From owner-freebsd-questions@FreeBSD.ORG Sat Nov 22 04:12:27 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA42916A4CE for ; Sat, 22 Nov 2003 04:12:27 -0800 (PST) Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED43343F93 for ; Sat, 22 Nov 2003 04:12:25 -0800 (PST) (envelope-from cpghost@cordula.ws) Received: from fw.farid-hajji.net (localhost [127.0.0.1]) by fw.farid-hajji.net (8.12.10/8.12.10) with ESMTP id hAMCBfpd084520; Sat, 22 Nov 2003 13:11:42 +0100 (CET) (envelope-from cpghost@cordula.ws) Date: Sat, 22 Nov 2003 13:11:41 +0100 (CET) Message-Id: <200311221211.hAMCBfpd084520@fw.farid-hajji.net> From: "Cordula's Web" To: wegster@mindcore.net In-reply-to: <3FBEC04F.5070401@mindcore.net> (message from Scott W on Fri, 21 Nov 2003 20:47:59 -0500) X-Mailer: Emacs-21.3.1/FreeBSD-4.9-STABLE References: <20031121161852.H28859@pukruppa.net> <3FBEC04F.5070401@mindcore.net> cc: root@pukruppa.de cc: freebsd-questions@freebsd.org Subject: Re: Static IP and fully qualified domain names X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: cpghost@cordula.ws List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Nov 2003 12:12:27 -0000 > >My ISP was so nice to give me a domain name (pukruppa.net) and > >assign it statically to an IP (213.146.114.24). > >[So now everybody in the world can telnet pukruppa.net and crack > >my private machine :-) ] > > > >>From reading manuals one should think, that now I could give my > >machines names like one.pukruppa.net, two.pukruppa.net, etc... > >and all these would be reachable via internet - but they aren't. > >The only one that can be accessed is pukruppa.net . > > The short answer is that you only have a single IP address assigned, and > as you are not authoritative for DNS records for pukruppa.net, you are > unable to 'subdivide' or use any more IP addresses, which would be > required to add additional hostnames. Of course, you can have the DNS admins add more host names, but all host names would point to the same IP. Now assume that an IP packet arrives at your host. The server that gets this IP packet cannot determine which host name was used. All it sees is your IP address, which is always the same. However, a protocol that runs on top of TCP could have the client add the host name that is required. A good example of this is HTTP/1.1, which includes a "Host: " header. Let's assume that a web browser selects http://one.pukruppa.net/ http://two.pukruppa.net/ [...] and you have a web server running on your host, which is configured with these VirtualHosts. The web server will receive packets destined to your single IP (213.146.114.24), but it still can switch to the correct VirtualHost section by examining the 'Host: ' header of the HTTP protocol. Unfortunately, very few protocols that run on top of TCP support this. Don't expect FTP, Telnet, SSH etc... to behave differently, depending on the host name. They just don't see it, only the (always identical) IP address. -- Cordula's Web. http://www.cordula.ws/