Re: [Sks-devel] dump-only server (gossip but not public pool availability)

[Moritz Wirth]

Hi,

I am not completely sure how new keyservers are determined, one way seems to be the peering list. If you advertise the same hostname on multiple keyservers, only one node will be included (see keys1.flanga.io and keys2.flanga.io are both included in peering lists but only keys.flanga.io as loadbalancer appears in the sks-keyservers file), however you will get into troubles if the keyserver is not reachable so all servers would fall out of the pool (and it has some side effects on the info about the peering, but I did not find anything that would cause real operational issues).

If both keyservers are peered over private IP addresses, you can just add them to the peering file - they are excluded from the pool (for obvious reasons).

Furthermore, there is a global exclude list, ask Kristian for that.

Best regards,

Am 05.02.18 um 01:26 schrieb Hendrik Visage:

Good day,

 As I can’t dump the SKS database while running, and the file snapshot setup not quite feasible for my setup(s) yet, I was wondering about a gossiping only server (and only gossiping to a limited set servers close peers) that isn’t connected/advertised to the SKS pool.

 This would then be a server I could easily take offline and dump keys every so often, not impacting the pool availability etc.

Which settings should I use to achieve the above, as it seems the moment I start the server, it starts to broadcast it’s availability to be included in the pool?

---
Hendrik Visage

HeViS.Co Systems Pty Ltd
T/A Envisage Systems / Envisage Cloud Solutions
+27-84-612-5345 or +27-21-945-1192
address@hidden

_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc
Description: OpenPGP digital signature