My server has two IP addresses. If I have two Crystal apps for example, how can I make each of them to work with specified IP address?
You can specify the bind address of TCP/HTTP servers in their constructor, however its currently impossible to specify the bind address of an outbound TCP or HTTP connection in crystal.
Related
Trying to create tcp socket connection between via an Ipv6 address, I get Network is unreachable (os error 101)
As a binding local address is used fe80::850***.
Probably it's because of fe80*** is local ipv6 address generated by OS. Is there a way to provide correct configuration for system to make a call via IPv6?
Short answer:
Your IPv6 connectivity is not setup correctly. This is most probably no configuration problem on your machine, but on the gateway router.
Long answer:
You get a "Network is unreachable" error because your operating system does not know how to reach the destination address. Usually it maintains a table called the routing table, where it looks up which network path leads to which ip subnet. It seems that in your case, there are several things missing.
Your interface probably has no configured non-link-local (fe80::/64) address
There is no routing table entry for the destination address range
In the IPv4 world these missing things are usually resolved by a DHCP server. In the IPv6 world, there are two possible configuration options. Either DHCPv6 is used or the IPv6 Stateless Address Autoconfiguration is used. It seems that neither is setup in your network. Note that correctly setting up one of these requires you to have administrative access to your gateway router.
As it required quite long time to find the main reason of the problem, will try to share the solution/investigation steps:
To make sure ipv6 is not configured properly just run 'ping6 ipv6.google.com'. It should return some error message like 'connect: Network is unreachable' or just stuck.
AWS ec2 instances by default are not assigned ipv6 global routable addresses(only ipv4 is assigned). Ipv6 addresses like 'fe80:*' are local routable and can't be used for global requests. To check the list of ip addresses, check eth0 config /sbin/ifconfig. Btw, AWS provides interface to generate global routable ipv6 address for ec2 instance (just check vpc/ec2 console pages - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-migrate-ipv6.html)
Check security group of ec2 instance and make sure that in route table ipv6 traffic is allowed.Specifically inbound and outbound rules should include '::/0' for ipv6(or one of them based on the need).
Try 'ping6 ipv6.google.com' again
Run the following command to check whether IPv6 is enabled:
ip addr
If only an IPv4 address is displayed, IPv6 is disabled. Enable it by referring to this tutorial.
If a link-local address (starting with fe80) is displayed, IPv6 is enabled but dynamic assignment of IPv6 addresses is not enabled.
If an IPv6 address other than fe80 is displayed, IPv6 is enabled and an IPv6 address has been assigned.
I use socket connection to create client-server program. The server code have to wait for connection from client ip address.
server_address.sin_family = AF_INET;
server_address.sin_addr.s_addr = inet_addr("192.168.1.6"); //client ip address
Can I get connection from any ip address not specific ip address to 192.168.1.6 ?
The address you specify isn't the client's IP address, it's the address of the interface on your own host that it's going to listen on.
So, to listen only on localhost, you specify 127.0.0.1. To listen on the external interface that the outside world can see, you can specify that address.
Or, you can specify an address of 0.0.0.0, so a client can connect via any available interface.
Note that although it may initially seem a little crazy, it can actually make perfect sense to listen only on localhost. This lets you "cheat" a little bit on security. Instead of trying (and most likely failing) to do security on your own, an outside user forms an SSH tunnel to your computer, then has their client connect to your server through that tunnel. Your server only has to do its thing, and leaves all the authentication, privacy, etc., to SSH.
I am attempting to connect to my instance via PuTTY but when I attempt to connect with the inbound rule set to my private range (i.e 192.168.2.0/24) it just won't work. When I set it to the insecure 0.0.0.0/24 all is fine. Can anyone explain, or solve this issue. I am running Windows 7 with all current updates. My IP address is not static.
The 192.168.0.0/16 CIDR range is considered a private network, which means it is not routable. This also means that AWS, when receiving the connection from the PuTTY client on your machine (which might have an IP address of 192.168.2.1, for example), does not see the remote address of that connection as the IP address of your server. Instead, AWS probably sees the remote address of that incoming connection as being an IP address from your ISP. That's why allowing "0.0.0.0" as the inbound rule works; it allows incoming addresses from everywhere.
To find out what CIDR range to use as a more restrictive inbound range for your AWS security groups, you might connect in to your instance, then do:
$ env | grep SSH_CONNECTION
SSH_CONNECTION=1.2.3.4 54068 5.6.7.8 22
In particular, you are looking for the SSH_CONNECTION environment variable. Per the ssh man page, the SSH_CONNECTION environment variable
Identifies the client and server ends of the connection.
The variable contains four space-separated values: client IP address,
client port number, server IP address, and server port number.
Thus the first part of the value, the "1.2.3.4" in my contrived example, would show you the IP address that AWS sees your PuTTY connection as coming from; you can then use that IP address as the basis for a CIDR range.
Hope this helps!
I have a web service running on aws under the following URL http://"54.194.164.164:8080"/webapi and the instance is associated with an Elastic IP 54.194.164.164. Now i want to add a DNS record so that i can access this easily like htttp://demo.mydomain.com/webapi.
what i have done so far is, i have added an A record called demo.mudomain.com to 54.194.164.164 in the Godaddy DNS console but still i cant access demo.mydomain.com/webapi.
Can you please guide me what i have to do where i can access the web service easily as demo.mydomain.com/webapi
Thanks
saththiyan
You can't do this. DNS maps names to IP addresses but not ports.
If you are going to access HTTP at an address it has to be:
Bound to the default port (80) if you don't want to specify the port.
Specified in the URL if it is a different port.
If you are trying to do this for an "easier" address you'll have to use port 80. If that is used by something else you are stuck with nominating a specific port.
You could consider assigning another ip address and setting up an address like api.mydomain.com to point to it. That way you could use http://api.mydomain.com/webapi by binding the API to that address rather than http://demo.mydomain.com which you are presumably using for something else.
So I have a system using ZeroMQ as the message controller and because it doesn't allow you to find information about a clients address that is connecting or sending messages I need to pass in self identifying information containing port and ip address of the node. However I'm not sure the best way of doing this.
I'm stuck because if they connect using an internal ip address for the network I would obviously need to use that ip address but if its going over WAN then I need the public ip address. What is the best way of communicating the ip address of the machine without knowing whether or not you are connecting to a local machine or a machine over WAN