[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] Alternative to round-robin (was Re: pool.sks-keyservers.net
[Sks-devel] Alternative to round-robin (was Re: pool.sks-keyservers.net having trouble?)
Mon, 5 Apr 2010 15:25:14 -0400
On Apr 1, 2010, at 12:30 AM, Jonathan Oxer wrote:
> On Thu, 2010-04-01 at 00:13 -0400, Daniel Kahn Gillmor wrote:
> Sorry I can't answer your other questions, but I just had a look in
> db.log and found ...
>> * How often
>> do you see queries?
> ...about 10k queries / day to keys.keysigning.org, which is in that
> pool. I assume that since the pool is using round-robin DNS the number
> should be pretty similar for all machines in the list.
Speaking of round robining - recent versions of GnuPG support more than
straight round robin. If you want to express more complex things like
weighting certain servers more heavily (because they have better connectivity
or hardware, for example), you can do that with a SRV DNS record.
This doesn't remove the need for the current pool of A records, as not all
software supports the SRV yet, but it is supported in GnuPG 1.4.10 and 2.0.13
if anyone wants to play with it. As a nice side-benefit, the SRV record allows
you to run the keyserver on ports other than 11371 and have GnuPG automatically
hit the right port without having to be configured specifically.
Re: [Sks-devel] pool.sks-keyservers.net having trouble?, Phil Pennock, 2010/04/01
Re: [Sks-devel] pool.sks-keyservers.net having trouble?, Kristian Fiskerstrand, 2010/04/05