I need to uniquely identify a machine despite it having multiple IP addresses(which a common scenarios for linux machines) what I am thinking of is to use hostname as an identifier for the machine/system(host name in /etc/hostname). Is it mandatory that a system will have only one hostname or a system can have multiple host names.
Any help appreciated.
I would identify it as some combination of hostname, MAC address, processor serial number, and hardware serial number. This may not be possible with virtualization, though a virtualized machine should have a unique MAC, unless someone has duplicated it.
Also, I'd get the hostname with uname -n rather than parsing /etc/hostname. Not all Unixes (HP-UX) use /etc/hostname, so this increases portability.
f.e your host is connected to networks 192.168.1.12 and 10.0.1.14
Edit your /etc/hosts with
192.168.1.12 ethhost
10.0.1.14 wlanhost
Now you will be able to ping your host with both names ethhost and wlanhost
Related
Background
Been having a lot if issues with this problem. Randomly PC won't connect to NAS for apparently no reason at all, while others it works. I read tonne of posts about various fixes, some worked sometimes, some didn't, but lately none did. Restarting PC, NAS, or router didn't work, nor did changing settings, checking firewall, antivirus, etc.. Finally I managed to figure it out.
Our nas allow us to make a network name to access it by, like \\MyServer, but sometimes when power goes out, or we have to restart router, this address won't work because the server's local IP had changed, and the address was still cached on our computer to the old one.
The reason can be one of many. In my case, it was none that I could find common answers to.
TL;DR
I randomly can't connect to my NAS via \\MyServer or it's IP \\10.0.0.3, but other PC's can.
I suggest using Synology Assistant. This will find the NAS on the network if it is physically in range.
Then I highly recommend to use a fix IP address for the NAS. It is no good idea having servers with DHCP...
Reason (in my specific case)
Sometimes the PC would only connect to the NAS via IPv6 (almost feel like it does it on a whim), IPv4 won't work at all. That or the old IP is cached on your system.
IPv4 looks something like one of these: 10.0.0.5, 172.16.0.2, or 192.168.0.0
IPv6 looks something like: fe80::842a:a43d:3123:1332
Quick fix attempt first
First, just try opening command prompt and enter ipconfig /flushdns, then try to connect to your usual \\MyServer address, see if that works now.
Didn't work?
What you can try is to see if you can connect via its IPv6 — but first you need to somehow obtain it.
Step 1 In command prompt, type ping MyServer (replaced with whatever name you have), and it see if it manages to ping it. If it does, it will resolve the IP and show an IPv6. If it shows IPv4 or can't connect at all, see further down.
Step 2 Locate the IPv6 at the top, remove % and number after.
Step 3 Replace : with -. Note doubles if you have that: :: with --.
Step 4 Prefix the usual \\ at the start, and add .ipv6-literal.net at the end. Now try to connect to the server using that. With the IPv6 example above, it'd be something like: \\fe80--842a-a43d-3123-1332.ipv6-literal.net
Ping shows IPv4?
Try to ping with one of the other computers, or if you are able to, login to the web dashboard or equivalent on one of those computers, and see if you can find any information about the server's IP's, with goal of finding its IPv6.
Once found, do steps above.
Done!
Other stuff:
IPv6 in browser — remove the % and number, put IP inside brackets [] and then connect. Example: http://[fe80::842a:a43d:3123:1332].
Creating alias of the weird IPv6:
Step 1 Right click Notepad, and open as Administrator
Step 2 Go to File → Open, change the dropdown above 'open' from Textfiles (*.txt) to All files (*.*).
Step 3 Locate the hosts file, located at C:\C:\Windows\System32\drivers\etc\ and open
Step 4 At the bottom, write the IPv6 with the colons AND the %##, then a space, then the alias you want it to use (case insensitive). Example: fe80::842a:a43d:3123:1332%15 MyAlias and save. You should now be able to use \\MyAlias to connect to it.
NOTE The %## number is unique to each computer. E.g. your computer gets %15, the next get %7. The rest of the IP is identical. To get the %## number of a different PC, write ipconfig in its command prompt. It should list its own IPv6 with its appended %## at the end.
Another note: If you need to change an IP in the hosts file of an IP that no longer work, you also need to use ipconfig /flushdns again.
If I have a dual boot machine (Windows and Linux), and my network administrator assigns me a static IP address, will I get two addresses, or one? Or is it up to the administrator's discretion? What are the advantages of each approach?
Thanks!
Since you are dual booting you will only be using one IP address at the time, so it can be the same one on both operating systems.
The network administrator might assign two different IP addresses to you if so they desire, but it really poses no advantage, save for really specific situations such as running two different servers for the same service under the two OS's and needing to be able to discern the two.
Generally however one IP is assigned to one machine regardless of what OS is running on it.
He can set two Ip's but one is enough because you're not going to use them simultaneously
I am trying to use Boost for some IPv6 and multicast network communication. I need to construct an IPv6 multicast socket that uses a specific network interface index.
I was able to find the correct multicast option to set the network interface index in boost/asio/ip/detail/socket_option.hpp:
explicit multicast_request(const boost::asio::ip::address_v6& multicast_address, unsigned long network_interface = 0)
The problem is, I don't know how to find the correct value for the "network_interface" parameter. Is there a way to get the network_interface value using a local IPv6 address that I can provide? I looked in the documentation and examples, but couldn't find anything.
-- Dylan
Each platform provides APIs to enumerate the network interfaces, e.g. getifaddrs for many Unixes and GetAdaptersAddresses for Windows. Note on Windows there is a separate numerical space for IPv4 and IPv6 adapters which makes the API call if_nametoindex quite confusing.
You may wish to inspect the methods I employed in OpenPGM for portability, considering Windows doesn't really have useful adapter names:
http://code.google.com/p/openpgm/source/browse/trunk/openpgm/pgm/getifaddrs.c
http://code.google.com/p/openpgm/source/browse/trunk/openpgm/pgm/nametoindex.c
http://code.google.com/p/openpgm/source/browse/trunk/openpgm/pgm/indextoaddr.c
http://code.google.com/p/openpgm/source/browse/trunk/openpgm/pgm/indextoname.c
I don't think there's a platform-independent way to figure this out, just as there is no portable solution to enumerating the local addresses.
On Linux, you can find what you want in the second column of /proc/net/if_inet6, which is also available more robustly through the rtnetlink(7) interface.
In IPv6 networking, the IPV6_V6ONLY flag is used to ensure that a socket will only use IPv6, and in particular that IPv4-to-IPv6 mapping won't be used for that socket. On many OS's, the IPV6_V6ONLY is not set by default, but on some OS's (e.g. Windows 7), it is set by default.
My question is: What was the motivation for introducing this flag? Is there something about IPv4-to-IPv6 mapping that was causing problems, and thus people needed a way to disable it? It would seem to me that if someone didn't want to use IPv4-to-IPv6 mapping, they could simply not specify a IPv4-mapped IPv6 address. What am I missing here?
Not all IPv6 capable platforms support dualstack sockets so the question becomes how do applications needing to maximimize IPv6 compatibility either know dualstack is supported or bind separatly when its not? The only universal answer is IPV6_V6ONLY.
An application ignoring IPV6_V6ONLY or written before dualstack capable IP stacks existed may find binding separatly to V4 fails in a dualstack environment as the IPv6 dualstack socket bind to IPv4 preventing IPv4 socket binding. The application may also not be expecting IPv4 over IPv6 due to protocol or application level addressing concerns or IP access controls.
This or similar situations most likely prompted MS et al to default to 1 even tho RFC3493 declares 0 to be default. 1 theoretically maximizes backwards compatibility. Specifically Windows XP/2003 does not support dualstack sockets.
There are also no shortage of applications which unfortunately need to pass lower layer information to operate correctly and so this option can be quite useful for planning a IPv4/IPv6 compatibility strategy that best fits the requirements and existing codebases.
The reason most often mentioned is for the case where the server has some form of ACL (Access Control List). For instance, imagine a server with rules like:
Allow 192.0.2.4
Deny all
It runs on IPv4. Now, someone runs it on a machine with IPv6 and, depending on some parameters, IPv4 requests are accepted on the IPv6 socket, mapped as ::192.0.2.4 and then no longer matched by the first ACL. Suddenly, access would be denied.
Being explicit in your application (using IPV6_V6ONLY) would solve the problem, whatever default the operating system has.
I don't know why it would be default; but it's the kind of flags that i would always put explicit, no matter what the default is.
About why does it exist in the first place, i guess that it allows you to keep existing IPv4-only servers, and just run new ones on the same port but just for IPv6 connections. Or maybe the new server can simply proxy clients to the old one, making the IPv6 functionality easy and painless to add to old services.
For Linux, when writing a service that listens on both IPv4 and IPv6 sockets on the same service port, e.g. port 2001, you MUST call setsockopt(s, SOL_IPV6, IPV6_V6ONLY, &one, sizeof(one)); on the IPv6 socket. If you do not, the bind() operation for the IPv4 socket fails with "Address already in use".
There are plausible ways in which the (poorly named) "IPv4-mapped" addresses can be used to circumvent poorly configured systems, or bad stacks, or even in a well configured system might just require onerous amounts of bugproofing. A developer might wish to use this flag to make their application more secure by not utilizing this part of the API.
See: http://ipv6samurais.com/ipv6samurais/openbsd-audit/draft-cmetz-v6ops-v4mapped-api-harmful-01.txt
Imagine a protocol that includes in the conversation a network address, e.g. the data channel for FTP. When using IPv6 you are going to send the IPv6 address, if the recipient happens to be a IPv4 mapped address it will have no way of connecting to that address.
There's one very common example where the duality of behavior is a problem. The standard getaddrinfo() call with AI_PASSIVE flag offers the possibility to pass a nodename parameter and returns a list of addresses to listen on. A special value in form of a NULL string is accepted for nodename and implies listening on wildcard addresses.
On some systems 0.0.0.0 and :: are returned in this order. When dual-stack socket is enabled by default and you don't set the socket IPV6_V6ONLY, the server connects to 0.0.0.0 and then fails to connect to dual-stack :: and therefore (1) only works on IPv4 and (2) reports error.
I would consider the order wrong as IPv6 is expected to be preferred. But even when you first attempt dual-stack :: and then IPv4-only 0.0.0.0, the server still reports an error for the second call.
I personally consider the whole idea of a dual-stack socket a mistake. In my project I would rather always explicitly set IPV6_V6ONLY to avoid that. Some people apparently saw it as a good idea but in that case I would probably explicitly unset IPV6_V6ONLY and translate NULL directly to 0.0.0.0 bypassing the getaddrinfo() mechanism.
I am making an EventLog which will log the transaction log in my website. The details of the log will include the Public IP from where the transaction has orginated and also the local IP address (under the public IP).
I have found ways to obtain the Public IP Address, but i am unable to find out the local IP or machine IP from where the transaction is made.
A large number of entries will be done by people using the same connection. ie 5 or 10 computers connected to the same connection.
I need to find the machine IP (192.168.0.1 for 1 system 192.168.0.2 for the next) of the machines making the transactions and also the Computer name...
Is this possible
To clarify, you want the private IP address of a client when the client is connecting through a router? Then no, there isn't a way to do this.
Are you doing this purely to distinguish between different users?
Can you use another method like cookies?
If your client connects from behind a NAT or firewall you cannot reliably get his address or computer name. If you need such information then your protocol should request them as part of the request and the client machine should voluntarily provide them. There is no way to validate the information provided (short of deploying a trusted cryptographic infrastructure, ie. you establish a strong trust in the client machines themselves).
Sadly, the answer is no. No modern browser will present that private address in the HTTP transaction. The client's router which performs the NAT (Network Address Translation) offers only the public client IP address when making the IP connection.
Not likely. See a short discussion in http://javascript.about.com/library/blip.htm
Well yes we are doing this just to differentiate between the computers to know who is doing the entries...
Since you guys say that tracing the IP is not very reliable are there any other methods that i can use to do the same thing
I just need to know from which computer each entry is entered.
Any suggestions would be welcome
You are making the false assumption that there is a way to know from which computer each entry is entered. Nobody has the job of ensuring that this information exists. Often, it will not exist.
The only way to make sure each computer is uniquely identified is for you to identify it. You can do this through client certificates, for instance. In general, if you want each computer to have a unique identifier, then you need to create a unique identifier, then put it on that computer. You then need the computer to send that identifier back.
There is no other unique identifier for computers.
This is probably way beyond what you're looking for but it makes for an interesting read: Remote physical device fingerprinting
This allows you to uniquely identify a remote physical device without its cooperation, across NAT or whatever else you can imagine.