Re: [SSSD] Design Discussion: LDAP Referral Chasing

On Thu, 2011-11-10 at 17:12 +0100, Jakub Hrozek wrote: > On Tue, Nov 08, 2011 at 11:26:28AM -0500, Stephen Gallagher wrote: > > I've created the following wiki page with my thoughts on the design of > > the LDAP referral chasing: > > https://fedorahosted.org/sssd/wiki/DesignDocs/LDAPReferrals > > > > Please review it and provide feedback in this email thread. > > > > Pavel, please review this as well, as one section of the proposal may > > affect your ticket #960 (though it's possible that your approach already > > accounts for this). > > In overall, looks like a good plan to me. > > Quoting the page: > > > 1. Disentangle sdap_id_op setup from failover configuration > > Sorry, I didn't quite understand this one. The only failover calls I > noticed in the sdap_id_op_* code were going to the next server in case > of error on cached connection. > I may have been misremembering. I didn't fact-check every one of these ideas (I wrote this while disconnected from my computer, to avoid distractions). It may be that there's no work required here. > > 2. Handle async resolver needs for referrals. We need to look up referred > > servers and take the first IP returned by DNS. > > I assume you meant to resolve the referred host names out-of-band using > the async resolver directly. Would the approach then be able to "cache" > referrals to avoid performing a resolution every time a referral is hit? > I think maybe we should just build the lookup cache into the resolver itself, rather than into the resolver's consumer.