Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 12 days ago.
Improve this question
I am trying to set up dnsmasq on my test VM to map calls to *.googleapis.com to *.private.googleapis.com as documented here. I cannot get storage.googleapis.com to resolve to storage.private.googleapis.com through a CNAME record
My dnsmasq.conf looks like this
listen-address=::1,127.0.0.1
auth-server=localhost
address=/private.googleapis.com/199.36.153.8
address=/private.googleapis.com/199.36.153.9
address=/private.googleapis.com/199.36.153.10
address=/private.googleapis.com/199.36.153.11
cname=*.googleapis.com,private.googleapis.com
my /etc/resolv.conf
nameserver 127.0.0.1
nameserver 8.8.4.4
nameserver 8.8.8.8
dig storage.private.googleapis.com
resolves as expected to 199.36.153.8/30 but
dig storage.googleapis.com
does not resolve to the same addresses and is resolved through the public 8.8 name servers.
What am I missing? Thanks a lot in advance.
Answering my own question here. I think dnsmasq may not be the best tool to accomplish this. I created a private zone in bind with the config below and I was able to access Google Cloud Storage through the private APIs. On CentOS 7.7 (/var/named/googleapis.com.zone):
$TTL 1D
# IN SOA node-bind-server.mydomain.com. root.node-bind-server.mydomain.com. (
2017031301 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
googleapis.com. IN NS node-bind-server.mydomain.com.
private.googleapis.com. IN A 199.36.153.8
private.googleapis.com. IN A 199.36.153.9
private.googleapis.com. IN A 199.36.153.10
private.googleapis.com. IN A 199.36.153.11
*.googleapis.com. IN CNAME private.googleapis.com.
and my /etc/named.conf references this file
zone "googleapis.com" IN {
type master;
file "googleapis.com.zone";
};
and my named version
[root#node-bind-server etc]# named -v
BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.13 (Extended Support Version) <id:7107deb>
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 days ago.
Improve this question
I ve a local webserver. I use it for my guests to scan QR Codes and order/view menus etc. The server has local IP "10.0.0.250" , available to all guests and the domain name is "orderfood.gr" (Static dns set on Mikrotik orderfood.gr = IP 10.0.0.250). I am redirecting all port 53 traffic to the router in order to avoid guests with static DNS such as 8.8.8.8, 1.1.1.1 etc (and that works fine). However some mobiles cannot translate the IP of the domain. After struggling i've found that most times this happens is because of the Private DNS service (set ON by default on some mobiles). Is there a way i can prevent this from happening ?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
Edit:
So apparently these are not really IP-addresses but rather hostnames.
I tried out the netstat to find any suspectful connections and then I found quite some remote-addresses that were really weird to me, for example the following:
ec2-3-235-82-211:https
fra24s07-in-x0a:https
g2a02-26f0-0300-0000-0000-0000-5c7a-f589:https
wm-in-xbd:https and
156:https
I was wondering what any of these mean and also what the in means at 2. and 4.?
Those are not IP addresses. They are hostnames that come from reverse DNS resolution, with most of the name cut off due to how netstat presents them. By passing --notrim you should be able to see the full hostnames. Alternatively, passing --numeric will disable hostname resolution altogether.
Taking a guess:
3.235.82.211, hosted on Amazon EC2. Looks like it's owned by Zoom (checked https certificate)
fra24s07-in-x0a.1e100.net, google infrastructure of some kind (I googled the fra24s07-in-x0a string, and 1e100.net is google owned). Going to that url over https gives me a google 404 page.
2a02:26f0:0300::5c7a:f589, an IPv6 address, used by Akamai (a content delivery network provider), found by going there and seeing the HTTPS certificate
Unclear. Maybe wm-in-xbd.1e100.net (another google IP); going to that url over https gives me a google 404 page.
Unclear
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
Using static routes is it possible to access a host with an IP address of 1.2.3.4 on port 4000 that is connect to rtrnode on a wlan network that has a public ip address of x.x.x.14 from a remote host (h1)?
h1 -------router-------INTERNET-------(public IP(x.x.14)) = rtrnode(1.2.3.3)---------destination(1.2.3.4)
NO: Unless:You tunnel. This way the foreign LAN is a hop from the LAN you are on according to the routers on both ends that handle the packetizing and perform the VPN. It is easiest to set this up using firewalls like : PFSense or the likes. This link explains, there are many more: http://www.makeuseof.com/tag/vpn-tunnel-set/. You cannot route across the Internet with static routes unless you have control over the routers that are routing. They run BGP and will direct your traffic to the valid IP you are incorrectly using in your private LAN.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I want the IP address of https://sfbay.craigslist.org.
C:\Users\dude>ping https://sfbay.craigslist.org
Ping request could not find host https://sfbay.craigslist.org.
Please check the name and try again.
So, I tried nslookup. None of the IP's in the output allow me to connect to the website using a browser. How do I get the right IP & connect ?
C:\Users\nisum>nslookup https://sfbay.craigslist.org/
Server: cachens1.paetec.net
Address: 66.155.216.122
Non-authoritative answer:
Name: https://sfbay.craigslist.org/
Addresses: 104.239.198.84
198.105.254.65
Pings usually don't include the protocol. The command below worked for me.
ping sfbay.craigslist.org
you can't access to this webSite with the adresse IP because : this domain name is one of many subdomain that use one adresse IP : 208.82.237.2, for this you can just access with a Sub DNS.
here is the main site with details :
Details of 208.82.237.2
IP Address : 208.82.237.2
Location : United States (95% accuracy)
Host Name : cities.craigslist.org
you can use this link to test it : www.hcidata.info
also you can refer to this link : StackOverFlow
Maybe
Ifconfig sfbay.craigslist.org
Or
dig sfbay.craigslist.org
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have such configuration for my network.
WAN:
ether1 10.20.30.5/24
LAN:
ether5 192.168.1.254/24 and 192.168.10.254/24(DHCP)
I have Created Some queue for those ips.
I have to Access File/Folders from a Local Windows Server(192.168.1.2). When i access file/folders from the block 192.168.1.0/24 everything ok. But when i access file/folders from the block 192.168.10.0/24, it Showing on Queue and get very slow access.
I want to access File/Folders like 192.168.1.0/24 block if i use ip block 192.168.10.0/24.
Extremely Sorry for my poor English.
Give the Mikrotik an IP in the 192.168.1.0/24 subnet such as .254.
/ip address add address=192.168.1.254/24 interface=ether5
Tell servers in the 192.168.1.2 ip range to use 192.168.1.254 as the default gateway. Check that these servers can ping the clients in the 192.168.10.0 range. All file server traffic between the subnets will be routed by the Mikrotik. I believe this arrangement will work however I have been unable to test the routing for myself.
I recommend moving the 192.168.1.0 and 192.168.10.0 subnets to different ethernet ports if isolation is required. If it is not required then you are much better off using a single subnet to encompass all the devices. You could expand the subnet mask to 192.168.0.0/20 which will include 192.168.0.0-192.168.15.255 for example.
I've gotten a simple solution.
I just Mark Packet all of my Local Subnets. Then Assign High Bandwidth(500M) on Queue List.
Now, All users can communicate will full speed. :)
You can try
ip firewall mangle add
chain=prerouting action=mark-packet new-packet-mark=Local passthrough=no
src-address=192.168.0.0/16 dst-address=192.168.0.0/16 log=no
log-prefix=""
queue simple add
name="Local" target=192.168.0.0/16 parent=none packet-marks=Local
priority=8/8 queue=default-small/default-small limit-at=0/0
max-limit=500M/500M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s