GetHostEntry vs GetHostAddresses - websocket

I've been trying to find the correct situtation when to use GetHostAddresses or GetHostEntry. I understand by reading this article (http://msdn.microsoft.com/en-us/library/ms143998(v=vs.110).aspx) that GetHostEntry will do the reverse dns lookup and GetHostAddresses does not..
However under what exact scenario you need to use GetHostEntry rather than GetHostAddresses? also, what is the primary reason for GetHostEntry method to perform reverse DNS lookup?

GetHostEntry(hostNameOrAddress)
The GetHostEntry method queries a DNS server for the IP address that is associated with a host name or IP address.The method assumes that if an IP literal string is passed in the hostNameOrAddress parameter that the application wants an IPHostEntry instance returned with all of the properties set. These properties include the AddressList, Aliases, and HostName.
This method can be used if you want to find the hostname associated with an IP address.
Reverse DNS is mostly for such things as tracking where a web-site visitor came from, or where an e-mail message originated etc. It is typically not as critical in as forward DNS - visitors will still reach your web-site just fine without any reverse DNS for your web-server IP or the visitor's IP. Reverse DNS is important for one particular application.Many e-mail servers on the Internet are configured to reject incoming e-mails from any IP address which does not have reverse DNS.
GetHostAddresses(hostNameOrAddress)
But the GetHostAddresses method queries a DNS server for the IP addresses associated with a host name. If hostNameOrAddress is an IP address, this address is returned without querying the DNS server. This query will return all the IP addresses related to the hostname you provide.
The difference between GetHostEntry and GetHostAddresses is that whenever you give an IP address to GetHostEntry it will query the DNS server and try to get the hostname for that IP address and then get all the addresses associated with it.If the data for a successfull reverse resolve is not in your DNS server, this will fail.

One scenario where I see it useful as opposed to GetHostAddresses would be if you already know one IP address of a host and want to find the other IP Addresses. If an IP is specified as parameter, GetHostEntry would return all addresses while the GetHostAddresses will return only one (when IP is specified as parameter).

Related

Google Cloud Global Forwarding: Invalid value for field resource.IPAddress

I am trying to implement https support for my GCP VM. For the purpose, I created all the load balancing components i.e. instance group, health check, backend service, url map & target proxy. All were created without error.
However now when I am creating a global forwarding rule for the final step, I am getting the following error:
ERROR: (gcloud.compute.forwarding-rules.create) Could not fetch
resource:
- Invalid value for field 'resource.IPAddress': '35.xxx.xxx.xxx'. Invalid IP address specified.
I am using the following command:
gcloud compute forwarding-rules create fa-global-fwding-rule-1 --target-https-proxy=fa-https-proxy-1 --ports=443 --global --address=35.xxx.xxx.xxx
(IP add digits masked with xxx)
What am I missing?
I already have a working VM instance through http where I had promoted its ephemeral address to a static address (above is the same address 35.xxx.xxx.xxx)
Also once I implement https support, I want the http connect to continue working as well so that my existing apis are not disturbed until I move them to https
Any advice/help?
GCPs Load Balancer does not check to see if the static IP you picked was regional or global. If you accidentally reserved a "regional" IP instead of a "global" IP, it throws that silly error:
Invalid value for field 'resource.IPAddress': '35.xxx.xxx.xxx'.
Invalid IP address specified.
I don’t find any issues with your command, this kind of error is mostly observed due to IP conflict if the specified IP address is in use or not available. The Forwarding Rules map the IP address for your load balancer to the Target Proxy that will handle the requests.So first you will need to create your IP address though. Using this command:
$gcloud compute addresses create my-address --global
And then create a forwarding rule. You will need a global, rather than regional, IP address for your HTTPS load balancer. Using this command :
$gcloud compute forwarding-rules create my-https-forwarding-rule --global
--address 123.123.123.123 --ip-protocol TCP --port-range 443
--target-https-proxy my-https-proxy
Can you confirm if you are using a global or a regional IP address?
For HTTP, You need to create a totally separate Target HTTP Proxy and Forwarding Rule for HTTP. You essentially need to have two load balancers to handle the traffic, and then actually redirect users in your application. Notice that we put the same IP address in for the HTTP Forwarding Rule. This makes it so that we can listen on port 80 and on port 443 at our IP address.

Node.js EADDRNOTAVAIL can't access via external IP

app = require('http').createServer()
app.listen(5000, '75.113.126.31')
Error: listen EADDRNOTAVAIL
People say this error means I'm trying to listen on an IP address that I don't own. But that is my external IP address according to google.
Also, if I omit my IP, it only works when I visit localhost:5000 and 127.0.0.1:5000, visiting 75.113.126.31:5000 doesn't work, even though people say node should listen there too when I don't give a 2nd argument to listen. I also tried listening on IP 0.0.0.0 with no luck accessing it through external IP.
What are the possible causes? I disabled Windows firewall but that didn't help.
Your external IP and your computer's network address often have almost nothing in common. In fact it would be very unusual if they did match.
Normally you bind to 0.0.0.0 if you want your service to be available remotely.
It's also worth noting that if you have some kind of router or firewall you'll need to configure port mapping to get port 5000 to route to your local IP correctly.
ipconfig should show you your actual IP address.
You should also be aware that some routers don't handle mapping internal traffic back to a local IP. Many do, so it's not always a problem, but if it doesn't work that might be the case.
The error message you are getting is correct. I'm going to assume you are on a computer behind a router. That ip address Google is reporting is the ip address assigned to your router not your computer, i.e your computer doesn't own it. You can prove this by running the command ipconfig in a cmd prompt, finding out your eth/wifi ip address, and using that in your app.listen (it'll probably start with 192 or 10), it should work. If you want to make your app public an easier way might be to just forward the port 5000 from your router the computer running the node app. Hope this helps!

How to find whether the ip address is proxy/vpn/vps

I have a hosted web application, I would like to prevent signup from proxy/VPN/VPS ip address. How do i check whether the users ip address is proxy/vpn/vps syste.
For example clixsense.com site, users can't create account, it shows cannot access from proxy/vpn/vps ip address.
Thanks in advance.
Clixsense.com may pay someone who knows that certain sites are proxy/vpn/vps sites and are then able to block those sites. Short of that, there is nothing special about an IP address that would tell you that one is a proxy address vs. an actual endpoint address.
For example, network address translation (NAT) is a common form of "proxying". Your typical cable/DSL router makes it possible for more than one person to connect to the internet from your house. You're all sharing the same ISP IP address. The router stores a table of IP address to port numbers that it uses to establish outgoing communications. When a reply from the internet is received, the router performs a lookup and routes the traffic appropriately. From the viewpoint of the server on the internet, it came from that one single IP address that your router is "connected" to from your house, even though your computer has one IP address and your spouse's computer has a different IP address.
HTH.

How to get the user ip address (REMOTE_ADDR / HTTP_X_FORWARDED_FOR) on HTTPS and Load Balancing

I need to get the ip address of the users of my website, because I need to present localized content according to country.
I have a load balancing server and because this I use the HTTP_X_FORWARDED_FOR to get the ip address, its ok, but since I set the HTTPS for the entire site I cannot get the HTTP_X_FORWARDED_FOR data, it returns empty, and only can get the REMOTE_ADDR, but this returns the Load Balancing Server ip address and not the user ip address.
How I can get the user's ip address when using load balancing and HTTPS?
I'm using ASP.NET 2.0
I just discovered that I'm having the exact same problem. In this question they suggest to use HTTP_CLIENT_IP. I haven't tested it myself, let me know if this works.

Question regarding value returned from WebAuthenticationDetails.getRemoteAddress()

I am writing a custom AccessDecisionVoter that will allow access to certain resources only if the remote address of the request is found in a list of allow ip addresses. However, the value of the remote address returned by WebAuthenticationDetails.getRemoteAddress() is in a format that appears to be Ipv6. When running my app locally, this is what is returned by the above method:
0:0:0:0:0:0:0:1%0
I'm storing the allowed address in a comma-delimited list in a properties file. The list is parsed and each allowed address is compared to the remote address, but since I have no idea how to translate an Ipv4 address into an Ipv6 address this comparison will always fail.
So is the value that is always returned by WebAuthenticationDetails.getRemoteAddress() or am I seeing this only because I'm running this locally?
Is there some way to convert this string to an Ipv4 string?
Is there some way to have the method in question return an Ipv4 string instead?
Thanks!
You cannot convert an IPv6 address to an IPv4 address. The represent two different protocols. The address of getRemoteAddress() will be in a format depending on the protocol used to create the request to the webapp. I guess that you see the IPv6 address only when using the app locally. 0:0:0:0:0:0:0:1 is the address of localhost, which is the same as 127.0.0.1 in IPv4. I think you should simply add this IPv6 address to the list of allowed IPs.

Resources