Adding dedicated IP breaks site (visitors land on default site)

Discussion in 'Plesk Automation Suggestions and Feedback' started by SteveITS, Apr 14, 2015.

  1. SteveITS

    SteveITS Tera Poster

    Messages:
    277
    Starting point: a working site using a shared IPv4, dedicated IPv6, and SSL. HTTP and HTTPS work, the latter only using SNI of course.

    The good news: If I simply allocate an IP resource of 1 to a subscription it is pulled from the pool, assigned to the service node, assigned to the web site, DNS is updated, and the site is automatically changed to using a Dedicated IPv4 and Dedicated IPv6.

    The bad news: visitors land on the default web site of the service node, with the default SSL certificate.

    Other info: I can't ping the new IP, even though it shows in "ip a l" and /etc/sysconfig/network-scripts/ifcfg-eth0:0. [edited]

    After the IP assignment, it is still installed, and /etc/httpd/conf/plesk.conf.d/ip_default/domainname.conf shows the new certificate is being used.

    However, a second set of VirtualHost entries is created in server.conf for this IP for ports 80 and 443, with NameVirtualHost enabled on the new IP. The port 443 entry uses the default certificate. Someone correct me please but from my knowledge of Apache's setup this default VirtualHost entry will override the web site configuration because Apache is listening on port 443 with the wrong cert.

    If I go to "Change webspace settings" and toggle to Shared IPv4, Dedicated IPv6 the site works again via HTTPS, and Dedicated IPv4 and Dedicated IPv6 breaks it again. Setting the SSL cert to None and back again does not help.

    Setting the SSL cert to None, changing to a dedicated IP, and enabling SSL results in the server being inexplicably inaccessible...browsers no longer connect to either the default site or the correct site, and I don't see any entries in the vhosts's logs.

    This seems seriously broken...?
     
    Last edited: Apr 16, 2015
  2. SteveITS

    SteveITS Tera Poster

    Messages:
    277
    After rereading the docs on Configuring IP Pools, I believe the problem is that PPA is pulling the "dedicated" IP address from a pool marked Shared. The video on that page specifically says to mark pools Shared. I tried created a Dedicated pool and assigned it to that web service node, but PPA still pulls a Shared address. I don't see a way to specify which IP pool to use when selecting the IP address type or increasing the resource limits (which assigns an IP without prompting)...how can I do that?
     
    Last edited: Apr 16, 2015
  3. SteveITS

    SteveITS Tera Poster

    Messages:
    277
    For what it's worth I tried assigning only a Dedicated IP pool, and PPA refuses to activate sites unless a Shared pool is available. So what is the purpose of Dedicated IPs if they are never used?
     
  4. SteveITS

    SteveITS Tera Poster

    Messages:
    277
    I think I found most of my problem. I will have to test again but I am thinking now I was fighting browser caching and/or DNS propagation somewhat. I added a comment to the above Configuring IP Pools page (which only mentions host-routed interfaces), but to recap here:

    Per this forum thread IPs PPA adds to Virtuozzo/Cloud Server containers using bridged mode don't work either, so in all cases IPs need to be added to the container and then set up in an IP pool in PPA, then used.

    I remain confused about why Dedicated pools exist. :confused:
     
  5. Starl1ght

    Starl1ght Just a cat

    Messages:
    81
    Steve, afaik, all PPA licenses are comes with unlimited support. Why you can't create support ticket, and engineers shall check what's wrong and make recommendations for you? :)
    Usually, it is not possible to help without touching your installation, so, that's why Odin has support team at first place.
     
  6. SteveITS

    SteveITS Tera Poster

    Messages:
    277
    I'm not sure if that's true about the support. http://kb.odin.com/en/114130 says both:
    • For Odin Partners. Partner support options vary based on a Partner status. If you need information on support options available for your Partner level, please contact your Sales representative.
    • [Free] For customers using Plesk Automation:
    That implies to me partners don't have free support? I'll ask our sales contacts. OTOH the above link came from http://www.odin.com/support/plesk-suite/ppa/ which says PPA's system requirements are RHEL/CentOS 5 for the management node and no Server 2012 support which are both wrong per the docs.

    The problem is that we're still on a trial version. I told sales I was ready to go in late March and didn't get a response for a couple weeks, then have been discussing partner options since then as they've been lobbying for a higher Partner level. There's a technical sales contact but I have a day or so of responses every couple weeks.
     
  7. Starl1ght

    Starl1ght Just a cat

    Messages:
    81
    Actually, despite of partner level, there are should be free support for PPA. Once you buy normal license (not trial) you can submit tickets to support, using your license key as identifier.
     

Share This Page