[118711] in North American Network Operators' Group
Re: IPv6 could change things - Was: DMCA takedowns of networks
daemon@ATHENA.MIT.EDU (David W. Hankins)
Tue Oct 27 13:59:32 2009
Date: Tue, 27 Oct 2009 11:00:05 -0700
From: "David W. Hankins" <David_Hankins@isc.org>
To: nanog@merit.edu
In-Reply-To: <877585b00910270705i2b3e8324ifc0046c849b960b0@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--HlL+5n6rz5pIUxbD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Oct 27, 2009 at 02:05:36PM +0000, Michael Dillon wrote:
> But, when IPv6 is a bit more common, there is no need for virtual
> hosters to share
> a single IP address between several sites. They may as well use a
> unique IPv6 address
> for every single site, even if they are all on the same server. The
> side effect of this is
> that it makes the network operator's tool sharper, and able to knock
> down single sites
> with a /32 ACL.
A /128 you mean.
If you look in Apache's httpd/server/vhost.c, you may notice that the
server locates addressed virtual hosts using a simple 32->8 bit
integer reduction hash, which produces a well balanced hash table in
typical virtual server applications (generally these servers get
addresses in contiguous blocks).
Named virtuals are relegated to an extra hash bucket, essentially
placing them all on a single unsorted linear list, which is searched
if a by-address match is not found.
Probably in the modern day, the additional processing (and system
calls) necessary to render a web object into a reply is significantly
higher than the overhead to locate a virtual server even at these
orders of magnitude, but it's interesting that the software works
differently.
--=20
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
--HlL+5n6rz5pIUxbD
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkrnNSUACgkQcXeLeWu2vmohLgCdF0mTXqzmQZuOGjsYTD9tTubw
OKIAnjW4RcWDNn6Blh16MzyWXPnY4JC5
=t4Bl
-----END PGP SIGNATURE-----
--HlL+5n6rz5pIUxbD--
