On 11 Nov 2016, at 22:13, Dave Hayes <[email protected]> wrote: > On 11/11/2016 10:49, Igor Sysoev wrote: >> Yes, *:443 matches all addresses except explicitly specified in listen >> directives with the same port 443. > > Ah! Thank you very much! This statement cleared up my confusion. I didn't see > this statement in any documentation, but I could have missed it. > >> Consider it as fallback. On FreeBSD you can use “bind” parameter: >> >> listen *:443; >> listen 127.0.0.81:443 bind; >> >> And there will be two separate sockets: *:443 and 127.0.0.81:443. >> You can not use “bind” on Linux however if one of listen addresses is >> 0.0.0.0 (wildcard, *). >> >> So this configuration without “bind”: >> >> listen *:443; >> listen 127.0.0.81:443; >> >> emulates this two separate sockets behaviour in one 0.0.0.0:443 socket. > > Nice to know that, as I do use FreeBSD. I'm still a bit curious; why would I > want two separate sockets when I am already listening on 0.0.0.0?
When nginx listen on *:80 it is calls getsockname() to learn exact IP address which client connected to. With “bind” nginx already knows the address and eliminates the syscall. > At first glance, I'd think the emulation suits my needs more; no sense in > taking up memory for an extra socket right? I believe memory saving is negligeable. There is another case: You can configure listen addresses which are not exists on the host when nginx starts and will be available later via CARP or similar protocol. -- Igor Sysoev http://nginx.com _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
