[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-isp
Subject:    Re: named virtual hosts
From:       Enno Davids <enno.davids () metva ! com ! au>
Date:       2000-09-21 22:06:01
[Download RAW message or body]

| OTOH, you can use the same IP# and unique ports (443. 444, 445 etc).  Just
| assign an alias IP# to your interface and direct unsecure access to one
| IP# with named hosts and secure access to the alias.  For example:

The problem with this is that those people who are stuck behind firewalls
and proxies may not be able to get to your site. This is mostly a problem
for people using the 'free' ISPs where fairly agressive firewalling is used
to ensure that proxies are always used and that traffic can be controlled.

We ran afoul of this last year when we tried running two instances of
virtual hosts on the same IP (managing some resources for customers). The
complaints from people who could get to the content started essentially
immediately. In our case one of the free ISPs in question punched extra
firewall holes to let our traffic through, but that's not something you
can rely on. (And it helped that another business unit owned part of them
or some such!)

Bottom line, yes it _can_ be done, but the standard ports are all that are
really supported by other admins around the place. Certainly they are the
only ones that figure large in people's assumptions.

If you have to use a second port try 563 BTW. Its officially for SSL
transported netnews, but as has been noted you can't see inside an SSL
connection anyway and it can't be cached so its a better choice for
second SSL service on a webserver.


Enno.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

[prev in list] [next in list] [prev in thread] [next in thread]