Ipv6 for the content provider
tony at lava.net
Wed Jan 26 16:56:01 CST 2011
On Wed, 26 Jan 2011, Owen DeLong wrote:
>> Listen a.b.c.d:80 -> Listen 80
>> <Virtualhost a.b.c.d:80> -> <Virtualhost *:80>
> That only works if you have only one address on the machine and.
Actually it works fine on machines with multiple IP addresses for both
FreeBSD and CentOS. And IPv6 enabled servers can easily have multiple
> If you have addresses that aren't intended for name-based-site-A but
> do terminate SSL connections to sites B, C, and D, then you probably
> don't want to use * for site A.
Generally, I've found this doesn't really matter too much since the view
from the outside world to the server will be funneled via DNS records.
Site A can still be referenced by a * in the Apache config since the A and
AAAA records will probably reference only the name-based IP addresses for
the server while sites B, C, and D DNS records reference site-specific
addresses also residing on the same server. The bottom line is that the
Apache config can be kept simple and free of hard-coded addresses except
where absolutely necessary.
>> Use hard-coded IP addresses only where required for stuff like SSL-enabled webhosts.
> Depends on the complexity of your environment. In a more complex configuration
> you can actually save yourself a lot of trouble and confusion later by using a
> construct like this:
> Listen 22.214.171.124:80
> Listen [2620:0:930::dead:beef:cafe]:80
> Listen [2620:0:930::400:7]:80
> <VirtualHost 126.96.36.199:80 [2620:0:930::400:7]:80 [2620:0:930::dead:beef:cafe]
> ServerName www.delong.com
I'd do that only for the SSL-enabled sites. Otherwise the generic
name-based Apache config should work fine for just about everything else.
e-mail/xmpp: tony at lava.net
More information about the NANOG