I have some accesses from 192.168.0.71 on my apache logs. I looked up this IP (because my server almost exclusively takes requests from 127.0.0.1, and I saw that it's reserved for "special purposes." What types of purposes might those be?
Edit:
I didn't tell you, typing 192.168.0.71 brings me straight to my site, just as 127.0.0.1 would. I just wonder how this is different, then from 127.0.0.1.
RFC 1918 reserves addresses starting with 192.168 for private networks. This most likely means that some computer on your local network is accessing the server.
I didn't tell you, typing 192.168.0.71 brings me straight to my site, just as 127.0.0.1 >would. I just wonder how this is different, then from 127.0.0.1.
That means that 192.168.0.71 is the assigned internal IP to your machine.
127.0.0.1 is just a local loopback redirect. 192.168.0.71 is actually directly connecting to your machine.
192.168.???.??? is a special, reserved range of addresses private IP addresses. So it's probably a computer from your local network.
Read: http://en.wikipedia.org/wiki/Classful_network
EDIT:
You've edited your post.
It seems, it's your address in the local network.
127.0.0.1 is the loopback address.
Difference between them is if somebody else from your network types 192.168.0.71, they go to your site, 127.0.0.1 is for their computer.
192.168.0.71 (Well the entire range 192.168.0.0 – 192.168.255.255) are for private (read. not internet accessible) network IP addresses, so that is from something inside your private network.
I believe it is reserved for any private intranet, as per this document.
The 192.168.x.y block is typically used for non-Internet connected devices. It's most likely from one of your own machines. If you have a router of some sort, go into its configuration tool and see if you can find the block of addresses it uses to assign to internal machines. It should be 192.168.x.y.
Judging from your edit, it sounds like 192.168.0.71 is your computer's IP address on your internal network.
As to why it's showing up in your logs instead of 127.0.0.1... well, I can only assume that, for whatever reason, one of the programs on your computer is contacting the computer by its network IP rather than the localhost IP.
The 192.168.0.0 network is defined as being one of the "private" networks.
As Krzysiek Goj has said, check this link for further details.
There are 3 ranges that have been designated as private ip addresses.
- 10.0.0.0/8 (meaning 10.0.0.0 to 10.255.255.255)
- 172.16.0.0/12 (meaning 172.16.0.0 - 172.31.255.255)
- 192.168.0.0/16 (meaning 192.168.0.0 to 192.168.255.255)
Typically a DHCP server on your network (of which most network switches are examples) are configured to dynamically hand out ip addresses in one of the private ranges. The 192.168.0.0/16 range is probably the most popular. Alternatively you may have been statically allocated one of these addresses by your network administrator.
To check the address that you've been allocated you can use one of the following:
- (windows) ipconfig /all
- (unix) ifconfig
By default your machine will also have a loopback interface enabled using the address 127.0.0.1. This can be used to access your own machine.
There is not enough information here to completely answer the question. The most likely answer is:
The web server is also your desktop system. Your browser is running on that system as well, so the the 127.0.0.1 traffic is from your surfing of your own site.
The 192.168.0.71 is the actual IP address of your desktop, which is connected to some kind of NAT'ing device which connects you to the internet. Almost every broadband WiFi device uses this subnet by default.
The reason some traffic comes from that address is that on occasion, for various web reasons, some of the traffic is directly addressing your 192.168.0.71 address rather than the 127.0.0.1 address.
Related
this might sound a bit amateur-ish but I'm in a bit of a situation here.
So I created myself a website and managed to get it working on localhost, I tried port forwarding ports 80,443 but nothing helped, So next thing I'm googling around and I read about ngrok and it actually worked. Got it working on a long randomly generated domain but the problem is that I want to use the one that I have from no-ip.com. How can I do that please? I'm very lost here.
Software being used: Xampp (Apache,MySQL)
I've reserved a DHCP ip-address for my PC in my router's settings, hopefully that helps? I don't know. Help me internet.
There are a whole bunch of possible reasons that this might not work. Here are a few of them.
Your ISP
Even if you have port forwarding set up properly on your router, it is still possible that you cannot do what you want.
First, many ISPs block serving websites from residential internet connections. Connections to port 80/443 will never even reach your router. You might try experimenting by forwarding a different port number (such as 8000 instead of 80) to see if the traffic can get through on that port. (However, that will not work as a practical solution since your users will not know to use an alternate port and your ISP can choose to terminate your service if you are violating the terms of your agreement.)
Second, due to the exhaustion of public IPv4 addresses, some ISPs are implementing Carrier-Grade NAT (CGNAT, a.k.a. Large-Scale NAT - LSN). Instead of giving your router a public IP address, they give your router a private IP address inside their network. Once again, connections to port 80/443 (or any other port for that matter) will never reach you. You can check if you are behind CGNAT by going to your router's setting and finding the public IP address, then going to https://whatsmyip.com/ and seeing if it is the same or different. (In theory, you should be able to tell that you have CGNAT if your router's IP address is between 100.64.0.0 - 100.127.255.255, but in practice some ISPs use other private network ranges too, such as 10.0.0.0 - 10.255.255.255.)
The reason Ngrok works for you is because Ngrok opens a tunnel from your computer to their cloud servers and sends the traffic through that tunnel.
DNS
You mentioned in the comments that you have the DNS set to resolve the private IP of your computer. That certainly will not allow users on the public internet to get to your site, because they cannot connect to your address.
However, you also mentioned in the comments that if you change the DNS to point to your public IP, it doesn't work from either inside or outside. This could mean your problem is one of the ISP issues described above. It could also mean that your router does not support Hairpin-NAT (a.k.a. NAT Reflection), which is how the router would be able to redirect local traffic back to the local server instead of trying to send it out over the internet.
Firewall
Your computer's firewall can look at the source IP address of the incoming traffic, and it might be set not to allow external access to your web server. DO NOT DISABLE YOUR FIREWALL to try to get around this. Instead, you need to add a specific exception to the firewall rules to allow the incoming traffic. How you do this will depend on your operating system.
I have a local network with several PCs and specialized controllers on it. These specialized controllers must be configured with static IP addresses and do not have DHCP capabilities.
I was asked to put together a list of the device hostnames and IP addresses. It's easy to figure out the IP address of each device, however, I'm struggling to find out the host name for these specialized controllers. If it were a Windows PC, I would simply navigate some menus to find the host name.
I'm confused about how the host name is configured for network devices in general. For Windows PCs, it seems like the PC itself determines its own host name. When it joins a network, it simply broadcasts its host name to a DNS server and the DNS server remembers it. For devices that are not DHCP, it seems like I would need to manually go to a DNS server and enter the host name for the specific IP address.
So what exaclty determines the host name? The device itself or a network admin?
This more of networking question and belongs to ServerFault - you will get your answer faster there.
If it were a Windows PC, I would simply navigate some menus to find
the host name.
What kind of system is there if there is no Windows? Linux, *BSD, AIX, other? I'll answer for Linux for now.
So what exactly determines the host name? The device itself or a
network admin?
This depends on your configuration in Linux check - /etc/nsswitch.conf
e.g.
hosts: files dns
Which defines that the hostname will be defined by /etc/hosts and if it is not found there it will check DNS next.
If hosts file, the local resolution, contains the pair ip <-> name it is used. If the DNS takes precedence and it contains the pair it is taken from there. As shown above, it can contain both at once in defined order, then the resolution is done in that order.
By the way, DHCP server can give you static IP addresses based on your MAC address so your controllers will have always the same IP address, if same network card is used. It is way easier to manage than configure all servers manually.
I want to do a messaging application on the browser using WebRTC, but I want to get rid of every third party like STUN and TURN servers (I also want to get rid of signaling servers but first things first). I want the users to keep their contacts in the browser localStorage in a key-value way: name of the person => IP address.
I don't really care how the users find their own public IP address (they can do an ipconfig as there is no web API to retrieve it) nor how they distribute it (they can use use a centralized service like Messenger to give their public IP address to their friends, or they can use a QR code on their business card).
But the main issue I have is that I want these public IP addresses to be static, because I don't want to notify all my friends to update their contact file every time my gateway changes my public IP address.
In IPv4, there are too few available addresses (only 4 billions), so the public static addresses are all reserved to website and residential gateways. Whenever I want to access the Internet, my gateway opens a specific port for my computer. For example, if my gateway has the public address 1.2.3.4, the "public address" of my computer would be temporarily 1.2.3.4:3000. This process is called NAT. To find one's "public address", one must send a request to a STUN server which would respond with what IPv4 address and what port it sees. But the gateway closes the connection of the port at some point, so that's not a public static address like I want.
But in IPv6 it's different, the number of possible addresses is ridiculously high (2^128), so we could theorically give one static public address to each computer in the world. NAT would basically be useless (I'm not talking about firewalls here). But again, there is a problem, in IPv6 you have one address that is static but not public, and you have one or more addresses that are public but not static. So nothing has really changed from IPv4, and it still doesn't solve my problem.
I have 2 questions:
How to have a public and static address for regular computers? I don't want my users to meddle with their router/ISP or install anything on their computer.
Why don't we all already have static and public IPv6 addresses? Is there a design choice behind this?
Thank you for your help.
Your question is not really a programming question, so I'm assuming you need to know this because you are developing software that uses IPv6. Looking at it from a application point of view:
You don't need TURN to discover your own public address. Without NAT your address is not changed by the network and your local address is your public address. You just need to let your software ask the OS what the currently configured addresses are.
With IPv6 it's usually not the gateway giving out addresses to connected devices. The gateway only communicates the network prefix (a /64) to the network, and all devices choose their own addresses (usually multiple addresses per device).
DHCPv6 does exist, but it is usually not used to configure IPv6 addresses on devices. It may be used in stateless mode to configure domain names, DNS resolvers etc, but that is not related to assigning addresses.
So the device chooses its own addresses within the prefix communicated by the gateway. How does it choose?
Originally devices used their interface MAC address for the suffix (using the modified EUI-64 algorithm). The problem with this was that if you had a lap for example, online services that you connect to could track your device. Because no matter what network you connect to, the last 64 bits of your address would contain your unique MAC address. That way it was possible to track your device from work to home to your favourite coffee place etc.
These days the OS uses privacy extensions to make your IPv6 address untraceable. Often there is a stable address that is linked to the network prefix, so that every time you connect to the same network you get the same address. That address is useful for peer-to-peer communication.
But they went further than that. There is often also a set of privacy addresses that (semi)randomly change over time. Your device might generate a new address every day, or maybe even every hour. That makes it even harden for online services to determine whether there is a single device that has changed it's privacy address, or whether there are multiple devices. Because this address changes over time it's good for short-lived outbound connections, but not so useful to accept inbound connections on. For that use the stable address I mentioned in the previous paragraph.
Probably the most difficult bit is how to ask the OS about the available addresses. Looking at my own macOS box I see:
en2: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether c8:e0:eb:5c:af:61
inet6 fe80::1074:8568:e447:d9e3%en2 prefixlen 64 secured scopeid 0x12
inet6 2a02:xxxx:xxxx:xxxx:3e:873f:837:1417 prefixlen 64 autoconf secured
inet6 2a02:xxxx:xxxx:xxxx:b19c:71c5:1de8:8fde prefixlen 64 autoconf temporary
You can see both the long-term secured address and the short-term temporary address.
Without knowing which OS you are developing for and in which programming language I can't help you further. Please adjust your question to include that information.
I created an AMP web application that was originally going to be served from a traditional 3rd party host.
As we finished up, the client decided to host it internally, on a server in their office network. The application is only meant to be available to staff members, but those staff members will often be off-site. I had no involvement in setting up their network, which uses at least one server running windows server 2003. The client machines I saw were XP.
I set up Apache, MySQL and PHP on the server 2003 machine, and installed the application. The application is built on the CodeIgniter framework, so I set the base_url to the internal IP (192.168...), and we tested from within the network. Everything worked fine.
Next, we asked their network guy to open port 80 for apache. I set the base_url to the external IP, and tested from my home (using the external IP as the web address), and it works fine.
However, when attempting to access the application using the external IP from within the network, they're unable to connect. I can reset the base_url to the network IP, and they can access it using the network IP, but then it the application fails when connecting externally (since the base_url, used throughout the application, is pointing to the internal IP).
It suppose I could let CodeIgniter determine the base_url (by leaving the variable as an empty string), but would rather figure out why the external IP fails in-network, and try to correct that.
The server we're using is not dedicated to the AMP stack (in fact, it has at least one other application broadcasting to the internet that must have been using IIS, as well as an FTP server used for office scanners), so I suppose there might be some conflicts there.
I know very little about windows networking. A quick search suggested this might be because of NAT, but didn't offer a work-around.
Their network guy has no suggestions, and said that everything should be fine.
Is it possible to have users inside the network access the Apache server using the external IP, and if so, what needs to happen to enable that?
TYIA
Your client's NAT router is configured to forward packets arriving on its external interface for its external IP with port 80 to the internal machine, port 80, after re-writing the source and destination IP addresses in the packets.
From within the network, attempts to connect to the external IP address will be routed to the default route on the machines, the router's internal interface. This interface is not configured to forward packets back into the network.
Configure the application to listen on all IP addresses. Make sure that the server knows that the clients know it under several hostnames -- the internal IP address and the external IP address.
You might be able to re-write the NAT firewall rules on the router to perform the port forwarding for the internal interface as well, but off-the-shell equipment common in homes and small businesses do not make this task easy. More expensive gear (or home-built *BSD/Linux router machines) can do this without much effort, but it would needlessly add traffic to the router.
This isn't Apache related, nor is it CI related. It's often impossible to reach the external IP address from within the network.
Frankly, I don't know exactly why that is. I do know that it's related to how NAT (Network Address Translation) works or at least how it's implemented.
For a detailed overview of why this is, you should ask this question on serverfault. If you're simply a programmer who has to deal with it, accept that NAT usually works only from inside to outside and outside to inside, but not inside to inside.
You already mentioned one of the solutions in your question - don't use base_url. You could also simply run the server on an external IP address (not your company IP, but let's say a datacenter or something).
What kind of IP address does whatismyip.com provide?
How can I get it using VB.Net code?
Also what is IP port?
Thanks
Furqan
PART 1
Okay, let's pretend you have a router in your house and that you have several computers in your house all connected to the internet through your router.
In order for the router to know where traffic goes on your network, it assigns unique IP Addresses to all computers on your home network (Usually beginning with 192.168.x.x). These IP addresses are local ip addresses, meaning only your router and computers/devices connected to it in your house knows about them. If you open a command prompt and do command IPConfig you will see the IP address that your router has assigned your computer.
So what is the IP address that WhatIsMyIP.com showing you? In much the same way that your router assigns addresses to all the computers on your network, your internet service provider hands out unique IP addresses to all of their customers. Now, because you have a router, the only thing the ISP can see on your network is that router and your ISP assigns an IP address to it. This is why routers are also called hardware firewalls, because people on the other side of it, can't tell how many computers or devices are connected to it.
What this means is, when you are visiting websites on the internet, the only IP address they see is your routers external IP address (the one assigned by your ISP). So no matter which computer in your house you use, the website wouldn't know the difference because all it can see is your router's IP address. Go ahead and try it; go to www.WhatIsMyIP.com on several different computers in your house. You will see that they all show the same IP address. However, if you did IPConfig in your command prompt on each computer, that shows you the local address your router assigned and it would be different on every computer in your home.
So, now that you understand the difference between local and external IP addresses, how would you retrieve your external IP address in VB or C# .net code that is running on your PC? Well the only IP address your computer is actually aware of is that local IP that we talked about. The only way you can see your external IP address is to go to a website that tells you what address the request came from (which would be your router's IP address).
What you would need to do is write up some code in your VB.net program that would navigate out to WhatIsMyIP.com (or some other website that can give you your IP address) and tell the code to grab it. I have written a web service located at http://www.u413.com/test/terminal/myip that returns only your IP address as the entire HTTP response. Find something similar though for your application because this little sample will not stay there forever; I only put it up there as a temporary example on a domain I already own.
Visit http://www.vbdotnetheaven.com/UploadFile/kbawala/WebRequestClass04182005054320AM/WebRequestClass.aspx to see how to make web requests from code running on your computer.
NOTE: You may not be aware of what DNS is either if you are unaware of how IP addresses work. Everything on the net has an IP address, including the servers that serve up website pages. But what a pain that would be, trying to remember up to 12 digit IP addresses for all your favorite websites. That is what DNS servers were invented for. DNS servers take a domain name (e.g. www.facebook.com) and translates it into the correct IP address. That way all you need to remember is facbook.com instead of 69.63.181.12 (this is facebook's IP address. Go ahead, try it! Put that IP in your browser's address bar and you will see facebook.), domain names are much easier to remember!
If you want to see the IP address associated with a website, open up a command prompt. Once the prompt is open type PING [websitedomain] (e.g. PING Facebook.com) and your computer will send 4 test requests to the address which is displayed for you.
PART 2
Let's pretend your IP address is like the address of an apartment buliding. The pizza delivery boy needs to know the address to the apartment building in order to deliver your pizza. But what is he going to do when he gets there? There are hundreds of doors/apartments to choose from. He needs to know the apartment number (port number on your computer).
Your computer has thousands of ports, and programs can listen on any one of them for requests from the outside world. When you go to a website almost all websites are served on port 80. Port 80 is the default port for web pages. When you go to facebook.com you are actually going to facebook.com:80, you just don't see the :80 because it is implied since it is the default. If I put up a web server, I could decide any port to serve websites on. If I served web pages on a different port than port 80, then you would have to include it in your URL. http://www.SomeDudesCustomWebServer.com:1337.
Outgoing requests use a port too, but that one is usually unimportant and your computer just picks one that is available. So when you go to Facebook.com, the facebook web servers are all serving up pages over port 80, but the port your computer opened up to send the request does not have to be port 80 because it picks an available port and then sends the port with the request. Then when facebook sends its response, it sends the reply back to the ip address and port that made the request.
Outgoing ports are only used for the duration of the request. Ports that must listen for connections must stay the same otherwise the computers making requests would have no idea what port to send the request to.
Easy huh!
Hope that helps you understand a bit better.
EDIT:
Port Forwarding
Okay, in light of the chat application you want to use/create, if you want it to communicate over the net you'll have to learn about port forwarding. Basically, because all you could see of your friend's network would be his external ip address, you will have to use that address to connect to his chat server (or vice versa if he is connecting to your chat server then it will be your external IP). Because of this, the connection request would only get as far as the router that has the external IP, but it would not know what computer on the network to forward the request to.
You will need to access your router's firmware and set up port forwarding so that the router knows to forward requests on a specific port, to a specific computer on the network. Visit http://portforward.com/ for more detail on how to setup port forwarding.
EDIT 2:
Firewall
When setting up stuff to communicate with your computer using your PC, you may start getting frustrated that it just won't connect. What is likely stopping you is your firewall. By default, most ports on your PC are completely blocked by the windows firewall. For each port that you want to communicate on you will want to go into the firewall and create a rule that will open up the port. Go here http://www.top-windows-tutorials.com/windows-7-firewall.html for a video on how to use the windows firewall. I did not watch it, but it is what came up first on a google search.
Do not simply disable the firewall. Even though this is an easy and quick solution to open up all your ports, you are leaving yourself open to attack. Viruses love to set themselves up in your computer if they can and listen on an open port for a connection from their beloved creator so he can obtain access to your PC. Only open the ports you need.
UDP vs TCP
When opening and forwarding ports you may notice that it asks for UDP (User Datagram Protocol) or TCP (Transmission Control Protocol). What they stand for may not make sense but all you need to know is this: UDP is for single packet transmissions which means that two packets sent by a pc may or may not be related to each other. These types of data packets are usually used for broadcasts on a local network. An example I would use is LAN games. When you host a game on a LAN the other computers/devices can see the name of the game and join it. That is because the computer hosting the game is transmitting a UDP broadcast across the entire LAN so that any devices can see the game. Those UDP transmissions usually contain the name of the game and the connection info required to connect to the game.
TCP is for continuous packet transmission. TCP requires an established connection, any packets transmitted on this connection are always related to that one connection/request. To continue my example from the last paragraph, once you click connect on the LAN game, your computer then establishes a TCP connection with the host and uses that connection for the duration of the game or games. TCP is the most commonly used connection type and your chat program would likely communicate over TCP, especially if you are connecting across the net because UDP broadcasts are useless across the internet. UDP is only really useful on a LAN.
You should be safe forwarding and unblocking only the TCP ports, but sometimes when I'm unsure I just do both UDP and TCP just to be safe. In fact, many routers and firewalls have 3 options: TCP, UDP, or Both which saves you from having to create two rules for both types of the port.
When in doubt, open/forward both.
What's my ip provides your IP v4 public address.
It's really easy to retrieve it, this topic explain how to proceed : How to get the IP address of the server on which my C# application is running on?
The code is only a few lines long, so the language (c# in this example) does'nt matter.
They provide your external internet facing IP.
This IP will depend on how you connect to the internet. If you connect straight from your computer to your ISP without any kind of router or firewall in between, it might be the same as your internal IP, but in most circumstances this will not be the case.
If you're at home and you've connected via a router of some kind, then you might be able to query it for the IP, but there is no standard way of doing this.
There is no standard way of getting hold of your external IP from the client it self. If you've got access to a server on the internet where you could deploy some code you could connect to that server from your client PC and ask it what IP you're connecting from.
IP Port Numbers
I also needed external IP using command line, but because I didn't find it I wrote small application using vb.net. You can use reflection for source code or ask on app home page for it. Basically application opens web page that provide your IP and parse it using regular expression, but because is designed with this purpose uses many "tricks" for this (can use more web pages at once, uses fastes page, etc). Check source for details.