1 5127fd58 2021-12-17 jrmu version=pmwiki-2.2.130 ordered=1 urlencoded=1
2 5127fd58 2021-12-17 jrmu agent=w3m/0.5.3+git20210102
4 5127fd58 2021-12-17 jrmu charset=UTF-8
6 5127fd58 2021-12-17 jrmu ctime=1627441547
7 5127fd58 2021-12-17 jrmu host=38.87.162.8
8 5127fd58 2021-12-17 jrmu name=Dns.Vhost
10 5127fd58 2021-12-17 jrmu targets=Openbsd.Openbsd,Openbsd.Znc,Openbsd.Psybnc
11 5127fd58 2021-12-17 jrmu text=(:title Configuring unique vhosts:)%0a%0aIRC users often ask for custom vhosts.%0a%0a!! How IRC servers check vhosts%0a%0aWhen an IRC client first connects to an IRC server, the server will take your IP address and perform a [[openbsd|rDNS/reverse lookup]]. For example, suppose your IP address is @@192.168.0.1@@. To perform a reverse lookup, run:%0a%0a[@%0a$ dig -x 192.168.0.1%0a%0a;; ANSWER SECTION:%0a1.0.168.19.in-addr.arpa. 60 IN PTR example.ircnow.org.%0a@]%0a%0aThis means that the IP address 192.168.0.1 is pointed to by the domain example.ircnow.org. Now, the IRC client will perform forward DNS resolution, which you can perform yourself by running:%0a%0a[@%0a$ dig example.ircnow.org%0a%0a;; ANSWER SECTION:%0aexample.ircnow.org. 3600 IN A 192.168.0.1%0a@]%0a%0aNotice how the reverse and forward DNS lookups both match and confirm one another. When this happens, anyone IRC connection that connects from this IPv4 address will have the vhost example.ircnow.org. So, if you logged in with nickname @@john@@ and ident @@brown@@, you would have the following hostmask: @@john!brown@example.ircnow.org@@.%0a%0a!! IPv6 to the Rescue%0a%0aNotice however that a single IP address can only have one possible vhost. Even if you have multiple domains pointing to the same IP address, each IP address can only have a single rDNS entry associated with it. In other words, when you run @@$ dig -x 192.168.0.1@@, you only get one possible answer.%0a%0aIf we only had IPv4 addresses, each IPv4 address can only have one possible vhost. Since the world is running out of IPv4 addresses, it would cost a lot of money to assign unique vhosts using IPv4 addresses only.%0a%0aThis is why we rely upon IPv6 addresses to provide unique vhosts. Normally, the ISP will provide an entire /64 or /48 subnet of IPv6 addresses for each server instead of a single IPv4 address.%0a%0aNow you can assign vhosts to your heart's content. All you need is one AAAA record for each hostname and to configure the rDNS entry for the IPv6 address.%0a%0aFor example, suppose you configure cooldude.ircnow.org to point to 2001:db8::c001:d00d, and you configure the rDNS of 2001:db8::c001:d00d to point to cooldude.ircnow.org. Then, when you bind to the IPv6 address 2001:db8::c001:d00d to connect to an IRC network which supports IPv6 connections, the IPv6 server will give you the vhost @@cooldude.ircnow.org@@.%0a%0a!! Binding to an IP address%0a%0aWhen you use a bouncer (such as [[openbsd/znc|znc]] or [[openbsd/psybnc|psybnc]]), you tell the bouncer to set the bindhost of a user to a specific IPv6 address or hostname. That way, the bouncer will use that IP address to connect. If you want a custom vhost, set it to the hostname or IPv6 address that you want to give to the user. And remember -- both the forward and reverse DNS must be configured properly!%0a%0aWhen creating DNS records, I recommend creating both an A and AAAA record for each hostname. This will provide a fallback for networks that only support either IPv4 or IPv6. For example, cooldude.ircnow.org could have both an A record of 192.168.0.1 and an AAAA record of 2001:db8::c001:d00d. That way, when the bouncer binds to the hostname cooldude.ircnow.org, it can choose the IPv6 address if the IRC network supports IPv6, and it can choose IPv4 if the IRC network only supports IPv4.%0a
12 5127fd58 2021-12-17 jrmu time=1627441547
13 5127fd58 2021-12-17 jrmu title=Configuring unique vhosts
14 5127fd58 2021-12-17 jrmu author:1627441547=jrmu
15 5127fd58 2021-12-17 jrmu diff:1627441547:1627441547:=1,43d0%0a%3c (:title Configuring unique vhosts:)%0a%3c %0a%3c IRC users often ask for custom vhosts.%0a%3c %0a%3c !! How IRC servers check vhosts%0a%3c %0a%3c When an IRC client first connects to an IRC server, the server will take your IP address and perform a [[openbsd|rDNS/reverse lookup]]. For example, suppose your IP address is @@192.168.0.1@@. To perform a reverse lookup, run:%0a%3c %0a%3c [@%0a%3c $ dig -x 192.168.0.1%0a%3c %0a%3c ;; ANSWER SECTION:%0a%3c 1.0.168.19.in-addr.arpa. 60 IN PTR example.ircnow.org.%0a%3c @]%0a%3c %0a%3c This means that the IP address 192.168.0.1 is pointed to by the domain example.ircnow.org. Now, the IRC client will perform forward DNS resolution, which you can perform yourself by running:%0a%3c %0a%3c [@%0a%3c $ dig example.ircnow.org%0a%3c %0a%3c ;; ANSWER SECTION:%0a%3c example.ircnow.org. 3600 IN A 192.168.0.1%0a%3c @]%0a%3c %0a%3c Notice how the reverse and forward DNS lookups both match and confirm one another. When this happens, anyone IRC connection that connects from this IPv4 address will have the vhost example.ircnow.org. So, if you logged in with nickname @@john@@ and ident @@brown@@, you would have the following hostmask: @@john!brown@example.ircnow.org@@.%0a%3c %0a%3c !! IPv6 to the Rescue%0a%3c %0a%3c Notice however that a single IP address can only have one possible vhost. Even if you have multiple domains pointing to the same IP address, each IP address can only have a single rDNS entry associated with it. In other words, when you run @@$ dig -x 192.168.0.1@@, you only get one possible answer.%0a%3c %0a%3c If we only had IPv4 addresses, each IPv4 address can only have one possible vhost. Since the world is running out of IPv4 addresses, it would cost a lot of money to assign unique vhosts using IPv4 addresses only.%0a%3c %0a%3c This is why we rely upon IPv6 addresses to provide unique vhosts. Normally, the ISP will provide an entire /64 or /48 subnet of IPv6 addresses for each server instead of a single IPv4 address.%0a%3c %0a%3c Now you can assign vhosts to your heart's content. All you need is one AAAA record for each hostname and to configure the rDNS entry for the IPv6 address.%0a%3c %0a%3c For example, suppose you configure cooldude.ircnow.org to point to 2001:db8::c001:d00d, and you configure the rDNS of 2001:db8::c001:d00d to point to cooldude.ircnow.org. Then, when you bind to the IPv6 address 2001:db8::c001:d00d to connect to an IRC network which supports IPv6 connections, the IPv6 server will give you the vhost @@cooldude.ircnow.org@@.%0a%3c %0a%3c !! Binding to an IP address%0a%3c %0a%3c When you use a bouncer (such as [[openbsd/znc|znc]] or [[openbsd/psybnc|psybnc]]), you tell the bouncer to set the bindhost of a user to a specific IPv6 address or hostname. That way, the bouncer will use that IP address to connect. If you want a custom vhost, set it to the hostname or IPv6 address that you want to give to the user. And remember -- both the forward and reverse DNS must be configured properly!%0a%3c %0a%3c When creating DNS records, I recommend creating both an A and AAAA record for each hostname. This will provide a fallback for networks that only support either IPv4 or IPv6. For example, cooldude.ircnow.org could have both an A record of 192.168.0.1 and an AAAA record of 2001:db8::c001:d00d. That way, when the bouncer binds to the hostname cooldude.ircnow.org, it can choose the IPv6 address if the IRC network supports IPv6, and it can choose IPv4 if the IRC network only supports IPv4.%0a
16 5127fd58 2021-12-17 jrmu host:1627441547=38.87.162.8
