<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><div>On Feb 13, 2013, at 9:06 , ivan babrou wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 13 February 2013 08:57, Igor Sysoev <span dir="ltr"><<a href="mailto:igor@sysoev.ru" target="_blank">igor@sysoev.ru</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div class="im"><div>On Feb 13, 2013, at 8:49 , ivan babrou wrote:</div><br><blockquote type="cite">
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 12 February 2013 23:06, Igor Sysoev <span dir="ltr"><<a href="mailto:igor@sysoev.ru" target="_blank">igor@sysoev.ru</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div>On Feb 12, 2013, at 21:10 , ivan babrou wrote:<br>
<br>
> Hi, I have a question. It's better to describe with example<br>
><br>
> I point one.local and two.local to 127.0.0.1 and create following servers in config for nginx:<br>
><br>
> server {<br>
> listen 80;<br>
> server_name one.local;<br>
><br>
> location / {<br>
> return 404;<br>
> }<br>
> }<br>
><br>
> server {<br>
> listen two.local:80;<br>
> server_name two.local;<br>
><br>
> location / {<br>
> return 403;<br>
> }<br>
> }<br>
><br>
> If I request one.local then 403 is returned. If i change listen for one.local to one.local:80 then 404 correctly returned, but only after restart, reload doesn't help (that's probably bug too).<br>
<br>
</div>Is there in error_log error something like "listen(<a href="http://127.0.0.1/" target="_blank">127.0.0.1:80</a>) failed (98: Address already in use)" ?<br></blockquote><div><br></div><div>No, there's no such thing.</div>
</div></div></div></blockquote><div><br></div></div>Then it should work with just reload.</div></div></blockquote><div><br></div><div style="">Found that in logs after reload.</div></div></div></div></blockquote><div><br></div><div>This is Linux "feature".</div><br><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word"><div class="im"><div><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div>
> I expect to get 404 if i request one.local even if I listen on all addresses. Am I right?<br>
<br>
<br>
</div>No. Your first configuration is<br>
<br>
server {<br>
listen *:80;<br>
server_name one.local;<br>
}<br>
<br>
server {<br>
listen <a href="http://127.0.0.1/" target="_blank">127.0.0.1:80</a>;<br>
server_name two.local;<br>
}<br>
<br>
A client connects to <a href="http://127.0.0.1/" target="_blank">127.0.0.1:80</a>, so nginx uses the second server to processes request.<br>
When you change listen in the first server to <a href="http://127.0.0.1/" target="_blank">127.0.0.1:80</a>, nginx has two servers for this<br>
listen port and chooses server using "Host" header.<br></blockquote><div><br></div><div>This is what netstat says:</div><div><br></div><div><div>callisto ~ # netstat -ntl </div><div>Active Internet connections (only servers)</div>
<div>Proto Recv-Q Send-Q Local Address Foreign Address State </div><div>tcp 0 0 <a href="http://127.0.0.1:21213/" target="_blank">127.0.0.1:21213</a> 0.0.0.0:* LISTEN </div>
<div>
tcp 0 0 <a href="http://0.0.0.0/" target="_blank">0.0.0.0:80</a> 0.0.0.0:* LISTEN </div><div>tcp 0 0 <a href="http://0.0.0.0:22/" target="_blank">0.0.0.0:22</a> 0.0.0.0:* LISTEN </div>
<div>tcp 0 0 <a href="http://0.0.0.0:5432/" target="_blank">0.0.0.0:5432</a> 0.0.0.0:* LISTEN </div><div>tcp6 0 0 ::1:21213 :::* LISTEN </div>
<div>tcp6 0 0 :::22 :::* LISTEN </div>
<div>tcp6 0 0 :::5432 :::* LISTEN</div><div><br></div><div>Here I only see <a href="http://0.0.0.0/" target="_blank">0.0.0.0:80</a> and <a href="http://127.0.0.1/" target="_blank">127.0.0.1:80</a> looks like a subset for this. So why can't nginx use the same socket? </div>
</div></div></div></div></blockquote><br></div></div><div>If there is "listen *:80", nginx uses this single socket to accept all connections to 80 port and</div><div>then learn local address with getsockaddr(), see Ruslan email for details.</div>
</div></blockquote><div><br></div><div style="">I don't see why nginx cant' find that server_name one.local matches incoming request on that socket. Nginx may check not only listen with 127.0.0.1, but also listen with *, why not?</div></div></div></div></blockquote><div><br></div>On Linux there is no way to listen on both wildcard address and specific addresses.</div><div>You have to listen on either on wildcard addresss or several specific addresses.</div><div>So on Linux there is no way to limit a host to specific address and nginx emulates</div><div>other OSes behaviour. If you want to process one.local on both *:80 and 127.0.0.1:80</div><div>you should use this:</div><div><br></div><div>server {</div><div> listen *:80;</div><div> listen 127.0.0.1:80</div><div> server_name one.local;</div><div>}</div><div><br></div><div><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Georgia; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Georgia; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Georgia; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div><div>server {</div><div> listen 127.0.0.1:80</div><div> server_name two.local;</div><div>}</div></div><div><br></div><div><br></div>--<br>Igor Sysoev<br></span></div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Georgia; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><a href="http://nginx.com/support.html">http://nginx.com/support.html</a></span></div></span></span>
</div>
<br></body></html>