httpd 443端口爲何只監聽在tcp6上

時間 2019-11-18

原文原文鏈接

系統redhat7
，httpd已經啓動html

[root@rhcsa conf.d]# netstat -tnpl | grep 443
tcp6       0      0 :::443                  :::*                    LISTEN      1229/httpd

爲何如上命令只顯示tcp6，而沒有tcp ？node

---------------------------------------------------apache

監聽了tcp6後，tcp也能夠用的。app

雖然這個只顯示了IPv6的端口監聽，但並不表明只接受IPv6的鏈接，實際上，apache會以mapped address (::FFFF:a.b.c.d) 方式來接受IPv4的鏈接。除了少部分平臺上，例如FreeBSD，NetBSD，OpenBSD以外， Apache在編譯時，默認啓用了 --enable-v4-mapped 選項。因此，Apache會同時接受IPv6和IPv4的鏈接請求。
除非是 IPV6_V6ONLY 模式開啓，才須要兩個不一樣的socket來分別監聽IPv6和IPv4.IPV6_V6ONLY模式能夠經過 sysctl net.ipv6.bindv6only 來控制，默認是關閉的。若是你實在願意在netstat中只看到IPv4端口的監聽，那麼，你能夠修apachezhttp.conf 中，將
Listen 80
修改成
Listen 0.0.0.0:80less

具體信息，請參考 https://httpd.apache.org/docs/2.2/bind.htmlsocket

----------------------------------------------------------------------------------------------------------tcp

Apache > HTTP Server > Documentation > Version 2.2ide

Please note

This document refers to the 2.2 version of Apache httpd, which is no longer maintained. The active release is documented here. If you have not already upgraded, please follow this link for more information.ui

You may follow this link to go to the current version of this document.this

Binding

Available Languages: de | en | fr | ja | ko | tr

Configuring Apache to listen on specific addresses and ports.

Overview

Related Modules	Related Directives
`core` `mpm_common`	`<VirtualHost>` `Listen`

When Apache starts, it binds to some port and address on the local machine and waits for incoming requests. By default, it listens to all addresses on the machine. However, it may need to be told to listen on specific ports, or only on selected addresses, or a combination of both. This is often combined with the Virtual Host feature, which determines how Apache responds to different IP addresses, hostnames and ports.

The Listen directive tells the server to accept incoming requests only on the specified ports or address-and-port combinations. If only a port number is specified in the Listen directive, the server listens to the given port on all interfaces. If an IP address is given as well as a port, the server will listen on the given port and interface. Multiple Listen directives may be used to specify a number of addresses and ports to listen on. The server will respond to requests from any of the listed addresses and ports.

For example, to make the server accept connections on both port 80 and port 8000, on all interfaces, use:

Listen 80 Listen 8000

To make the server accept connections on port 80 for one interface, and port 8000 on another, use

Listen 192.0.2.1:80 Listen 192.0.2.5:8000

IPv6 addresses must be enclosed in square brackets, as in the following example:

Listen [2001:db8::a00:20ff:fea7:ccea]:80

Special IPv6 Considerations

A growing number of platforms implement IPv6, and APR supports IPv6 on most of these platforms, allowing Apache to allocate IPv6 sockets, and to handle requests sent over IPv6.

One complicating factor for Apache administrators is whether or not an IPv6 socket can handle both IPv4 connections and IPv6 connections. Handling IPv4 connections with an IPv6 socket uses IPv4-mapped IPv6 addresses, which are allowed by default on most platforms, but are disallowed by default on FreeBSD, NetBSD, and OpenBSD, in order to match the system-wide policy on those platforms. On systems where it is disallowed by default, a special configure parameter can change this behavior for Apache.

On the other hand, on some platforms, such as Linux and Tru64, the only way to handle both IPv6 and IPv4 is to use mapped addresses. If you want Apache to handle IPv4 and IPv6 connections with a minimum of sockets, which requires using IPv4-mapped IPv6 addresses, specify the --enable-v4-mapped configure option.

--enable-v4-mapped is the default on all platforms except FreeBSD, NetBSD, and OpenBSD, so this is probably how your Apache was built.

If you want Apache to handle IPv4 connections only, regardless of what your platform and APR will support, specify an IPv4 address on all Listen directives, as in the following examples:

Listen 0.0.0.0:80 Listen 192.0.2.1:80

If your platform supports it and you want Apache to handle IPv4 and IPv6 connections on separate sockets (i.e., to disable IPv4-mapped addresses), specify the --disable-v4-mapped configure option. --disable-v4-mapped is the default on FreeBSD, NetBSD, and OpenBSD.

How This Works With Virtual Hosts

The Listen directive does not implement Virtual Hosts - it only tells the main server what addresses and ports to listen on. If no <VirtualHost> directives are used, the server will behave in the same way for all accepted requests. However, <VirtualHost>can be used to specify a different behavior for one or more of the addresses or ports. To implement a VirtualHost, the server must first be told to listen to the address and port to be used. Then a <VirtualHost> section should be created for the specified address and port to set the behavior of this virtual host. Note that if the <VirtualHost> is set for an address and port that the server is not listening to, it cannot be accessed.

Available Languages: de | en | fr | ja | ko | tr

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.