I want to ping internal application URL like http://test.com:8080/ , but it through error as unknown host , because there is DNS server or no standard setting for this server.
Thats means i have internal application which means application running in within network(only our network can access this application). if ping this url , it throws unknown host.
Please advise is there any way to ping internal application ?
You ping hosts, not applications. ping relies on the ICMP protocol, which is completely outside of TCP, so it has no concept of ports (ports are a TCP thing). What you need to do is make sure that your test.com resolves to the correct IP address (the simplest way to do it would be to put the address statically into /etc/hosts).
For example, if you're test.com is at 10.0.0.1, your /etc/hosts on your local machine should contain a line with 10.0.0.1 test.com or you should ping 10.0.0.1 directly (ping 10.0.0.1).
Additionally, on the server, make sure that incoming ICMP requests aren't ignored (echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all) (usually by default, they aren't).
Related
I made a nginx server at 192.168.1.106 and I can access it from the host computer but it doesn't show when I access it on a computer in the same network. But I can ssh into the server from a different computer using the same address. I checked my firewall to make sure it isn't blocking anything.
How do I access the server form a different computer?
> iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
The server_namedocs directive is used to identify virtual hosts, they're not used to set the binding.
netstat tells you that nginx listens on 0.0.0.0:80 which means that it will accept connections from any IP.
If you want to change the IP nginx binds on, you have to change the listendocs rule.
So, if you want to set nginx to bind to localhost, you'd change that to:
listen 127.0.0.1:80;
In this way, requests that are not coming from localhost are discarded (they don't even hit nginx).
Recently I found that I was able to bind Apache on 127.0.0.73 without 127.0.0.73 to be present.
Only 127.0.0.1 is present as normal.
I also spoke with a friend and he said that is "normal" on Linux and probably on Windows and not works on MacOS, but he has no idea why.
I can do following:
[nmmm#zenbook nmmm]$ curl 127.10.0.123
curl: (7) Failed to connect to 127.10.0.123 port 80: Connection refused
and it shows that whole A class network is available.
How this works?
I do not see anything special in ifconfig and ip, except lo interface has no broadcast. Is that the key point?
According to https://en.wikipedia.org/wiki/Localhost
IPv4 network standards reserve the entire address block 127.0.0.0/8 (more than 16 million addresses) for loopback purposes.2 That means any packet sent to any of those addresses is looped back. The address 127.0.0.1 is the standard address for IPv4 loopback traffic; the rest are not supported by all operating systems. However they can be used to set up multiple server applications on the host, all listening on the same port number. The IPv6 standard assigns only a single address for loopback: ::1.
Or from https://www.rfc-editor.org/rfc/rfc3330
127.0.0.0/8 - This block is assigned for use as the Internet host
loopback address. A datagram sent by a higher level protocol to an
address anywhere within this block should loop back inside the host.
Even though you can't see anything from ifconfig or ip, you still can ping all the addresses in that 127.0.0.0/8 block.
I've got a cheap openvz Ubuntu vps and i'm trying to run my own dns server on it for learning purpose.
The dns server works fine in localhost (on the vps through ssh), i can query it using dig google.com #127.0.0.1 and i get the expected result (which is not the IP of google.com but a custom one).
When i try to query the dns server from outside the vps, using the same command, I do get a reply but the IP is not what I expect (it's an actual google.com IP).
After further investigation I found out my dns server is not receiving/sending packets when the query is done from outside the vps. So the answer is sent by something else, it seems like inbound packets with destination port 53 are deviated, they do not even reach my dns server.
I tried to query my dns server, still from outside, but this time while the VPS was SHUTDOWN. Magically i got a reply from god knows who.
Changing port from 53 to 54 everything works perfectly.
The problem is i need it to use port 53.
I don't have iptables rules nor any other firewall doing something related to port 53
I also tried to query some other random vps, from different hosting providers, seems like everyone has a dns server running! Why does everyone reply?
Of course i asked technical support, that's what they said:
Hello,
Sorry but we don't do "software" technical support on VPS.
We deliver the hosting and the operating systems, customers that order VPS are their own admins, and have to know how to manage a linux server.
We don't block any port on our side.
Best regards,
Support
Mybe your dns server is bound to the loopback interface only (so it's only listening on localhost). You can check the current service ports used (udp for DNS) using netstat and filter (grep) udp port used
netstat -an | grep ":53"
Also you can test the same dns query using the nslookup command, and checking the dns server ip that answer your dns query, in the result output:
nslookup google.com [dns_server_ip]
Also test it without dns_server_ip to check if there is a default nameserver when the specified nameserver is not responding.
Problem solved, it's my ISP intercepting and replying to dns queries.
I can do dig google.com #1.2.3.4 and i get a reply :D
Who wants to know more about this:
ISP Intercepting DNS Lookups
I recently got to know about DNS (Domain Name System Or Domain Name Server) and how it works. I want to know - can I access to a website by using its IP address and how?
-ThankYou
TL;DR: It depends how the server is configured but probably not and I would not rely on it.
This is because the website you are trying to access is likely behind a reverse proxy or load balancer. The load balancer acts like a railroad switch depending on the hostname you use to connect to it.
For simplicity, imagine that google.com and mail.google.com are on the same server with the same IP: 192.168.1.1.
If you were to try to connect directly to http://192.168.1.1/, how would the web server know which service you wanted? It wouldn't. In fact there are companies who's business is based solely around load balancing other companies' servers.
When you connect to a host with your browser, for example: https://www.google.com, your browser sends a special HOST=www.google.com header behind the scenes. The load balancer processes this header and routes the request to the correct server (which may be on a completely different server, network, etc).
Digital Ocean has a great tutorial on how to configure a basic virtual host for nginx. This demonstrates the basics of what a multi-host configuration might look like.
If you don't want to mess with DNS servers, you could set up a local lab environment on your desktop simply by modifying your hosts file. You can google where your operating systems hosts file is located.
If you have access to cURL, you can test the results like so:
# if you've configured a virtual host for mysite01.local on port 80
curl --verbose --header 'Host: mysite01.local' 'http://127.0.0.1'
# if you've configured a virtual host for mysite02.local on port 80
curl --verbose --header 'Host: mysite02.local' 'http://127.0.0.1'
# depending on your configuration this may return a 404 or point to one of your previous sites
curl --verbose 'http://127.0.0.1'
Yes, you can access any domain using IP address. Domain is just a name of website, IP address is the address of the page/website.
You can always ping website using command prompt:
ping www.google.com
You get one ip address which in this case is 216.58.197.78. Now when you hit the ip address in browser you will be redirected to google.com.
You can think of DNS (Domain Name System) as a table which provides mapping between IP address(216.58.197.78) and domain name(www.google.com)
I have a CentOS server at home that I'm trying to put a website on. I put the index.html in the /var/www/html/ folder and can access it from another computer on the local network (with 'http://192.168.etc'). The problem comes when I try to access it from the web with my ip (http://34.52.xx.xx). I turned off iptables when I tried to access it to rule out a firewall issue with no success. I use Comcast and read that they sometimes block port 80 so I edited the /etc/httpd/conf/httpd.conf to listen on port 8000 in addition to 80 incase port 80 was blocked (httpd restarted after changes). When I enter 'http://myIP:8000' with iptables down I still don't get my page to show up.
What am I missing?
Thanks!
You surely have one public IP address let say 34.52.01.01 and you surely have “several” private IP addresses 192.168.1.1/192.168.1.2 ...
Between both worlds there’s a layer in your router call NAT (Network Address Translation) that
allows a request started from let say 192.168.1.2 to reach the external world (let say google.com), when the external world provides an answer for such a request it's your router NAT who knows that that answer must be routed back to 192.168.1.2
But if you have a request originated in the exterior world pointing to 34.52.01.01 you do not have an HTTP server
on that address then you need in your router some forwarding rule saying let say if you receive a TCP request in port 80 route it to 192.168.1.5 that is the internal address of your HTTP server…
You need to add port forwarding to your router…