Chapitre 7. Adjusting the performance of the KDC
The following sections describe how to adjust the performance of the Kerberos Key Distribution Center (KDC), which is responsible for authenticating users, hosts, and services.
7.1. Adjusting the length of the KDC listen queue
You can adjust the size of the listen queue length for the KDC daemon by setting the kdc_tcp_listen_backlog
option in the [kdcdefaults]
section of the /var/kerberos/krb5kdc/kdc.conf
file. The default value of 5
may be too low for some IdM deployments that experience high amounts of Kerberos traffic, but setting this value too high degrades performance.
Valeur par défaut |
|
Valid range |
|
Procédure
-
Open the
/var/kerberos/krb5kdc/kdc.conf
file in a text editor. Set the TCP listen backlog to your desired value, such as
7
.[kdcdefaults] ... kdc_tcp_listen_backlog = 7
-
Save and close the
/var/kerberos/krb5kdc/kdc.conf
file. - Restart the KDC to load the new settings.