IPv6 could change things - Was: DMCA takedowns of networks

David W. Hankins David_Hankins at isc.org
Tue Oct 27 18:00:05 UTC 2009


On Tue, Oct 27, 2009 at 02:05:36PM +0000, Michael Dillon wrote:
> But, when IPv6 is a bit more common, there is no need for  virtual
> hosters to share
> a single IP address between several sites. They may as well use a
> unique IPv6 address
> for every single site, even if they are all on the same server. The
> side effect of this is
> that it makes the network operator's tool sharper, and able to knock
> down single sites
> with a /32 ACL.

A /128 you mean.

If you look in Apache's httpd/server/vhost.c, you may notice that the
server locates addressed virtual hosts using a simple 32->8 bit
integer reduction hash, which produces a well balanced hash table in
typical virtual server applications (generally these servers get
addresses in contiguous blocks).

Named virtuals are relegated to an extra hash bucket, essentially
placing them all on a single unsorted linear list, which is searched
if a by-address match is not found.

Probably in the modern day, the additional processing (and system
calls) necessary to render a web object into a reply is significantly
higher than the overhead to locate a virtual server even at these
orders of magnitude, but it's interesting that the software works
differently.

-- 
David W. Hankins	"If you don't do it right the first time,
Software Engineer		     you'll just have to do it again."
Internet Systems Consortium, Inc.		-- Jack T. Hankins
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20091027/64d79b93/attachment.sig>


More information about the NANOG mailing list