I think it's called IP aliasing or something like that. We have a single NIC
advertising a bunch of IP addresses, and have a different apache listener on
each one.
We do that via this command in a system startup script on Suse Linux.
"ip address add 192.168.69.60/24 brd + dev eth0 label eth0:60"
And then ifconfig to list the network addresses shows this:
lnx-dhttp:~ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:00:03:00:00:05
inet addr:192.168.69.34 Bcast:161.250.69.255 Mask:255.255.255.0
inet6 addr: fe80::200:300:100:5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1
RX packets:51739450 errors:0 dropped:0 overruns:0 frame:0
TX packets:51033519 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25357355357 (24182.6 Mb) TX bytes:28616518230 (27290.8 Mb)
eth0:60 Link encap:Ethernet HWaddr 02:00:03:00:00:05
inet addr:192.168.69.60 Bcast:161.250.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1
eth0:61 Link encap:Ethernet HWaddr 02:00:03:00:00:05
inet addr:192.168.69.61 Bcast:161.250.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1
eth0:62 Link encap:Ethernet HWaddr 02:00:03:00:00:05
inet addr:192.168.69.62 Bcast:161.250.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1
eth0:63 Link encap:Ethernet HWaddr 02:00:03:00:00:05
inet addr:192.168.69.63 Bcast:161.250.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1
eth0:64 Link encap:Ethernet HWaddr 02:00:03:00:00:05
inet addr:192.168.69.64 Bcast:161.250.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1
And then start all the different apache's with something like this:
/opt/local/HTTPServer/bin/apachectl -f conf/httpd.eth061.conf -k start -D eth061
/opt/local/HTTPServer/bin/apachectl -f conf/httpd.eth062.conf -k start -D eth062
/opt/local/HTTPServer/bin/apachectl -f conf/httpd.eth063.conf -k start -D eth063
/opt/local/HTTPServer/bin/apachectl -f conf/httpd.eth064.conf -k start -D eth064
And I'm reasonably sure when I created the certificates for these, I added the
various IP addresses & DNS hostnames for them to the extension aliases field,
and one certificate covered all of them.
Jon Veencamp
-----Original Message-----
From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Marcy
Cortes
Sent: Friday, November 29, 2013 12:38 PM
To: [email protected]
Subject: Re: Thoughts on multiple certificates for Apache host
Martha wrote:
> For example, could we host multiple IPs from the same NIC if the
> server is on a layer 2 vswitch? (Will it do trunking, basically?) Is
> there an easier way to approach this?
If you haven't already figured this out (and hopefully you've been off eating
turkey and pumpkin pie instead of having to configure IP addresses...)
This is very simple with yast2 on SuSE.
Just go into Yast2
Click Network Devices
Select the current one and click Edit
Go down to the "Additional Addresses" section
Click Add
Name it (vip0 or whatever you'd like)
put in the IP and Netmask
Et voila! Immediately usable and visible in "ifconfig".
(It basically just adds a couple of lines to the eth0 device (or whatever
device yours is called) in /etc/sysconfig/network and does whatever is needed
to dynamically activate it.
Marcy
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/
________________________________
The information contained in this e-mail message is intended only for the
personal and confidential use of the designated recipient(s) named above. This
message may be an attorney-client or work product communication which is
privileged and confidential. It may also contain protected health information
that is protected by federal law. If you have received this communication in
error, please notify us immediately by telephone and destroy (shred) the
original message and all attachments. Any review, dissemination, distribution
or copying of this message by any person other than the intended recipient(s)
or their authorized agents is strictly prohibited. Thank you.
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/
