What are the benefits of using several IP addresses on a server?

Some (but not all) reasons:

  • In order to host multiple SSL sites as already mentioned
  • Because you may be consolidating services from multiple hosts and you need to preserve the addresses
  • In order to use an IP address that can later be transferred to another host
  • To compensate for a host that's down at that moment by adding its IP address to another one
  • If you have multiple IP networks on the same physical/logical network/vlan it will prevent traffic from being exchanged via the gateway, speeding things up and reducing the load
  • In order to setup a device that has a default IP address and thus you need to add an address on the same network
  • In order to use different public IP addresses to avoid firewalls or to avoid being blacklisted in SPAM filters
  • In order to make things less obvious to external people. E.g. you may be running apache on IP address 1.2.3.4 and only allow SSH on 1.2.3.5. That way if someone attempts to attack the IP address behind a site they won't find SSH running.
  • In order to run the same service multiple times
  • In order to use different hostnames in reverse DNS lookups. E.g. if you're connecting from this host to something external and you want to be presented as two different domain/hostnames
  • In order not to expose commonality between services. E.g. if you host site1.example.com and site2.example.org and you map them on different IPs instead of using CNAMEs there won't be an obvious link between them

In the case of a web server, it depends. If you have multiple virtual hosts then in Apache for example, the server knows which IP to use from the VirtualHost block.

 <VirtualHost 10.10.10.1:80>
   ...
 </VirtualHost>

You can also have a VirtualHost listen on all available interfaces which Apache is currently listening on (via the Listen directive eg. Listen *:80

 <VirtualHost *:80>
   ...
 </VirtualHost>

In the event you have multiple sites running on a server where multiple sites are SSL enabled, it is good to have a separate IP for each site. This is because SSL certificates are exchanged before the HTTP headers are sent. If you have multiple vhosts on one IP, then Apache will not know which site you are trying to reach without the host header.

I'm sure there are many other use cases, this is a common one.

Tags:

Ip

Networking

Recent Posts