I just setup IPv6 on my network.
I have a single A record for server.mydomain.com with about 10 CNAMEs referencing specific services proxied by NGINX.
NGINX defines each of these with a server_name directive in the appropriate SERVER block along with the listen directives.
I just added my AAAA for the server.mydomain.com as well so I can find the IPv6 address.
I modified one of these configurations for files.mydomain.com to listen on IPv6 by adding the second line here:
listen 443 ssl http2;
listen [::]:443 ssl http2;
This appears to work, and my files.mydomain.com answers now on IPv6.
The problem is that all ~9+ other sites I have with different server_name directives all get directed to the files site.
I believe this is happening because files.mydomain.com is the only one with a "listen [::] 443" directive, so it in essence becomes the "default server" for everything over IPv6?
If I go and enable IPv6 with the appropriate listen directive on the other sites, then they properly route the host header to the server_name directive. However I don't necessarily want to enable IPv6 on every site.
Is there a way to run all of these on the same port (443), but ensure that host headers are only answered if they match?
I suppose I can just enable the " listen [::]:443 ssl http2;" directive on the default web-site as well.... Is this the best/recommended way?
thanks