Re: Virtual hosts sharing same port

2018-04-16 Thread Frank Liu
Thanks Maxim! This is something interesting to know. We had an outage last year when we had bunch of virtual hosts all with listen a.b.c.d:443 ssl; and someone added a new virtual host with listen a.b.c.d:443; and caused 443 no longer doing SSL. Based on what you said, this should not happen. I

Re: Virtual hosts sharing same port

2018-04-16 Thread Maxim Dounin
Hello! On Mon, Apr 16, 2018 at 08:13:42AM -0700, Frank Liu wrote: > Does that mean nginx will read and combine listen options from > all virtual hosts and use that to create listening socket? Yes. You can configure something like this: server { listen 443 ssl; ... }

Re: Virtual hosts sharing same port

2018-04-16 Thread Maxim Dounin
Hello! On Mon, Apr 16, 2018 at 11:04:16AM -0400, Peter Booth wrote: > Does this imply that that different behavior *could* be achieved > by first defining virtual IP addresses (additional private IPs > defined at the OS) which were bound to same physical NIC, and > then defining virtual hosts

Re: Virtual hosts sharing same port

2018-04-16 Thread Frank Liu
Does that mean nginx will read and combine listen options from all virtual hosts and use that to create listening socket? > On Apr 16, 2018, at 8:04 AM, Peter Booth wrote: > > Does this imply that that different behavior *could* be achieved by first > defining virtual IP

Re: Virtual hosts sharing same port

2018-04-16 Thread Peter Booth
Does this imply that that different behavior *could* be achieved by first defining virtual IP addresses (additional private IPs defined at the OS) which were bound to same physical NIC, and then defining virtual hosts that reference the different VIPs, in a similar fashion to how someone might

Re: Virtual hosts sharing same port

2018-04-16 Thread Maxim Dounin
Hello! On Mon, Apr 16, 2018 at 07:26:11AM +, Frank Liu wrote: > Can I use different listen parameters for virtual hosts using the same > port? Eg, one vh has “listen 443 ssl;” and the other one has “listen 443 > ssl h2;” No. Options like "ssl" and "h2" can be repeated multiple times to

Re: Virtual hosts sharing same port

2018-04-16 Thread Richard Demeny
It's possible if the so-called 'virtual machines' of yours are NOT on the same machine On Mon, 16 Apr 2018 10:19 A. Schulze, wrote: > > Frank Liu: > > > Can I use different listen parameters for virtual hosts using the same > > port? Eg, one vh has “listen 443 ssl;” and

Re: Virtual hosts sharing same port

2018-04-16 Thread A. Schulze
Frank Liu: Can I use different listen parameters for virtual hosts using the same port? Eg, one vh has “listen 443 ssl;” and the other one has “listen 443 ssl h2;” no, that's impossible (I think...) https://nginx.org/r/listen ... The listen directive can have several additional parameters