DNS fanout for NTS
Hal Murray
hmurray at megapathdsl.net
Fri Oct 23 19:10:25 UTC 2020
ntp.glypnod.com now returns the IP addresses for ntp1.glypnod.com and
ntp2.glypnod.com
The certificates on ntp1 and ntp2 have SAN (Subject Alternative Name) setup so
the certificates on ntp1 and ntp2 are also valid for ntp. That means that
server ntp.glypnod.com nts
should work. It does for my test case.
The NTS-KE protocol allows the server to return an optional name/address (and
port) for the NTP client to use. One of the ideas behind that is that the KE
server could do load balancing. An alternative for load balancing is to let
DNS do it.
If your setup is big enough to need load balancing, you probably need multiple
NTS-KE servers for reliability.
--
These are my opinions. I hate spam.
More information about the devel
mailing list