is there any way to retrieve the user client domain from the ALB access logs?
from AWS documantation there is a 'domain_name' attribute but it is indicates the requested server domain rather than the client domain.
i know that in nginx there is a domain attribute which indicates the domain of the client,
is there a way to retrieve client domain from the alb?.
As you've pointed out, ALB access logs do not provide client's dns name. Instead they return:
client:port - The IP address and port of the requesting client.
Thus, to get the domain name of the client, you would have to parse the logs, and "manually" get the domain based on the IP. For example, if python is used, there is gethostbyaddr which can be useful in getting the domain name from an IP address.
Related
I am running a Go server on cloud run which makes REST HTTP calls to a different public cloud run service B. When using custom domain mapping for service B, any requests to it error out with the following:
Get https://<mydomain_name>/api/health: dial tcp: lookup <mydomain_name> on 169.254.169.254:53: no such host
However, the requests work when using the automatically allocated cloud run URL instead e.g (https://<myservice_name>-xxxxxxx-ew.a.run.app)
I am able to access the mapped domain name on the browser and I can successfully dig it from my local terminal, from instances on different google cloud projects and from the cloud shell instance. However, querying the domain name servers for the domain name on any instances on the google cloud project hosting service B does not return correct results (fails with NXDOMAIN status).
To me it seems the domain is mapped correctly but I am not sure what is preventing my attempts to access the service using the domain name in code or using curl within the same google cloud project.
Any help will be appreciated.
NXDOMAIN is the internet’s blunt way of saying “the answer to your question doesn’t exist”. Technically, it’s saying that the domain name referenced in the Domain name System(DNS) query does not exist. NXDOMAIN, which stands for non-existent domain, is an answer that only an authoritative nameserver can return.
If you issue a query for a domain name that does not exist, Google Public DNS always returns an NXDOMAIN record, as per the DNS protocol standards. The browser should show this response as a DNS error.
On the other hand, if the domain name exists, nameservers and DNS resolvers will work to return the positive NOERROR response. The specific IP address answer to the DNS query will be returned as well. (It is also possible to receive a NOERROR response without any specific answers. This happens if the domain exists, but not the DNS record type requested.)
If, instead, you receive any response other than an error message (for example, you are redirected to another page), this could be the result of the following:
A client-side application such as a browser plug-in is displaying an alternate page for a non-existent domain.
Some ISPs may intercept and replace all NXDOMAIN responses with responses that lead to their own servers. If you are concerned that your ISP is intercepting Google Public DNS requests or responses, you should contact your ISP.
My rest API (node) is set up in AWS ECS behind a load balancer - super-long-aws-lb-url
I also have a domain registered and a subdomain for my backend which is set up as an A-record aliased to the load balancer; I access my rest API at something like data.mydomain.com/api/resource/{:id} - this is working as expected.
There's one endpoint that serves as a reverse proxy for accessing user-generated content - it's public and currently I can access it via
data.mydomain.com/api/content/public/{:id}
What I'd like to do is create a "pretty" url to just that endpoint in route53 so that the public endpoint becomes available via content.mydomain.com/{:content-id}
So far I've tried setting up this subdomain as a CNAME pointing directly to the string value composed of ALB URL + endpoint
content.mydomain.com -> super-long-aws-lb-url/api/content/public/
I expect that this will allow me to access that content at http://content.mydomain.com/{:content-id} but I get a Server Not Found error
Next I tried setting it up as an A-Record with an alias, but since it needs a resource with an IP address, I'm forced to select an AWS resource from a dropdown, and I'm back to using the load balancer without bypassing the global prefix (api) and the resource URL (content/public)
Is there a way to point a subdomain directly to an API endpoint in AWS?
Amazon Route 53 is a Domain Name Service (DNS).
DNS is used to resolve a domain name (eg data.mydomain.com) to an IP address, which allows traffic to be sent to a specific computer.
DNS only covers the domain name. It does not include anything after the slash.
Therefore, you can not use Amazon Route 53 to point to a 'path' (eg /api/content/public/).
Such redirection would be the job of any software running on the target computer. You can likely configure this in your web server software.
I have just created my aws instance on windows server 2012 R2 for running my website. Problem is, i want to resolve my public IP address to my domain name.For example, my aws public IP address is 1.2.3.4 and i want it to show as my own company domain
This answer may seem strange because of the way it works, but it is from an official source and it does accomplish what you want -- setting a reverse DNS record on an elastic IP address. The address will remain associated with your account and can't be inadvertently released unless you subsequently undo this configuration.
You can now provide us with a configurable Reverse DNS record for any of your Elastic IP addresses. Once you’ve supplied us with the record, reverse DNS lookups (from IP address to domain name) will work as expected: the Elastic IP address in question will resolve to the domain that you specified in the record.
https://aws.amazon.com/blogs/aws/reverse-dns-for-ec2s-elastic-ip-addresses
You'll be sending a request to AWS support to configure this mapping.
The unexpected part of the solution, however, is the reason stated on the form that you use to send the request to AWS support...
https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
...it's actually the request form to remove the outbound SMTP port 25 restriction on your Elastic IPs... but part of the process is to assign reverse DNS entries to EIPs that you specify.
Suppose that I have an account on a server with an address http://www.xxx.xxx/~account.
Because of some restriction on the server xxx.xxx, I set up a new AWS server with my own domain http://my.domain.xxx.
However, it looks like the new domain doesn't sufficiently represent my identity, so I was wondering if I could assign the address http://www.xxx.xxx/~account to the AWS server.
Is this possible? If so, how can I do that?
Set the A record of your www.xxx.xxx to the IP of the EC2 server hosting your website and set up a Virtual Host in your web server configuration to handle requests for that domain name.
I have a application hosted in amazon EC2 instance. My application runs at http://ec2...compute-1.amazonaws.com/index.html. We also have a domain registered as sovan.test.com. WE want to use Route53 for redirect/open http://ec2...compute URL when user used the registered domain name. How can we do this?
We are getting an error that we can not host anything with index as back. and also it do not detect http:.
Please give some advice.
Thanks
Amazon Route53 is a Domain Name Service, which can resolve names into IP addresses. For example, if a user types www.foo.com, it can return the IP address of a web server of load balancer that will respond to a request.
Note that is only resolves the domain, which is the initial part of an address. It does not resolve the path portion of a URL. For example, going to www.foo.com/index.html will result in resolving www.foo.com to an IP address, then sending a request for the index.html page to that server. The index.html portion is not part of the DNS resolution.