[Cialug] multi-homed apache ssl
Dave Hala Jr
dave at 58ghz.net
Thu Nov 10 14:20:07 CST 2011
I actaully have a conference call with qwest here in about 10 minutes to
get started on this project. Getting an AS number and a block of IP's
that I own is not something that cant be accomplished.
On Thu, 2011-11-10 at 14:11 -0600, L. V. Lammert wrote:
> At 02:01 PM 11/10/2011, you wrote:
>
> >The IP I listed before I made up. A whois on one of my ip addresses
> >returns the following:
> >
> >Qwest Communications Company, LLC QWEST-INET-10 (xxx-xxx-xxx-x-x-x)
> >xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx
> >OSIS INC Q0802-xxx-xxx-xxx-xxx (NET-xxx-xxx-xxx-xxx-xxx) xxx.xxx.xxx.xxx
> >- xxx.xxx.xxx.xxx
>
> Same problem - you are using a Qwest IP block; they 'own' them, so
> another ISP would be reluctant to route them.
>
> >I have a commercial grade T-1 circuit from Century Link/Qwest. I was
> >really happy with the service, until I had a problem. Secondly, I'm not
> >paying Qwest TWICE for more of the same. It wont solve my problem.
>
> Unfortunately, the only way to handle two routes is to have your own
> IPs; in you case, however, there is another option:
>
> Failover DNS could then automatically redirect the traffic to a
> *different* IP and/or physical location. The only issue would be two
> sets of SSL certificates [simplest], or upgrade to 'multi-homed'
> CERTs for any SSL connection [each vendor uses different terms, but
> what you need a CERT that will validate to a domain name, not an IP].
>
> If the revenue produced by your T1 justifies it, the better option
> would to purchase a half rack at a Colo facility or move to 'cloud'
> servers. Many ISPs now have 'dynamic' cloud configurations, where you
> can get a full VM (1 CPU, memory, 50-100GB) for less than $50/month.
>
> Lee
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list