Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 28042 invoked from network); 21 Jun 2010 17:34:22 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 21 Jun 2010 17:34:22 -0000 Received: (qmail 90487 invoked by uid 500); 21 Jun 2010 17:34:21 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 90428 invoked by uid 500); 21 Jun 2010 17:34:20 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 90419 invoked by uid 99); 21 Jun 2010 17:34:20 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Jun 2010 17:34:20 +0000 X-ASF-Spam-Status: No, hits=0.3 required=10.0 tests=AWL,RCVD_IN_DNSWL_NONE,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [66.46.182.55] (HELO relay.ihostexchange.net) (66.46.182.55) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Jun 2010 17:34:14 +0000 Received: from VMBX122.ihostexchange.net ([192.168.40.2]) by hub105.ihostexchange.net ([66.46.182.55]) with mapi; Mon, 21 Jun 2010 13:33:52 -0400 From: Mike Keen To: "user@couchdb.apache.org" Date: Mon, 21 Jun 2010 13:33:50 -0400 Subject: Re: Crash: Ip or Hostname as bind_address Thread-Topic: Crash: Ip or Hostname as bind_address Thread-Index: AcsRZ+pu7167hCEeRjS02Q5QlRqtFQ== Message-ID: <138ECE0A-782D-45F8-97B7-EC81D057CB94@visiture.com> References: <34B5B1737ACC7D4490AD9E0E799F0E6C01B5A4D06B@LNWEXMBX0137.msad.ms.com> <50FB16B6-A62C-482F-BC71-810FBFEE0CE0@googlemail.com> <424B1503-23D8-4CE2-A2F1-5B94BF4569F2@tumbolia.org> <3BA19220-870D-4F70-A60C-A3922D137F47@tumbolia.org> In-Reply-To: <3BA19220-870D-4F70-A60C-A3922D137F47@tumbolia.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Correct me if I'm wrong, but I believe CouchDB does in fact have a vhosts f= eature. Mike On Jun 21, 2010, at 1:28 PM, Noah Slater wrote: >=20 > On 21 Jun 2010, at 18:15, Andrew Melo wrote: >=20 >> On Mon, Jun 21, 2010 at 6:10 PM, Nils Breunese wrot= e: >>=20 >>> It might be pretty confusing if the A record changed after the last tim= e >>> the server was started. I've never seen a daemon allowing you to bind t= o a >>> hostname. Also, what happens when your resolver is down? CouchDB can't >>> start? >>>=20 >>> But yeah, it could be implemented I guess. >>>=20 >>=20 >> For the machines I run, I set up different hostnames in /etc/hosts for t= he >> external and internal interface, so if I have to move it (for whatever >> arcane reason), I can make one change and have all the binded addresses >> change as well. (I use DNS to change the A records so that external clie= nts >> can find it, but that's a different problem) >=20 > Agreed, I regularly use /etc/hosts to manage internal IP spaces. I could = use BIND if I felt like a bit of flagellation. Either way, it's certainly s= omething I can see a use for. If your DNS resolution fails, then CouchDB er= rors out, like it would if it didn't have permission to open a port. >=20 > However, from: >=20 > http://httpd.apache.org/docs/2.0/dns-caveats.html >=20 > We have: >=20 >> This page could be summarized with the statement: don't configure Apache= in such a way that it relies on DNS resolution for parsing of the configur= ation files. If Apache requires DNS resolution to parse the configuration f= iles then your server may be subject to reliability problems (ie. it might = not boot), or denial and theft of service attacks (including users able to = steal hits from other users). >=20 > Apache httpd is intended to be deployed in shared environments, however. = CouchDB doesn't have a vhost feature, and I can't imagine it providing one.= We'd almost certainly just tell users to proxy back from an Apache vhost t= o a specific database, or what have you. So may be these concerns don't app= ly.