Mailing List Archive

https://bz.apache.org/bugzilla/show_bug.cgi?id=64996

--- Comment #2 from Christoph Anton Mitterer <calestyo@scientia.net> ---

<TL;DR>

As indicated in the other ticket, my ultimate suggestion would probably be to
rather re-write the documentation and merge it all in one simpler document,
with about the following abstract:

- tell the concepts of a vhost (i.e. one httpd serving (typically different)
content, reachable from different domainnames/addresses/ports.

- tell what IP based hosting is/was, namely that the vhost is selected purely
based on the addr/port (at which the connection arrives)... perhaps adding that
this is typically not necessary anymore (especially in times of tight v4 space)
and that even past reasons (non-SNI TLS) are gone - instead of just vaguely
indicating this, which just confuses users)

- tell what name based hosting is, namely the clients send a HTTP Host header
giving the domainname of the host they desire (and that this is usually
identical to the domainname in the client's URL
and the crucial point: selection is done based on that Header, rather then the
IP/port
perhaps also, that with TLS, the SNI name is take for the Host

- tell how it actually works in apache, which does basically both at the same
time, i.e. how the vhost is selected:
1) first take any vhosts whose addr:port match literally (i.e. no wildcard)
2) if none, take also those with wildcards)
3) if there is a HTTP Host Header, match that in the remaining vhosts and fall
back to the first one if no-one matches or there is none.
4) if there was matching no vhost at all, give it to the main server

- remainders are special thing, like where ServerName get's its default from,
or who the implicitly added ServerAlias (form <VirtualHost> name works... or
that a vhost literal hostname (instead of addr) will be replaced by ***all***
addresses that name resolves to at server startup.... and other special stuff
like: what if more than one <VirtualHost> have a literal addr:port match.
</TL;DR>


---------------------


But given the above would be a huge effort, a solution for this ticket would
perhaps be to really clarify what's meant with phrases like (from your
quotations):
- "the proper server", "the best IP-based address"
- "the best (most specific) matching", "best-match address and port"
- "most specific matching IP address and port combination"

I think these phrases are all pretty vague... I mean they're clear for us,
since we know what's meant,.. but for a beginner: What's a "best address
match"? Is IPv4 better than IPv6? Or is a match 10.10.10.10:8080 better than
10.10.10.10:*

One should simply use a clear description like:
It first considers only vhosts with literally matching address:port pair (i.e.
where neither of both is a wildcard *), and only then it also considers those
with wildcards.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=64996

Christoph Anton Mitterer <calestyo@scientia.net> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW

--- Comment #3 from Christoph Anton Mitterer <calestyo@scientia.net> ---
After playing around a bit more I'd even say two more points are missing from
vhosts/name-based.html AND in vhosts/details.html


I) Maybe I'm blind but after skimming through both several times I couldn't
find what happens if there are multiple <VirtualHost> blocks which "match" for
a request as good as each other (i.e. no ServerName/Alias match at all, or all
the names same).

It actually *is* indicated in mod/core.html#virtualhost, where it says:
"If multiple virtual hosts contain the best matching IP address and port, the
server selects from these virtual hosts the best match based on the requested
hostname. If no matching name-based virtual host is found, then the first
listed virtual host that matched the IP address will be used."

but it says this only for name based matching,... while it seems to be
generally the case, i.e. if I have:
<VirtualHost *:*>
#vhost A
</VirtualHost>
<VirtualHost *:*>
#vhost B
</VirtualHost>

then B, and only B, will be used, right?!



II) I thought a bit more about the "simple" selection algorithm I wrote down
above and the term "best match" and noticed that mine is also kinda flawed, but
the docs also don't seem to mentioned anywhere the real truth:

I wondered, what happens if I have:
<VirtualHost 10.10.10.10:*>
#vhost A
</VirtualHost>
<VirtualHost *:8080>
#vhost B
</VirtualHost>

and a request goes on to 10.10.10.10:8080 (regardless of whether name based or
not).

And in fact instead of:
- first, look at vhosts with a literal addr:port match (regardless whether
name-based or not)
- second, if none were found, look at those with wildcards

it seems the following is the case:

- first, look at vhosts with a literal addr:port match (regardless whether
name-based or not)
- second, if none were found, look at those with addr:* matches (where addr is
again literal)
- third, if none were found, look at those with *:port matches (where port is
again literal)
- fourth, if none were found, look at those with *:* matches.
- last but not least, use the main server

And in each[0] group:
- if Host-Header is given and matches, use that vhost
- if there were multiple vhosts with matching Host-Header, use the first one
(and only the first one) in the config file
- if there was only one vhost and/or no matches of the Host-Header or no
Host-header give, use the first vhost from the group (which explains both, why
the name based hosts-default to the first vhost,... and why e.g. two vhosts
with both *:*, or both *:80, or both 10.10.10.10 use the first)


Cheers,
Chris.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=64996

--- Comment #4 from Christoph Anton Mitterer <calestyo@scientia.net> ---
[0] Well, obviously there wouldn't be any further matching for Host-Header in
the main server... but what if one had:

<VirtualHost *:*>
#vhost A
ServerName example.org
</VirtualHost>
<VirtualHost *:*>
#vhost B
ServerName example.com
</VirtualHost>

would that still select example.com if the request hat that as Host Header?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=64996

Eric Covener <covener@gmail.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement

--- Comment #5 from Eric Covener <covener@gmail.com> ---
made some improvements around "best" used unqualified in
http://svn.apache.org/viewvc?rev=1884608&view=rev

I will leave the bug open as an enhancement if anyone wants to contribute more
concise detail about further explaining how IP-based matches or how the
narrowing of this affects how name-based selection can proceed.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org