Holey Moley That Was Fast

[Jeff2A]

Here's the mental image I have of it.

http://computer.howstuffworks.com/in...astructure.htm

That's mostly right, but what it fails to recognize is that the path will ONLY change if state changes in the route. If you have a router that's flapping, you'll see packets drop more often than change to a different path in the middle of a tcp session. The packets may hit different routers along the way, but more often than not they're two routers sharing a route in a high-availability cluster, using the same set of rules - therefore, the end point on the path is going to be the same either way.

OCCASIONALLY, you'll see problems where packets don't end up in the same place when sent from the same location. This CAN be DNS based load balancing (Yahoo and Google do it, for example), but for sites like flashkit.com , there's one IP address ( 63.236.18.42 ), and a single best route from your location to that IP based on BGP announcements from their routers.

[Ask The Geezer]

Can you explain what a "dedicated IP" is and any advantages to having one.

Damn, you make it so clear even I can understand it.

[Jeff2A]

Can you explain what a "dedicated IP" is and any advantages to having one.

Damn, you make it so clear even I can understand it.

I'm not 100% sure if you mean hosting, or broadband, but I'm going to guess hosting, and then I'll back up if you tell me I guessed wrong.

Hosting 101

A dedicated IP is a promise made by your hosting provider to you that you'll be the ONLY user on that IP address. This allows the hosting server to make certain assumptions that benefit you as an end user.

First, it allows the hosting provider to specify an accurate Reverse DNS entry (the part of DNS that maps IP addresses to hostnames, instead of vice-versa). For example, if we query www.2advanced.com, that returns '216.174.103.13'. If we query '216.174.103.13' (the technical term for this would be written 13.103.174.216.in-addr.arpa. , but that's not important here), it returns '2advanced.com'. On the other hand, if I query 'flashbax.com', it returns '66.96.95.121'. If I query the reverse for '66.96.95.121', it returns no result.

Second, on the server side, the services know automatically that any connection on that IP address is destined for ONE site, and ONE site only - they don't need to inspect the application headers to see the site. For example, your web browser will send a host header to the server telling it what domain it's looking for - many shared hosts will use that header for telling them which site to return. If you have an IP based site, you can visit just the IP address, and the only site that can possibly be displayed is yours. Similarly, connections to FTP, POP3 and IMAP servers will be locked to a single domain - to you, this means you can enter in just the username part of your email address (you won't need @domain.com) - the domain is known based on the IP. The best way to demonstrate is to try going to the IP address in your browser: http://66.96.95.121/ does return your site (contrary to my guess, for what it's worth). Sites on name-based shared hosting are not so fortunate ( gerbick.com -> 82.165.198.57 , http://82.165.198.57/ certainly isn't 'gerbick.com').


The biggest difference, in my opinion, is the fact that you can only have one SSL certificate per IP address - the SSL headers are exchanged before the HTTP Host header is sent, so there's no way for a server to send the 'right' SSL cert for sites sharing an IP. When you have your own IP, the server can send the right SSL cert that matches your site, which allows you to do eCommerce (for example) without having to use a shared certificate supplied by your provider.

[Ask The Geezer]

The best way to demonstrate is to try going to the IP address in your browser: http://66.96.95.121/ does return your site (contrary to my guess, for what it's worth).

yeah, I'm paying for a dedicated IP, so it better.

Correct me if I'm wrong, but isn't https secure, whether there is a SSL Cert or not? And is there any way to remove the popup when there is no cert? The guy that figures out how to circumvent that could get rich.

[admedia]

wow nice revamp iaw.

[Jeff2A]

yeah, I'm paying for a dedicated IP, so it better.

Correct me if I'm wrong, but isn't https secure, whether there is a SSL Cert or not? And is there any way to remove the popup when there is no cert? The guy that figures out how to circumvent that could get rich.

A certificate is going to be required for HTTPS. Most providers will supply you with a self-signed (they'll make the site have your name on it, and have you sign it) cert that will be secure, free, and cause the popup. There is no way to get around the popup unless it's signed by a trusted authority.

If you step back and look at it from a business perspective rather than a 'want to avoid buying a cert' point of view, that popup is telling the user that the site is secure, but may not be trusted - if you're putting your credit card somewhere, that popup is significant. It's something you NEED to know, because it may imply that someone's playing games. Someone pretending to be PayPal or your bank and getting around that popup would have ugly consequences.

[Ask The Geezer]

The Cert is a two edged sword though. Yes, Veri-Sign and Thawte do check out the company, but they now charge like $900 a year or so. On the other hand, you can know a company is good and you'll still see the nasty popup when going to a secure page, which is still secure.

wow nice revamp iaw.

[Sybersnake]

The Cert is a two edged sword though. Yes, Veri-Sign and Thawte do check out the company, but they now charge like $900 a year or so. On the other hand, you can know a company is good and you'll still see the nasty popup when going to a secure page, which is still secure.

I would pay for a certificate if i was dealing with something really secure and had money involved. Otherwise, its not worth it.

[Ask The Geezer]

It's also a ***** to get one to work.

[PCRIDE]

Didn't read the entire post, but i know

godaddy and www.bluewho.com is the best combo for the buck

Full control with Cpanel, unlimited domains, WebHost manager to control quotas etc..

you are givin x amount of space and do what ever you want with it.

4 plans i pay 20.00 a month, and the domain set up form the point when i register a new one is less then 30 min. to be online.

[Jeff2A]

The Cert is a two edged sword though. Yes, Veri-Sign and Thawte do check out the company, but they now charge like $900 a year or so. On the other hand, you can know a company is good and you'll still see the nasty popup when going to a secure page, which is still secure.

Certificates can be had for less than $100, with basic verification (the cert must be emailed to an address at the domain - if you want a cert for flashkit.com, it must go to someuser@flashkit.com ) .

[Sybersnake]

It's also a ***** to get one to work.

really? I have a self cert, it was pretty easy.