Re: how do web hosting companies give ssh and root to so many users.
The IP-adresses are bought from an organisation with a lot of IPs given to them either by a RIR (Regional Internet Registries, eg. RIPE) or directly by IANA. The whole thing with "no more IP-addresses" is that IANA no longer have any IP-addresses they wish to allocate to the public Internet - there is still a couple of million of them reserved for "future"/local usage, but in the long run, we still have to migrate to IPv6. RIPE has some more information about this on their website[1]. Setting up virtual servers can be made fully-automatically and doesn't require that much off the hardware, so these "root"-access machines (most often dedicated/VPSs) is getting quite common nowadays, since the pricing between VPSs (out of the head.. beginning on as little as $250/yr is not that far off from better webhosts, at approx $100/yr). The exhaustion is mostly IANAs fault - the amount off addresses was insufficient for a global network to which *everyone* connects. To blame the web hosts is quite wrong, as the ISPs also tend to "lend" out IP-addresses to every single household/cellphone that connects to the Internet and also haven't really cared about the problem (profit?) even as IANA actually have told them to start swapping the last 10 years.. Vint Cerf[2], nowadays Chief Internet Evangelist at Google is often very quick to say something like "I made a mistake when I was in the group that decided how IPv4 should be built up, let's correct it with IPv6, sure, 4.3 billion addresses is a lot of them in 1990 - but it proved to be insufficient as the Internet grew.. my bad!" (not accurate quote) Having a single customer/IP-address can often be practically for companies, as you then can say that "Yes, anything from this IP-address is ours, it's ours and ours only", for example - to verify that a mail is from the correct sender (most companies doesn't use GPG-signatures or similar), you can check the IP-address against a DNS-server to verify the probability of the of the sender being the sender. (Also, if you need 10 million IPv4-addresses, you should probably contact a RIR directly as that is a LOT of addresses, if it's IPv6 you want, no worries.. there's plenty of them :D) [1] http://www.ripe.net/internet-coordination/ipv4-exhaustion [2] http://en.wikipedia.org/wiki/Vint_Cerf -- Best wishes Emil "sakjur" Tullstedt ~~ On Sat, Mar 5, 2011 at 3:42 PM, Abhishek Dixit wrote: > On Sat, Mar 5, 2011 at 7:08 PM, Ahmed Kamal wrote: > > > > > > On 03/05/2011 03:24 PM, Abhishek Dixit wrote: > >> > >> So if some one has to host 100 million websites and if 10 million asks > >> then the web hosting company has these 10 million IP addresses? > > > > Websites are different. Due to "Name Virtualhosting" you can host > multiple > > websites (thousands) on a single IP address. The web server knows how to > > serve the correct one through http headers > > > Very correct.But I see people given root access in these situations > also and other than websites people are given a lot of server access > with dedicated IPs and SSH access so how do they acquire so many > IPs.Are these web hosting companies responsible for the finishing of > IPv4 addresses. > -- > Regards > Abhi > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam > -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: how do web hosting companies give ssh and root to so many users.
On Sat, Mar 5, 2011 at 7:08 PM, Ahmed Kamal wrote: > > > On 03/05/2011 03:24 PM, Abhishek Dixit wrote: >> >> So if some one has to host 100 million websites and if 10 million asks >> then the web hosting company has these 10 million IP addresses? > > Websites are different. Due to "Name Virtualhosting" you can host multiple > websites (thousands) on a single IP address. The web server knows how to > serve the correct one through http headers > Very correct.But I see people given root access in these situations also and other than websites people are given a lot of server access with dedicated IPs and SSH access so how do they acquire so many IPs.Are these web hosting companies responsible for the finishing of IPv4 addresses. -- Regards Abhi -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: how do web hosting companies give ssh and root to so many users.
On 03/05/2011 03:24 PM, Abhishek Dixit wrote: So if some one has to host 100 million websites and if 10 million asks then the web hosting company has these 10 million IP addresses? Websites are different. Due to "Name Virtualhosting" you can host multiple websites (thousands) on a single IP address. The web server knows how to serve the correct one through http headers -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: how do web hosting companies give ssh and root to so many users.
So if some one has to host 100 million websites and if 10 million asks then the web hosting company has these 10 million IP addresses? If yes who gives them so many IP addresses? I may sound stupid but I read that IPv4 have finished.A long long time back (approx 10 years back) I had asked one of my friend to install Apache at his home computer and from a geographically distant location I was able to see his thing as http:// and things were working. But I do not see the same thing these days if I have an ADSL router or DSL line then I am not having any clue as why am I unreachable with same way given that ISP did not blocked any thing.So I believe the ISP might be giving some sort of abstraction for such things.If that being the case how does it work for a web hosting company and where do they buy these IPs from and how much they pay for it? On Sat, Mar 5, 2011 at 6:38 PM, Douglas Stanley wrote: > Simple. The hosting companies giving out root access have either many > dedicated machines, each with their own public ip or they use > virtualization. > > No magic, nothing special. Hosting companies just have that many ips to give > out. For example, I rent rack space at a hosting company for my server, and. > I have 16 ip addresses for it. > > You have to have dedicated public ips for things like https. > > As far as how they manage so many machines, if the customer has root, the > customer is responsible for managing the machine. The hosting company > probably just uses disk imaging or installation automation to quickly > provision a new server, then the customer takes it from there. > > Again, no magic. Well automation stuff like cobbler and puppet may seem > magical but, it's all stuff you could do yourself. > > Doug > > On Mar 5, 2011 7:06 AM, "Abhishek Dixit" wrote: >> Hi, >> it may not be the right list for this question so please consider my >> apologies for that.The reason I am posting here is I feel the people >> on Ubuntu server list are quite knowledgeable and will be able to >> answer my question.I have been trying to understand this from quite >> some time LQ,Serverfault, and many other forums I asked this question >> but I am not satisfied with the answers that I got so asking here.I >> want to know how do these web hosting companies give the end user (who >> is their customer) the root access to the server.Where do so many IPs >> come from and how is it possible that each customer who is given a >> root access is able to gain root access.If I were to do the same let >> us take a situation I have a public IP and a big server farm behind >> that. >> So if I have to give people from internet SSH access to those machines >> behind my public IP in my server farm >> then on the main machine in its .ssh/config I will configure a Proxy such >> as >> >> ProxyCommand ssh a nc -w 3 %h %p >> >> >> So that I give the end user in one step a console to an internal >> machine.That is one mechanism which comes to my mind or create some >> sort of tunnel and then give a GUI to that SSH tunnel. >> But what I have seen people doing is >> ssh user@ >> and they directly login at port 22 and no tunnel or ProxyCommand (in >> my opinion) is used there. >> >> I don't think that above sort of Proxy configuration is used in such >> scenarios.But the curiosity I have is how come these Web Hosting >> Companies have so many public IPs and even if they have then how do >> they actually manage root logins to each of these machines.Maintenance >> of such a system would be extremely complex in my opinion. >> Also no one seems to be using Apache Reverse proxy at the Hosting >> level so how do these companies actually make this possible, >> I am looking from a technical perspective.I am an experienced sys >> admin kind of guy who knows Linux but never worked with a Hosting >> Company. >> Any link to some good doc which can satisfy my curiosity will be >> greatly appreciated. >> >> -- >> Regards >> Abhi >> >> -- >> ubuntu-server mailing list >> ubuntu-server@lists.ubuntu.com >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server >> More info: https://wiki.ubuntu.com/ServerTeam > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam > -- Regards Abhi -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: how do web hosting companies give ssh and root to so many users.
Simple. The hosting companies giving out root access have either many dedicated machines, each with their own public ip or they use virtualization. No magic, nothing special. Hosting companies just have that many ips to give out. For example, I rent rack space at a hosting company for my server, and. I have 16 ip addresses for it. You have to have dedicated public ips for things like https. As far as how they manage so many machines, if the customer has root, the customer is responsible for managing the machine. The hosting company probably just uses disk imaging or installation automation to quickly provision a new server, then the customer takes it from there. Again, no magic. Well automation stuff like cobbler and puppet may seem magical but, it's all stuff you could do yourself. Doug On Mar 5, 2011 7:06 AM, "Abhishek Dixit" wrote: > Hi, > it may not be the right list for this question so please consider my > apologies for that.The reason I am posting here is I feel the people > on Ubuntu server list are quite knowledgeable and will be able to > answer my question.I have been trying to understand this from quite > some time LQ,Serverfault, and many other forums I asked this question > but I am not satisfied with the answers that I got so asking here.I > want to know how do these web hosting companies give the end user (who > is their customer) the root access to the server.Where do so many IPs > come from and how is it possible that each customer who is given a > root access is able to gain root access.If I were to do the same let > us take a situation I have a public IP and a big server farm behind > that. > So if I have to give people from internet SSH access to those machines > behind my public IP in my server farm > then on the main machine in its .ssh/config I will configure a Proxy such as > > ProxyCommand ssh a nc -w 3 %h %p > > > So that I give the end user in one step a console to an internal > machine.That is one mechanism which comes to my mind or create some > sort of tunnel and then give a GUI to that SSH tunnel. > But what I have seen people doing is > ssh user@ > and they directly login at port 22 and no tunnel or ProxyCommand (in > my opinion) is used there. > > I don't think that above sort of Proxy configuration is used in such > scenarios.But the curiosity I have is how come these Web Hosting > Companies have so many public IPs and even if they have then how do > they actually manage root logins to each of these machines.Maintenance > of such a system would be extremely complex in my opinion. > Also no one seems to be using Apache Reverse proxy at the Hosting > level so how do these companies actually make this possible, > I am looking from a technical perspective.I am an experienced sys > admin kind of guy who knows Linux but never worked with a Hosting > Company. > Any link to some good doc which can satisfy my curiosity will be > greatly appreciated. > > -- > Regards > Abhi > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
how do web hosting companies give ssh and root to so many users.
Hi, it may not be the right list for this question so please consider my apologies for that.The reason I am posting here is I feel the people on Ubuntu server list are quite knowledgeable and will be able to answer my question.I have been trying to understand this from quite some time LQ,Serverfault, and many other forums I asked this question but I am not satisfied with the answers that I got so asking here.I want to know how do these web hosting companies give the end user (who is their customer) the root access to the server.Where do so many IPs come from and how is it possible that each customer who is given a root access is able to gain root access.If I were to do the same let us take a situation I have a public IP and a big server farm behind that. So if I have to give people from internet SSH access to those machines behind my public IP in my server farm then on the main machine in its .ssh/config I will configure a Proxy such as ProxyCommand ssh a nc -w 3 %h %p So that I give the end user in one step a console to an internal machine.That is one mechanism which comes to my mind or create some sort of tunnel and then give a GUI to that SSH tunnel. But what I have seen people doing is ssh user@ and they directly login at port 22 and no tunnel or ProxyCommand (in my opinion) is used there. I don't think that above sort of Proxy configuration is used in such scenarios.But the curiosity I have is how come these Web Hosting Companies have so many public IPs and even if they have then how do they actually manage root logins to each of these machines.Maintenance of such a system would be extremely complex in my opinion. Also no one seems to be using Apache Reverse proxy at the Hosting level so how do these companies actually make this possible, I am looking from a technical perspective.I am an experienced sys admin kind of guy who knows Linux but never worked with a Hosting Company. Any link to some good doc which can satisfy my curiosity will be greatly appreciated. -- Regards Abhi -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam