[Cialug] multi-homed apache ssl
L. V. Lammert
lvl at omnitec.net
Thu Nov 10 14:11:57 CST 2011
At 02:01 PM 11/10/2011, you wrote:
>The IP I listed before I made up. A whois on one of my ip addresses
>returns the following:
>
>Qwest Communications Company, LLC QWEST-INET-10 (xxx-xxx-xxx-x-x-x)
>xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx
>OSIS INC Q0802-xxx-xxx-xxx-xxx (NET-xxx-xxx-xxx-xxx-xxx) xxx.xxx.xxx.xxx
>- xxx.xxx.xxx.xxx
Same problem - you are using a Qwest IP block; they 'own' them, so
another ISP would be reluctant to route them.
>I have a commercial grade T-1 circuit from Century Link/Qwest. I was
>really happy with the service, until I had a problem. Secondly, I'm not
>paying Qwest TWICE for more of the same. It wont solve my problem.
Unfortunately, the only way to handle two routes is to have your own
IPs; in you case, however, there is another option:
Failover DNS could then automatically redirect the traffic to a
*different* IP and/or physical location. The only issue would be two
sets of SSL certificates [simplest], or upgrade to 'multi-homed'
CERTs for any SSL connection [each vendor uses different terms, but
what you need a CERT that will validate to a domain name, not an IP].
If the revenue produced by your T1 justifies it, the better option
would to purchase a half rack at a Colo facility or move to 'cloud'
servers. Many ISPs now have 'dynamic' cloud configurations, where you
can get a full VM (1 CPU, memory, 50-100GB) for less than $50/month.
Lee
More information about the Cialug
mailing list