppet service (as in, TCP port) for communication.
> >
> > It doesn't *necessarily* use the same port remember, it just does by
> > default.
> 
> Getting DNS-SD / SRV stuff working would require that it *never* used
> the same port, which I suspect is not a winning strategy. :)
> 
> Regards,
>     Daniel

I believe that this is unnecessarily conflating "service" and "port".
After reading RFC 2782, I don't believe that the intent was to tightly
couple the two in the manner that seems to be done here.

  Service

    The symbolic name of the desired service, as defined in Assigned
    Numbers [STD 2] or locally.  An underscore (_) is prepended to the
    service identifier to avoid collisions with DNS labels that occur in
    nature.

    Some widely used services, notably POP, don't have a single
    universal name.  If Assigned Numbers names the service indicated,
    that name is the only name which is legal for SRV lookups.  The
    Service is case insensitive.

  ...

  Port
    The port on this target host of this service.  The range is 0-
    65535.  This is a 16 bit unsigned integer in network byte order.
    This is often as specified in Assigned Numbers but need not be.

Given these two definitions having multiple Services mapped to the same
Port on a given host would be perfectly legal, provided the host was
able to actually provide all of these services on the stated Port.

-- 
Jacob Helwig

Attachment: signature.asc
Description: Digital signature

Reply via email to