benifits of using individual IP per site V shared IP / hos..

Scott wrote on Fri, 10 Aug 2007 16:42:29 +0100:

> Hi,

> We provide a shared but customer branded web application and we get
> customer to direct their DNS records at an individual IP. At the
> moment my default site is the only dir that does not use host headers.

> Im just wondering what the advantages / disadvantages are of using an
> IP per URL verus using a shared IP and host headers ?

> Could really do with some expert advice if anyone has the time to post
> some info ?

> Thank you
> Scott

The advantages, off the top of my head, are:

SSL support is easier to add later if you need it (each IP:Port combination
must be unique, and SSL is negotiated before sending the Host header, so a
dedicated IP is the easiest approach unless you want to mess with adding
port numbers to URLs or trying to obtain SSL certs containing multiple
Common Name entries.

Support for applications that don't send the Host: header. While rare in
browsers nowadays, any application that connects to the host and doesn't
send the Host header (ie. written for the HTTP/1.0 specification) will only
be able to retrieve information from the default site if you only have a
single IP with host headers.

Multiple host name support per site without having to map additional host
headers or create redirecting sites. If you have sites on IPs with no host
headers, then your customers can have as many FQDNs point to that IP via DNS
and not have to worry about bogging the metabase down with every possible
host header. eg. one of your customers could point www.domain1.com,
www.domain2.com, myhost.domain3.com, etc etc to their dedicated IP address,
and they'd all work without those host headers having to be configured in
IIS.

Firewall/router filtering - with dedicated IPs per customer you can use
custom filtering at your router/firewall for those sites which need
restricted access to certain IP ranges, rather than having to include them
in the IIS configuration for the site. However, this might also mean having
to create a way for the application to interface to the firewall/router to
update these addresses, so you might not see this as an advantage to using
the IIS metabase to hold the IPs (which is relatively easy to program
against for making changes). I prefer to try and filter traffic at the
perimeter of my network rather than rely on host or application based
filtering - this reduces the traffic inside the network, and keeps the
resources required for handling requests to a minimum.

Dan
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos.. 

Scott,
Host headers simply enable you to run sites on the same IP (as you know).
The only disadvantages are:
- you can't run SSL for different domains; only for different sub-domains
through a domain wildcard certificate
- it does not work for applications that construct URL's from the server
name, or localhost or IP address
So if you have the IPs to spare (like a University), then host headers are
not needed. If you are short of IP's they are.
Anthony
http://www.airdesk.co.uk





"Scott" <s.DeleteThis@yahoo.co.uk> wrote in message
news:u6%23DcQ22HHA.4476@TK2MSFTNGP06.phx.gbl...
> Hi,
>
> We provide a shared but customer branded web application and we get
> customer to direct their DNS records at an individual IP. At the moment my
> default site is the only dir that does not use host headers.
>
> Im just wondering what the advantages / disadvantages are of using an IP
> per URL verus using a shared IP and host headers ?
>
> Could really do with some expert advice if anyone has the time to post
> some info ?
>
> Thank you
> Scott
>
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos.. 

thanks for the reply everyone , its a great help.

I think i will go down the IP route.

Scott
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos.. 

ps im just a tab worried that if a use does have a browser wheteby a
hostheader value is not passed to iis that they get the default site and
that default site as the moment is branded for the first customer .... i
need something more generic i think.
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos.. 

Hi,

You can set your own website as "default" website. Or you can select to
not have a "default" website at all, and in that case IIS will return with
a 400 Bad Host status code.


--
Regards,
Kristofer Gafvert
http://www.gafvert.info/iis/ - IIS Related Info


Scott wrote:

>ps im just a tab worried that if a use does have a browser wheteby a
>hostheader value is not passed to iis that they get the default site and
>that default site as the moment is branded for the first customer .... i
>need something more generic i think.
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos.. 

Scott wrote on Mon, 13 Aug 2007 11:21:37 +0100:

> ps im just a tab worried that if a use does have a browser wheteby a
> hostheader value is not passed to iis that they get the default site
> and that default site as the moment is branded for the first customer
> .... i need something more generic i think.

It's rare to find someone with a browser that doesn't support the Host:
header. However, I would suggest setting the default site to a generic
non-branded site for your own business just in case, rather than one of your
customers.

Dan
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos.. 

thanks again, thats been a great help
Scott
 >> Stay informed about: benifits of using individual IP per site V shared IP / hos..