Domain Management

It is now common for a single machine to be responsible for multiple domains.  In the past, accomplishing this meant having multiple network interfaces, with one IP address dedicated to each interface.  This technique is called multi-homing.

Today, you can have one interface listen on multiple IP addresses.  This process is called multi-hosting, or virtual-hosting.  The term virtual domains is often used for this technique because it is common in an Internet Service Provider (ISP) environment to have one interface handle several IP addresses, where each IP address is dedicated to one entire domain.

Virtual domains aren't useful unless your server software is able to differentiate between them.  NcFTPd lets you have the server configured differently for each domain, with each having it's own logs, messages, users, and anonymous FTP directory structures.  NcFTPd allows you to give the illusion that the machine is dedicated to a particular virtual domain, without hinting that the machine could be responsible for a hundred more.

There is also another type of virtual hosting, where one IP address is responsible for multiple domains.  For example, when a user tries to connect to www.foo.com, the Domain Name Service (DNS) entry may point that name to the IP address 10.0.0.1.  Another user could try to connect to www.bar.com, and have DNS also point that name to the IP address 10.0.0.1.  This type of virtual hosting requires the application protocol in use to allow the client to differentiate between them.  This is possible using HTTP, where the remote client could connect to 10.0.0.1 and say to the effect "The document I want is on www.bar.com."  This type of virtual hosting is not possible with FTP, because the protocol itself does not support a remote FTP client to specify which server they think they are communicating with.  Therefore, for virtual hosting to work with FTP, a different IP address is required for each virtual domain.

Even if your machine isn't hosting virtual domains, you can still experiment with different domain configurations.  Don't forget that you have the loopback interface (with IP address 127.0.0.1) to use as a second interface, in addition to your primary interface.  You can set up a different domain configuration for the loopback, and another for your regular interface.  You can then try using ftp to either address and watch how NcFTPd can act differently for each.
 

Understanding how a domain is determined
NcFTPd listens on all the addresses available on the server host.  When a new connection from a remote user is established, NcFTPd examines the IP address on the server host that the client connected to.  NcFTPd then goes through the list of domains it was configured for, and looks to see if the IP for the new connection matches an IP address listed in a domain configuration.  If a match is found, NcFTPd uses that domain's configuration for the remainder of the connection; if no match is found, NcFTPd uses the first configuration.  The first configuration is the default domain.

Select an example below, or click the red right arrow below to proceed to the first example.

  • Example 1: Single-domain, anonymous and non-anonymous FTP
  • Example 2: Small ISP hosting two virtual domains
  • Example 3: ISP wants to provide anonymous access and restricted user access
  • Example 4: Admin wants user+password access, but not real user accounts
  • Up
     NcFTPd Home Next: Example 1