I have been reading up about IPv6 and given that the number of available addresses in in the trillions upon trillions for each household on the internet, could we get to the stage where each computer in a household would have an IP that is unique to that computer, rather than the router that is next to the internet?
With that in mind, could a webserver (that is IPv6 Compatible) be used to track a specific computer's traffic through a website without using any session cookies, such as repeat viewing or if the website is visited in something like incognito mode?
each computer in a household would have an IP that is unique to that computer, rather than the router that is next to the internet?
If you mean no more Network Address Translation, yes, that is possible. Whether or not that actually happens for the internet connection in your house is a different question.
With that in mind, could a webserver (that is IPv6 Compatible) be used to track a specific computer's traffic through a website without using any session cookies
That could happen (that could happen to some extent with IPv4 now), but as mobile devices become more and more prevalent, tracking via this method would become less useful (as devices would switch IP addresses frequently).
Related
My business network is comprised of four locations across my farm, being my house, feed shed, cold storage and vet (animal welfare), due to the size of the property, the network is fibre to the house, then broadcasting a long range wifi signal with repeaters across the property to the other locations; to reach the feed shed this goes through two repeaters.
I have an R-PI running as a LAMP server, which is accessible on metrics.local and on its IP range 192.66.66.XXX (no idea why this range, that was what the original network engineer set up). The LAMP is hosting a wordpress website which captures internal metrics people record; such as feed used, we have no issues with this in the main residence. I have allowed port 80 without any restrictions as its an internal network through apache.
The problem is, whoever configured the network originally put other locations on separate domains, being 192.168.X.XXX, where the X is a different domain, so I have three LAN networks being 192.66.66, 192.168.1 and 192.168.2.
I have raised this with the network engineering team who have advised we have no firewalls blocking access between the networks and this is not a networking issue, but a server/apache config issue.
I've added routes to my LAMP server to allow the 192 range to connect to my server and I can ping the device from the computers on these other networks, however I cannot access metrics.local, with the browsers simply saying "cannot find the site".
I have reached the end of my ability to google the solution, with most routing topics being about adding additional domains to the LAMP, not allowing network access.
You are basically trying to route packets to a different networks.
192.166.66.XXX
192.168.1.XXX
192.168.2.XXX
All of these are different networks. For same network, packets can be routed by direct switches, but your network admins need the route all of the network t talk to each other using their own network gateway.
alternatively your network/sysadmin can forward your IP so it gets expose to other network, in this way it will be accessable to everyone using any one single assigned IP which works in all three network.
This is how routing works
I want to do a messaging application on the browser using WebRTC, but I want to get rid of every third party like STUN and TURN servers (I also want to get rid of signaling servers but first things first). I want the users to keep their contacts in the browser localStorage in a key-value way: name of the person => IP address.
I don't really care how the users find their own public IP address (they can do an ipconfig as there is no web API to retrieve it) nor how they distribute it (they can use use a centralized service like Messenger to give their public IP address to their friends, or they can use a QR code on their business card).
But the main issue I have is that I want these public IP addresses to be static, because I don't want to notify all my friends to update their contact file every time my gateway changes my public IP address.
In IPv4, there are too few available addresses (only 4 billions), so the public static addresses are all reserved to website and residential gateways. Whenever I want to access the Internet, my gateway opens a specific port for my computer. For example, if my gateway has the public address 1.2.3.4, the "public address" of my computer would be temporarily 1.2.3.4:3000. This process is called NAT. To find one's "public address", one must send a request to a STUN server which would respond with what IPv4 address and what port it sees. But the gateway closes the connection of the port at some point, so that's not a public static address like I want.
But in IPv6 it's different, the number of possible addresses is ridiculously high (2^128), so we could theorically give one static public address to each computer in the world. NAT would basically be useless (I'm not talking about firewalls here). But again, there is a problem, in IPv6 you have one address that is static but not public, and you have one or more addresses that are public but not static. So nothing has really changed from IPv4, and it still doesn't solve my problem.
I have 2 questions:
How to have a public and static address for regular computers? I don't want my users to meddle with their router/ISP or install anything on their computer.
Why don't we all already have static and public IPv6 addresses? Is there a design choice behind this?
Thank you for your help.
Your question is not really a programming question, so I'm assuming you need to know this because you are developing software that uses IPv6. Looking at it from a application point of view:
You don't need TURN to discover your own public address. Without NAT your address is not changed by the network and your local address is your public address. You just need to let your software ask the OS what the currently configured addresses are.
With IPv6 it's usually not the gateway giving out addresses to connected devices. The gateway only communicates the network prefix (a /64) to the network, and all devices choose their own addresses (usually multiple addresses per device).
DHCPv6 does exist, but it is usually not used to configure IPv6 addresses on devices. It may be used in stateless mode to configure domain names, DNS resolvers etc, but that is not related to assigning addresses.
So the device chooses its own addresses within the prefix communicated by the gateway. How does it choose?
Originally devices used their interface MAC address for the suffix (using the modified EUI-64 algorithm). The problem with this was that if you had a lap for example, online services that you connect to could track your device. Because no matter what network you connect to, the last 64 bits of your address would contain your unique MAC address. That way it was possible to track your device from work to home to your favourite coffee place etc.
These days the OS uses privacy extensions to make your IPv6 address untraceable. Often there is a stable address that is linked to the network prefix, so that every time you connect to the same network you get the same address. That address is useful for peer-to-peer communication.
But they went further than that. There is often also a set of privacy addresses that (semi)randomly change over time. Your device might generate a new address every day, or maybe even every hour. That makes it even harden for online services to determine whether there is a single device that has changed it's privacy address, or whether there are multiple devices. Because this address changes over time it's good for short-lived outbound connections, but not so useful to accept inbound connections on. For that use the stable address I mentioned in the previous paragraph.
Probably the most difficult bit is how to ask the OS about the available addresses. Looking at my own macOS box I see:
en2: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether c8:e0:eb:5c:af:61
inet6 fe80::1074:8568:e447:d9e3%en2 prefixlen 64 secured scopeid 0x12
inet6 2a02:xxxx:xxxx:xxxx:3e:873f:837:1417 prefixlen 64 autoconf secured
inet6 2a02:xxxx:xxxx:xxxx:b19c:71c5:1de8:8fde prefixlen 64 autoconf temporary
You can see both the long-term secured address and the short-term temporary address.
Without knowing which OS you are developing for and in which programming language I can't help you further. Please adjust your question to include that information.
I'm not too sure of what the difference between Unicasts and Broadcasts is. I could really use an example of their use that shows the difference between the two.
Thank you!
Unicasting is sending a message to a specific computer, identified by its IP address. This is 99.9% of all normal internet traffic, be it TCP or UDP.
Examples are web surfing (HTTP), sending or receiving emails (SMTP, POP, IMAP), using Skype, filesharing (Bittorrent) orplaying games over the internet (everything from Mahjongg to Diablo III). Basically everything where exactly 2 computers communicate with each other. Often, one is considered a server and another being a client, but that's not strictly necessary (cf. peer-to-peer networking).
Broadcasting sends a packet to every computer in the local subnet, by addressing it to the "broadcast address", which is derived from the subnet IP range.
E.g. For a 192.168.0.0/24 network, the broadcast address would be 192.168.0.255.
You can only reach computers within your own subnet via broadcasting. It won't be routed out into other networks. Typical usecases are data exchange or advertising of services (such as game or media servers) between local computers.
The message will (barring network problems) reach all computers in the subnet, but not all of them need to handle the message, if they are not interested in it (e.g. a computer not running a game client won't be interested in a game servers' broadcasts).
What kind of IP address does whatismyip.com provide?
How can I get it using VB.Net code?
Also what is IP port?
Thanks
Furqan
PART 1
Okay, let's pretend you have a router in your house and that you have several computers in your house all connected to the internet through your router.
In order for the router to know where traffic goes on your network, it assigns unique IP Addresses to all computers on your home network (Usually beginning with 192.168.x.x). These IP addresses are local ip addresses, meaning only your router and computers/devices connected to it in your house knows about them. If you open a command prompt and do command IPConfig you will see the IP address that your router has assigned your computer.
So what is the IP address that WhatIsMyIP.com showing you? In much the same way that your router assigns addresses to all the computers on your network, your internet service provider hands out unique IP addresses to all of their customers. Now, because you have a router, the only thing the ISP can see on your network is that router and your ISP assigns an IP address to it. This is why routers are also called hardware firewalls, because people on the other side of it, can't tell how many computers or devices are connected to it.
What this means is, when you are visiting websites on the internet, the only IP address they see is your routers external IP address (the one assigned by your ISP). So no matter which computer in your house you use, the website wouldn't know the difference because all it can see is your router's IP address. Go ahead and try it; go to www.WhatIsMyIP.com on several different computers in your house. You will see that they all show the same IP address. However, if you did IPConfig in your command prompt on each computer, that shows you the local address your router assigned and it would be different on every computer in your home.
So, now that you understand the difference between local and external IP addresses, how would you retrieve your external IP address in VB or C# .net code that is running on your PC? Well the only IP address your computer is actually aware of is that local IP that we talked about. The only way you can see your external IP address is to go to a website that tells you what address the request came from (which would be your router's IP address).
What you would need to do is write up some code in your VB.net program that would navigate out to WhatIsMyIP.com (or some other website that can give you your IP address) and tell the code to grab it. I have written a web service located at http://www.u413.com/test/terminal/myip that returns only your IP address as the entire HTTP response. Find something similar though for your application because this little sample will not stay there forever; I only put it up there as a temporary example on a domain I already own.
Visit http://www.vbdotnetheaven.com/UploadFile/kbawala/WebRequestClass04182005054320AM/WebRequestClass.aspx to see how to make web requests from code running on your computer.
NOTE: You may not be aware of what DNS is either if you are unaware of how IP addresses work. Everything on the net has an IP address, including the servers that serve up website pages. But what a pain that would be, trying to remember up to 12 digit IP addresses for all your favorite websites. That is what DNS servers were invented for. DNS servers take a domain name (e.g. www.facebook.com) and translates it into the correct IP address. That way all you need to remember is facbook.com instead of 69.63.181.12 (this is facebook's IP address. Go ahead, try it! Put that IP in your browser's address bar and you will see facebook.), domain names are much easier to remember!
If you want to see the IP address associated with a website, open up a command prompt. Once the prompt is open type PING [websitedomain] (e.g. PING Facebook.com) and your computer will send 4 test requests to the address which is displayed for you.
PART 2
Let's pretend your IP address is like the address of an apartment buliding. The pizza delivery boy needs to know the address to the apartment building in order to deliver your pizza. But what is he going to do when he gets there? There are hundreds of doors/apartments to choose from. He needs to know the apartment number (port number on your computer).
Your computer has thousands of ports, and programs can listen on any one of them for requests from the outside world. When you go to a website almost all websites are served on port 80. Port 80 is the default port for web pages. When you go to facebook.com you are actually going to facebook.com:80, you just don't see the :80 because it is implied since it is the default. If I put up a web server, I could decide any port to serve websites on. If I served web pages on a different port than port 80, then you would have to include it in your URL. http://www.SomeDudesCustomWebServer.com:1337.
Outgoing requests use a port too, but that one is usually unimportant and your computer just picks one that is available. So when you go to Facebook.com, the facebook web servers are all serving up pages over port 80, but the port your computer opened up to send the request does not have to be port 80 because it picks an available port and then sends the port with the request. Then when facebook sends its response, it sends the reply back to the ip address and port that made the request.
Outgoing ports are only used for the duration of the request. Ports that must listen for connections must stay the same otherwise the computers making requests would have no idea what port to send the request to.
Easy huh!
Hope that helps you understand a bit better.
EDIT:
Port Forwarding
Okay, in light of the chat application you want to use/create, if you want it to communicate over the net you'll have to learn about port forwarding. Basically, because all you could see of your friend's network would be his external ip address, you will have to use that address to connect to his chat server (or vice versa if he is connecting to your chat server then it will be your external IP). Because of this, the connection request would only get as far as the router that has the external IP, but it would not know what computer on the network to forward the request to.
You will need to access your router's firmware and set up port forwarding so that the router knows to forward requests on a specific port, to a specific computer on the network. Visit http://portforward.com/ for more detail on how to setup port forwarding.
EDIT 2:
Firewall
When setting up stuff to communicate with your computer using your PC, you may start getting frustrated that it just won't connect. What is likely stopping you is your firewall. By default, most ports on your PC are completely blocked by the windows firewall. For each port that you want to communicate on you will want to go into the firewall and create a rule that will open up the port. Go here http://www.top-windows-tutorials.com/windows-7-firewall.html for a video on how to use the windows firewall. I did not watch it, but it is what came up first on a google search.
Do not simply disable the firewall. Even though this is an easy and quick solution to open up all your ports, you are leaving yourself open to attack. Viruses love to set themselves up in your computer if they can and listen on an open port for a connection from their beloved creator so he can obtain access to your PC. Only open the ports you need.
UDP vs TCP
When opening and forwarding ports you may notice that it asks for UDP (User Datagram Protocol) or TCP (Transmission Control Protocol). What they stand for may not make sense but all you need to know is this: UDP is for single packet transmissions which means that two packets sent by a pc may or may not be related to each other. These types of data packets are usually used for broadcasts on a local network. An example I would use is LAN games. When you host a game on a LAN the other computers/devices can see the name of the game and join it. That is because the computer hosting the game is transmitting a UDP broadcast across the entire LAN so that any devices can see the game. Those UDP transmissions usually contain the name of the game and the connection info required to connect to the game.
TCP is for continuous packet transmission. TCP requires an established connection, any packets transmitted on this connection are always related to that one connection/request. To continue my example from the last paragraph, once you click connect on the LAN game, your computer then establishes a TCP connection with the host and uses that connection for the duration of the game or games. TCP is the most commonly used connection type and your chat program would likely communicate over TCP, especially if you are connecting across the net because UDP broadcasts are useless across the internet. UDP is only really useful on a LAN.
You should be safe forwarding and unblocking only the TCP ports, but sometimes when I'm unsure I just do both UDP and TCP just to be safe. In fact, many routers and firewalls have 3 options: TCP, UDP, or Both which saves you from having to create two rules for both types of the port.
When in doubt, open/forward both.
What's my ip provides your IP v4 public address.
It's really easy to retrieve it, this topic explain how to proceed : How to get the IP address of the server on which my C# application is running on?
The code is only a few lines long, so the language (c# in this example) does'nt matter.
They provide your external internet facing IP.
This IP will depend on how you connect to the internet. If you connect straight from your computer to your ISP without any kind of router or firewall in between, it might be the same as your internal IP, but in most circumstances this will not be the case.
If you're at home and you've connected via a router of some kind, then you might be able to query it for the IP, but there is no standard way of doing this.
There is no standard way of getting hold of your external IP from the client it self. If you've got access to a server on the internet where you could deploy some code you could connect to that server from your client PC and ask it what IP you're connecting from.
IP Port Numbers
I also needed external IP using command line, but because I didn't find it I wrote small application using vb.net. You can use reflection for source code or ask on app home page for it. Basically application opens web page that provide your IP and parse it using regular expression, but because is designed with this purpose uses many "tricks" for this (can use more web pages at once, uses fastes page, etc). Check source for details.
First URL stands for Uniform Resource Locator. It will be very difficult to remember an IP address. Instead of remembering the IP addresses URL came like www.intrepidkarthi.com. Url normally contains three parts. For example http://intrepidkarthi.com/index.php. Here "http" refers to the protocol it uses. Then the server name and then the requested file name.
Here I have enlisted the flow of working mechanism behind your browser
The flow of work
Your browser communicates with a name server to translate the server name "www.intrepidkarthi.com" into an IP Address, which it uses to connect to the server machine. * So your browser will see if it already has the appropriate IP address cached away from previous visits to the site. If not, it will make a DNS query to your DNS server (might be your router or your ISP's DNS server). DNS stands for Domain Name Server - For exapmle if you want to get karthik's phone number then you will look into your telephone directory. Likewise your computer doesn't know intrepidkarthi.com's IP address . So it looks into DNS.
The browser then formed a connection to the server at that IP address on port 80. HTTP protocol uses port number 80
The browser sends a GET request to the server, asking for the file "http://www.google.com/karthikeyan.htm". The webserver then returns the requested page and your browser renders it to the screen.
The firewall will control connections to & from your computer. For the most part it will just be controlling who can connect to your computer and on what ports. For web browsing your firewall generally won't be doing a whole lot.
Your router essentially guides your request through the network, helping the packets get from computer to computer and potentially doing some NAT (Network Address Tranlator) to translate IP addresses along the way (so your internat LAN request can be transitioned onto the wider internet and back).
I don't know what I understood is correct or not. I need to understand it completely till the hardware level at the back.
browser has no DNS cache. your operating system's tcp stack has.
the server name in DNS may have many IP addresses. the browsers usually choose one at random.
DNS is a tree. to get www.google.com, you go to google.com name service and get IP of the computer www.
returned HTML page is a small part of the information. In turn, it points your browser to establish many connections to other servers, to bring scripts, pictures, etc.
otherwise okay.