<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello Fernando,<br>
<br>
You can use the Rudder Root Server host name for the client
configuration only if it is possible to resolve its hostname to its
IP address (it is part of the trust model used in the client server
communication), otherwise the client might refuse to speak to the
server.<br>
It is not mandatory that the resolution is made via DNS requests, it
can be simply defined in the /etc/hosts file on the agent.<br>
<br>
Please note also that in Rudder 2.9 we relaxed a bit this constraint
on the trust model, via a configuration parameter on the Web
Interface (in the Administration tab, you can untick the checkbox
for "Use reverse DNS lookups on nodes to reinforce authentication to
policy server")<br>
<br>
Does it help ?<br>
<br>
Regards,<br>
Nicolas<br>
<br>
On 27/02/2014 11:02, Fernando Sancho Glez-Calero wrote:
<blockquote cite="mid:1393495334.20425.15.camel@einsc018035"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<meta name="GENERATOR" content="GtkHTML/4.2.2">
Hi all<br>
<br>
I have a doubt reading rudder documentation.<br>
<br>
In "Rudder agent configuration" says you have to use IP address of
Rudder Root Server and it makes the following advice.<br>
<br>
<i>"We advise you to use the </i><i><tt>IP address</tt></i><i> of
the Rudder Root Server. The DNS name of this server can also be
accepted if you have a complete DNS infrastructure matching the
IP of the Nodes with their hostnames."</i><br>
<br>
I don't understand why a Node has to resolve every node name. If i
have a DNS infrastructure that can resolve Rudder Root Server and
Node name itself (or even i have added a line in /etc/hosts), why
i have to use Rudder Root Server IP address. This can drive to a
situation where i can't change Root Server IP Address without
modifying every rudder agent installation.<br>
<br>
Regards
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
rudder-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:rudder-users@lists.rudder-project.org">rudder-users@lists.rudder-project.org</a>
<a class="moz-txt-link-freetext" href="http://www.rudder-project.org/mailman/listinfo/rudder-users">http://www.rudder-project.org/mailman/listinfo/rudder-users</a>
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Nicolas CHARLES</pre>
</body>
</html>