For CA Directory, we have the following issue when using dynamic addressing when there a multiple DSAs running on different hosts:
Host1 (addr1) DSA1 running talking to DSA2 on addr2
Host2 (addr2) DSA2 running talking to DSA1 on addr1
If Host2 is restarted and allocated addr3 we now have:
Host1 (addr1) DSA1 running talking to DSA2 on addr2
Host2 (addr3) DSA2 running talking to DSA1 on addr1
Therefore, DSA1 is talking to the incorrect address (addr2) until it is restarted/re-initialized. Until this occurs DSA1 will fail to talk to DSA2 as it is using the wrong address and DSA1 will reject connections from DSA2 as it will fail the mutual-authentication address check.
In the future, we would like the DSA to be smart enough to re-resolve a hostname when a connectivity failure is detected.