0

I recently tried adding second IP address to our server for various reasons and found that now when I check netstat -anob there are many programs/services listening and establishing connections to that IP. (Among them, surprisingly, is httpd, despite the fact that my config file mentions only the server by name, a name which maps to the original IP, not the second, in our DNS records.) I'm a bit perplexed by this behaviour, since I do not have network load balancing enabled on the TCP/IP connection. Furthermore, I'm not sure what point there would be in adding IP addresses to a single TCP/IP connection if they just all get used together anyway.

How can I keep them separate? I only wanted to create additional IPs for specific httpd services to run on (but didn't quite get that far before I noticed this.) I don't want everything using them, first of all because then I can't get an httpd service to listen on the new IP because the old service is already hogging both IPs. Maybe it's not an issue if other services use these IPs to establish connections (is it?), but I can't move forward while httpd insists on listening on both IPs.

Community
  • 1
Kev
  • 984
  • 4
  • 23
  • 46
  • Mentioning the http server software would be good. – NickW Mar 28 '13 at 17:14
  • Sorry, I thought "httpd" was synonymous with Apache. I'm on Apache 2.2. – Kev Mar 28 '13 at 17:21
  • 2
    It's always good to list versions, as config options change, etc. – NickW Mar 28 '13 at 17:25
  • I think I was actually asking about two different topics here, one about services in general, and one about Apache. I'll start a new question about the latter. – Kev Mar 28 '13 at 17:28

1 Answers1

3

Most services will bind to any available address by default. To start multiple instances of a service that bind to the same port, you will need to specify a binding address in the configuration.

David Houde
  • 3,200
  • 1
  • 16
  • 19
  • In other words, I can't really keep them separate by default. I'd have to reconfigure lsass, dns.exe, SQL Server, etc. and if I added a new service, I'd need to do that too. Assuming I can get Apache to co-operate, is there any downside to letting these services use the extra IPs? If I need to reconfigure these IPs, would such bound services complain or otherwise be interrupted or prevent me from reconfiguring (e.g. deleting the new IP)? – Kev Mar 28 '13 at 17:24
  • I see no problem. Apache can do this without problem, look in the config file for "Listen: *:80" and change it to "Listen: 1.2.3.4:80" – David Houde Mar 28 '13 at 17:51
  • So if I deleted the second IP right now, the SQL Server connection that netstat lists as "ESTABLISHED" would just find a way through the first IP again without interruption? And the system would let me delete it in the first place despite the established connection? – Kev Mar 28 '13 at 17:55
  • I am not sure I compltely understand, but if you have an established connection to your SQL server that is bound to a specific address, and you would like to change it to another address -- then you most likely need to restart the service, which would generally lead to service interruption. – David Houde Mar 28 '13 at 18:00
  • That bites. I didn't even restart SQL Server in the first place, it just started establishing connections on the new IP as soon as I added the new IP. Oh well, thank you for the info. – Kev Mar 28 '13 at 18:05
  • Wait, so lsass and dns.exe and other "low level" services would also need a restart? Further bitingness... – Kev Mar 28 '13 at 18:06
  • So, you've found a good reason to not make changes to servers during operational hours. – mfinni Mar 28 '13 at 19:36