pro/cons of virtual hosting services
Dear colleagues, The following questions raises a current problem. Please take note.
luc@inbe.net (Luc Dierckx) writes:
Hello,
Does RIPE have any opinions about the use of multiple IP addresses for virtual hosting services ? (So using ifconfig ep0 alias, ifconfig ef0:1, ifconfig vif0 ... not using different physical machines on the same network)
Technically, this is just a waste of IP addresses and pollution of the naming space just for the 'niceness' of the URL. (http://www.customer.com/ instead of http://www.provider.net/customer/ or aliased via http://www.customer.country/customer/ )
Commercially, it's just another sales argument: 'Yes, we can offer you http://www.company.com/'.
Today INnet do not support the virtual hosting but commercial pressure is up. I feel this needs immediate attention. Unless there is really no problem with it. If yes, it should be brought to every one's attention.
We strongly discourage use of IP address space for virtual hosting services because this represents no technical reason to assign more than one address to a host. Therefore it is in conflict with address space conservation. We recommend to use URLs of the form http://www.www-provider.com/customer1/ http://www.www-provider.com/customer2/ or if customers desire www.customer.com: http://www.customer1.com/customer1/ http://www.customer2.com/customer2/ with CNAME RRs for www.customer1.com and www.customer2.com pointing to the real server. The latter variant provides mobility for the customer without using extra address space. If you have any further questions, please do not hesitate to contact us. Regards Daniel Karrenberg RIPE NCC Manager
Dear colleagues,
The following questions raises a current problem. Please take note.
...
We strongly discourage use of IP address space for virtual hosting services because this represents no technical reason to assign more than one address to a host. Therefore it is in conflict with address space conservation.
A would strongly suggest that this is a NON-problem, even with the gigantic increase in WWW servers that we are all experiencing it is hard to see how this could ever become a serious consideration. Simon
poole@eunet.ch writes:
We strongly discourage use of IP address space for virtual hosting services because this represents no technical reason to assign more than one address to a host. Therefore it is in conflict with address space conservation.
A would strongly suggest that this is a NON-problem, even with the gigantic increase in WWW servers that we are all experiencing it is hard to see how this could ever become a serious consideration.
Unfortunately we have seen some significant address space requests based on this. Note that we are not talking about one additional address per organisation served, but one additional address per arbitrary entity requiring a virtual server. Given the boom in http based services this may become quite significant. To repeat: The second soloution proposed provides all aspects of provider independence. Why should we waste address space if wasting it does not provide significant additional functionality? Daniel
To repeat: The second soloution proposed provides all aspects of provider independence. Why should we waste address space if wasting it does not provide significant additional functionality?
Because the customer wants something else (and they pay your wage too in the end). Please realize that we are talking about a purely -superficial- difference of ~$3000* for running a seperate server (PC based) vs. a virtual one (typical production costs for a commercial WWW server are multiple 10'000 of dollars, so we are really talking about noise). Neither solution conserves address space, but at least the virtual server conserves certain other (more important?) resources *. Naturally the correct solution would be for the HTTP protocol to pass the complete URL to the server, however it's too late for that. Simon
poole@eunet.ch writes:
To repeat: The second soloution proposed provides all aspects of provider independence. Why should we waste address space if wasting it does not provide significant additional functionality?
Because the customer wants something else (and they pay your wage too in the end).
I contest that the majority wants something different from my second soloution. Please re-read it.
Please realize that we are talking about a purely -superficial- difference of ~$3000* for running a seperate server (PC based) vs. a virtual one (typical production costs for a commercial WWW server are multiple 10'000 of dollars, so we are really talking about noise). Neither solution conserves address space, but at least the virtual server conserves certain other (more important?) resources *.
But you can run a virtual server without wasting address space!
Naturally the correct solution would be for the HTTP protocol to pass the complete URL to the server, however it's too late for that.
Which I understand is fixed in the newest spec. Daniel
poole@eunet.ch writes:
To repeat: The second soloution proposed provides all aspects of provider independence. Why should we waste address space if wasting it does not provide significant additional functionality?
Because the customer wants something else (and they pay your wage too in the end).
I contest that the majority wants something different from my second soloution. Please re-read it.
Some do, some don't (up to now we have provided exactlly your solution, and some customers are completly content with it, others aren't). ....
But you can run a virtual server without wasting address space!
Naturally the correct solution would be for the HTTP protocol to pass the complete URL to the server, however it's too late for that.
Which I understand is fixed in the newest spec.
The problem is that I don't believe anybody that is -serious- about his server advertizing (for lots of money) http://www.xyz.com/ if it is not going to work with a -very- high percentage of browsers. Simon
This really is a non-issue. Apart from customer expectations, the addresses typically come from under-populated C LANs anyway. Increasing utilisation of those LANs would mean subnetting, which in itself would send large amounts of space out the window. And if one forces customers to get their own machine to get their own address, it will have to go on a separate ethernet segment (security, ethernet eavesdropping). This means even more and worse subneting. Apart from that, I don't expect virtual servers ever to be an even measurable part of address space consumption. Customers who are savvy enough to ask for it are likely in short order to migrate to a separate server and soon thereafter to an Internet connection for the whole company. That obviously doesn't mean it should be encouraged and I believe most people are (or at least should be) gently discouraging it, by charging more for it. But hammering on this issue as something terribly wasteful is way off track. Worry about AS number depletion, route flaps, and junk routes and what not from wannabe ISPs instead -- these things will bring the Internet to its knees long before we run out of address space. By way of example, yesterday somebody was announcing net 0; I sent a note to their upstream provider, who Cc'ed me on the note they sent downstream. The note reads:
To: XXXXXXXX Subject: Announcing default Cc: bilse@EU.net, noc@UPSTREAM-PROVIDER.NET
XXXXXXXXXX, please handle this as soon as possible. There is some bgp config setting that says "advertise the default" and you need to turn that off.
"The blue button, the blue button." -- ====== ___ === Per G. Bilse, Mgr Network Operations Ctr ===== / / / __ ___ _/_ ==== EUnet Communications Services B.V. ==== /--- / / / / /__/ / ===== Singel 540, 1017 AZ Amsterdam, NL === /___ /__/ / / /__ / ====== tel: +31 20 6233803, fax: +31 20 6224657 === ======= 24hr emergency number: +31 20 421 0865 === Connecting Europe since 1982 === http://www.EU.net; e-mail: bilse@EU.net
On Nov 14, 19:36, Per Gregers Bilse <bilse@EU.net> wrote:
run out of address space. By way of example, yesterday somebody was announcing net 0; I sent a note to their upstream provider, who Cc'ed
Ohh ... before anybody starts: no, we have been running with full routing since some time around December 1993 / January 1994. -- ====== ___ === Per G. Bilse, Mgr Network Operations Ctr ===== / / / __ ___ _/_ ==== EUnet Communications Services B.V. ==== /--- / / / / /__/ / ===== Singel 540, 1017 AZ Amsterdam, NL === /___ /__/ / / /__ / ====== tel: +31 20 6233803, fax: +31 20 6224657 === ======= 24hr emergency number: +31 20 421 0865 === Connecting Europe since 1982 === http://www.EU.net; e-mail: bilse@EU.net
/> > Because the customer wants something else (and they pay your wage too /> > in the end). /> /> I contest that the majority wants something different from my /> second soloution. Please re-read it. Technically, you may be right; however, as we in the UK have experienced with Domain Registrations, a lot of miseducation is floating around so that many companies are now selling URLs - that's the bit that most of us call a host name. The UK domain-registration rules have been relaxed, and fierce debate continues about this, so that these people can turn the DNS into DURLS. And the world becomes full of one-page web """sites""" (pet hate, can you tell? :-) Oliver -- Duty Hostmaster, Corporate Division, Demon Internet. 322 Regents Park Road, Finchley, London N3 3RD, England (0181-371-1000) Singel 540, 1017 AZ, Amsterdam, Netherlands (020-4222-000)
I contest that the majority wants something different from my second soloution. Please re-read it.
I disagree. Most *paying customers* want http://www.xxx.com/ and will expect to get it. These people are only buying service on our site because it make better sense, not because most of them could not afford a leased line *and* take a whole calss C or more with them.
But you can run a virtual server without wasting address space!
Not at the moment.
Naturally the correct solution would be for the HTTP protocol to pass the complete URL to the server, however it's too late for that.
Which I understand is fixed in the newest spec.
Isn't. Daniel, Please keep away from trying to develop business models for the 'net. That is the jobs of the companies that pay your wages. You are not there to decide how applications will work today. Feel free to sit on working groups and influence future developments, which will make the 'net a better place, but please do not try to change the way non-RIPE organisations are already working. Regards, -- Peter Galbavy peter@demon.net @ Demon Internet phone://44/181/371_3700 http://www.wonderland.org/~peter/ snail://UK/N3_1TT/London/42_Hendon_Lane/Demon_Internet_Ltd/
Peter Galbavy <peter@demon.net> writes:
I would put it even more stongly. RIPE is there to do a jobs, which is being a registry. Please will a RIPE rep. show me where it says that they have legal and/or moral responsibility to dictate how a company does business ?
...
Please keep away from trying to develop business models for the 'net. That is the jobs of the companies that pay your wages. You are not there to decide how applications will work today. Feel free to sit on working groups and influence future developments, which will make the 'net a better place, but please do not try to change the way non-RIPE organisations are already working.
Peter, we are not dictating how you do business and certainly the RIPE NCC is not developing business models for the net. We are indeed providing registration services among other things. The IPv4 address space is a very limited resource and consequently address space conservation is part of the policies we have to implement when acting as a European Regional Internet Registry. The global policies are set by IANA and the local European variations thereof in the RIPE local-IR working group, i.e. this forum. Implementing conservation policies is the single item which gives the NCC the most grief and the most work. But someone has to do this in the interest of the Internet as a whole and if we would not do it it would be bad for the industry. We would very much like to be spared public abuse of the kind we experience from time to time when we question practises which are inherently wasteful of address space for little or no good reason. Please imagine where Internet routing would be now if we would have continued to assign /16s (Bs) to anyone with more than 254 hosts on a physical subnet or if noone would have pushed for a registry system that is independent and yet responsive to provider needs, sustains itself and allows for routing aggregation. Daniel
Dear All, I have an idea about virtual servers. There should be a new DNS resource record, containing additional port or URL information. Or this info may be recorded in TXT records: E.g. www.company1.xx. CNAME www.provider.xx. TXT "HTTP-PORT:881" www.company2.xx. CNAME www.provider.xx. TXT "HTTP-PORT:882" or www.company1.xx. CNAME www.provider.xx. TXT "HTTP-PATH:/company1" www.company2.xx. CNAME www.provider.xx. TXT "HTTP-PATH:/company2" or even without TXT, using just some special hostnames www.company1.xx. CNAME http-port-881.www.provider.xx. http-port-881.www.provider.xx. CNAME www.provider.xx. www.company2.xx. CNAME http-port-882.www.provider.xx. http-port-882.www.provider.xx. CNAME www.provider.xx. (OK, I know www.company1.xx may not have CNAME and TXT at the same time. This is just a demonstration.) Then webmaster at www.provider.xx should set up a document hierarchy as usual: http://www.provider.xx/company1/intro.html http://www.provider.xx/company2/intro.html and/or run differend http servers on different ports. A slighly enhanced browser would realize the additional information from DNS and changes the user given URL http://www.company1.xx to http://www.provider.xx:881 or http://www.provider.xx/company1. Unmodified browsers can reach the docs as do now. Sorry if I was too boring. ;-) Gabor ---------------------------------------------------------------------- Gabor Kiss Computer and Automation Institute of the Hungarian Academy of Sciences H-1132 Budapest, Victor Hugo str. 18-22, Hungary E-mail: postmaster@sztaki.hu; Tel: +36 1 149 7986; Fax: +36 1 129 7866
Dear All,
I have an idea about virtual servers. There should be a new DNS resource record, containing additional port or URL information. Or this info may be recorded in TXT records:
There is already work going on in that very direction by the people that work with URLs, URNs and the like in IETF circles. The lines they are working along are in line with what you suggest, but more integrated to other infrastructures, like Object Identifiers and the like. If you want more information, send me a note, and I'll see if I can dig out some refences. Best regards, /Liman #------------------------------------------------------------------------- # Lars-Johan Liman ! Internet: liman@sunet.se # Ebone/NORDUnet/SUNET Operations Centre ! BITNET : LIMAN@SEARN # Royal Institute of Technology, Sweden ! HTTP : //www.sunet.se/~liman # ! Voice : Int +46 8 - 790 65 60 #-------------------------------------------------------------------------
poole@eunet.ch writes:
We strongly discourage use of IP address space for virtual hosting services because this represents no technical reason to assign more than one address to a host. Therefore it is in conflict with address space conservation.
A would strongly suggest that this is a NON-problem, even with the gigantic increase in WWW servers that we are all experiencing it is hard to see how this could ever become a serious consideration.
Unfortunately we have seen some significant address space requests based on this. Note that we are not talking about one additional address per
What is significant?
organisation served, but one additional address per arbitrary entity requiring a virtual server. Given the boom in http based services this may become quite significant.
We offer the www.customer.nl method with virtual hosts. 1 ip adress per company, and they ofcourse need to show chamber of commerce papers first as per dutch domain rules. I really don't see the harm in this.
To repeat: The second soloution proposed provides all aspects of provider independence. Why should we waste address space if wasting it does not provide significant additional functionality?
Well, the 'significant additional functionality' is your opinion. Customers seem to think otherwise, and an ISP has to contiuously make decisions balancing both RIPE's needs as the customers needs. And not always does the balance work in RIPE's favour (most of the time it does :). Although im totally in favour of trying to preserve ip space, in this case I really believe it is not as significant as it is portrayed to be. Not as long as it stays within 1 or 2 Class C nets. Cor ------------------------------------------------------------------------------ | Cor Bosman | ____Xs4all Public Access____ | tel: +31-(0)20-622-2885 | | cor@xs4all.net | Network Administrator | fax: +31-(0)20-622-2753 | ------------------The net routes around censorship---------------------SP5----
Well, the 'significant additional functionality' is your opinion. Customers seem to think otherwise, and an ISP has to contiuously make decisions balancing both RIPE's needs as the customers needs. And not always does the balance work in RIPE's favour (most of the time it does :). Although im totally in favour of trying to preserve ip space, in this case I really believe it is not as significant as it is portrayed to be. Not as long as it stays within 1 or 2 Class C nets.
I would put it even more stongly. RIPE is there to do a jobs, which is being a registry. Please will a RIPE rep. show me where it says that they have legal and/or moral responsibility to dictate how a company does business ? These virtual web sites are one IP address per company. Should we be asking the RIPE to give a class C to each of these comanies and then use one for the WWW server ? This is as an alternative to allowing companies that sell the virtual space to using their address space much more efficiently. Regards, -- Peter Galbavy peter@demon.net @ Demon Internet phone://44/181/371_3700 http://www.wonderland.org/~peter/ snail://UK/N3_1TT/London/42_Hendon_Lane/Demon_Internet_Ltd/
On Tue, 14 Nov 1995, Daniel Karrenberg wrote:
To repeat: The second soloution proposed provides all aspects of provider independence. Why should we waste address space if wasting it does not provide significant additional functionality?
"Wasting" this space enables the use of URLs like: http://user.domain.foo/ While your suggestion will only enable URLs like: http://user.domain.foo/bar/ or http://user.domain.foo/~bar/
From a marketing point of view it makes A LOT of difference. I wouldn't call it "wasting" address space. I would preffer the term "utilizing" address space.
Sincerely, Shahar Steiff WAN MAN crew - NetVision - Commercial Israeli Internet Provider --------------------------------------------- E-mail: steiff@NetVision.net.il Personal address info@NetVision.net.il for information. support@NetVision.net.il for technical support. Gopher: gopher.NetVision.net.il www: http://www.NetVision.net.il/ Phone: +972-4-8550-330 Fax: +972-4-8550-345 NetVision - The best Internet Service Provider in the world... (and one of the best in Israel !)
Daniel Karrenberg writes:
We recommend to use URLs of the form
http://www.www-provider.com/customer1/ http://www.www-provider.com/customer2/
or if customers desire www.customer.com:
http://www.customer1.com/customer1/ http://www.customer2.com/customer2/
with CNAME RRs for www.customer1.com and www.customer2.com pointing to the real server. The latter variant provides mobility for the customer without using extra address space.
This means that - people can't start with a WWW hotel and then move the server to their own host after they have been connected, without trouble of readvertising their WWW page. Lots of people start this way, as visibility in WWW is important, but they don't know enough of Internet to take it in their everyday business, and are afraid of security issues involved here. But usually they will move it, sooner or later. - it is annoying to search for someone's page if one has to know who is the WWW provider first. - most companies seem very reluctant to allow service provider name to be visible in their name, both for image reasons and the simple fact that it gives too much control to service provider: The company can't simply switch the service provider if they aren't pleased with the one they have been using. It seems to me to be an overkill to save single IP numbers, in particular when they are only consumed one per company? -- Heikki Suonsivu, T{ysikuu 10 C 83/02210 Espoo/FINLAND, hsu@clinet.fi work +358-0-4375209 fax -4555276 home -8031121
Heikki Suonsivu <hsu@clinet.fi> writes:
Daniel Karrenberg writes:
We recommend to use URLs of the form
http://www.www-provider.com/customer1/ http://www.www-provider.com/customer2/
or if customers desire www.customer.com:
http://www.customer1.com/customer1/ http://www.customer2.com/customer2/
with CNAME RRs for www.customer1.com and www.customer2.com pointing to the real server. The latter variant provides mobility for the customer without using extra address space.
This means that
- people can't start with a WWW hotel and then move the server to their own host after they have been connected, without trouble of readvertising their WWW page. Lots of people start this way, as visibility in WWW is important, but they don't know enough of Internet to take it in their everyday business, and are afraid of security issues involved here. But usually they will move it, sooner or later.
- it is annoying to search for someone's page if one has to know who is the WWW provider first.
- most companies seem very reluctant to allow service provider name to be visible in their name, both for image reasons and the simple fact that it gives too much control to service provider: The company can't simply switch the service provider if they aren't pleased with the one they have been using.
All this is addressed in the second soloution above, isn't it.
It seems to me to be an overkill to save single IP numbers, in particular when they are only consumed one per company?
Unfortunately it is not overkill. We have seen requests for cosiderable amounts of address space for these purposes. The soloution proposed works without any additional address space and has the only drawback that the company name has to appear twice in the URL and not even that if you just choose unique names for the first part of the URL. Daniel
On Tue, 14 Nov 1995 17:08:12 +0100 Daniel Karrenberg wrote:
The soloution proposed works without any additional address space and has the only drawback that the company name has to appear twice in the URL and not even that if you just choose unique names for the first part of the URL.
As far as I understand (I have not checked the latest specs), even that problem would be solved with the new version of HTML. The change is that the full URL would be sent of the server (i.e. www://www.ripe.net/index.html instead of just index.html), and the domain name can be derived that way. Geert Jan
In a previous message Heikki Suonsivu wrote: /> - most companies seem very reluctant to allow service provider name to be /> visible in their name, both for image reasons and the simple fact that it /> gives too much control to service provider: The company can't simply switch /> the service provider if they aren't pleased with the one they have been /> using. /> /> It seems to me to be an overkill to save single IP numbers, in particular /> when they are only consumed one per company? There are other reasons why people choose this option, which shouldn't be overlooked. 1. Leased Line customers who simply don't have enough bandwidth to run their big & popular web server over. They don't, however, want to resort to a tacky URL again - they want a host on the providers network. Most easily achieved using a virtual host. 2. Companies who don't, as yet, have a leased line, but may have a significant web *site* (I'm personally annoyed at the number of one-page "web sites" that are nothing more than a waste of DNS and doomed to a short life). They want, again, a machine on your network, and a virtual host is the easiest way of doing this. In both these cases, that IP address only replaces a real machine. I would quite like to see some documentation of "valid uses of an IP address", especially if providing a web service is not considered to be such [no, you don't see my personal opinion there, you see my curiosity]. Why does a network of 60 PC's (which do nothing other than browse web and communicate with the local smart host) warrant a /24 or /25, when by using SOCKs, to get dynamic addressing for the network, and a web proxy, you could use a /30 or /29. If they were dialup hosts, they would be told that using static IP is wrong. Maybe if the RIPE community could produce a public-domain and reliable SOCKs based platform, we could reclaim large numbers of /24's and bigger which are currently only used by "browsers" and have no real excuse not to be in 1597 space. This can only be fair if RIPE are going to question the validity of the use of an IP address... Oliver
participants (11)
-
Cor Bosman -
Daniel Karrenberg -
Domain registration staff -
Geert Jan de Groot -
Heikki Suonsivu -
Lars-Johan Liman -
Oliver Smith -
Per Gregers Bilse -
Peter Galbavy -
poole@eunet.ch -
Shahar Steiff