The new NBIOT demo modules from O2 - we are testing - they only accept an IP address as a broker host rather than URL [mqtt.googleapis.com]. If i run DNS lookup this is fine - but how stable is the IP address associated with the mqtt.googleapis.com ??
I have the DNS lookup here 74.125.201.206
How long will it remain stable / the same ??
stream {
upstream google_mqtt {
server mqtt.googleapis.com:8883;
}
server {
listen 8883;
proxy_pass google_mqtt;
}
}
Instead of the mqtt url i want to insert IP address
Why would you want to hard code the IP address? You are just setting yourself up for it to fail at the moment you can't fix it (e.g. while on vacation)
You shouldn't assume an IP address returned by a DNS query is good for any longer than the TTL value returned with the response.
Hostnames are a deliberate abstraction so you don't have to worry about if the IP address changes, be it due to a failure, maintenance, load balancing.
Just DON'T hardcode the IP address.
If the module you mentioned REALLY only accepts IP addresses then you need to raise a bug against the supplier saying this needs fixing, especially as this is for a field deployed device that you probably can't easily update once deployed.
Related
I'm trying to get the IPv4 from the URL below:
use url::{Url, Host};
use std::net::{SocketAddr, IpAddr};
fn main () {
let url = Url::parse("rtsp://admin:12345#192.168.1.178:10554/tcp/av0_0").unwrap();
let port = url.port().unwrap_or(554);
let ip_address = match url.host() {
Some(Host::Ipv4(ipv4)) => SocketAddr::new(IpAddr::V4(ipv4), port),
Some(Host::Ipv6(ipv6)) => SocketAddr::new(IpAddr::V6(ipv6), port),
None => panic!("missing host"),
_ => panic!(format!("only IP hosts are accepted. Your host: {:?}", url.host()))
};
println!("{}", ip_address);
}
Playground
but it panics:
thread 'main' panicked at 'only IP hosts are accepted. Your host: Some(Domain("192.168.1.178"))', src/main.rs:11:14
What is wrong? The host is clearly an ip address.
Looking a the bug tracker, I found IP is not recognized in RTSP url.
The answer is apparently that url follows / implements the URL Standard (which makes sense as it was developed in the context of Servo), and the URL Standard only requires IPv4 address recognition of a select number of schemes because those schemes (apparently) handle IPv4 addresses specially: https://github.com/servo/rust-url/issues/577
Specifically: the special schemes are ftp, http, https, ws, wss (there's also file but it's its own category), and the differences in host representation are that:
a special scheme's host can be ipv4, ipv6, or domain
a non-special scheme's host can be ipv6, opaque, empty, or null
url will in fact parse ipv6 for non-special schemes, though everything else it just dumps into Some(Domain(...)) (or None).
Anyway this means that if you get a Domain result, you probably want to try and parse it as an IP.
Incidentally, you don't have to format! to format your panic messages, panic! will do that internally.
I used symfony 1.4 to create my application.
I'd like to get the IP adress of the current server to put it within soap request
So, how can i get the IP address of the current server?
For most situations, using $_SERVER['SERVER_ADDR']; will work. If that doesn't work you can try $ip = gethostbyname(gethostname());
If you have access to the $request object and it is a sfWebRequest (typical request from a browser) you can use:
$request->getPathInfoArray()['SERVER_ADDR']
Premise of the following method: your domain name has only one IP resolution
Using PHP:
gethostbyname($_SERVER['SERVER_NAME'])
$_SERVER['SERVER_NAME']will generally return your domain name (server_name / ServerName is configured in Nginx / Apache server), and then use gethostbyname().
About $_SERVER['SERVER_ADDR'], it often return a LAN IP address (I only have one server, one domain name, no reverse proxy; cloud server).
About gethostname()
In the test, it returns the name of the server (host name, not the domain name you use), and then uses gethostbyname(), will return a LAN IP.
More can be used https://checkip.amazonaws.com/ Get the current IP.
By default, example.com resolve to 123.123.123.123,
But If I want it to be resolved to 100.100.100.100.
For http, I can simply change the url to http://100.100.100.100 with a header "Host: example.com".
But it's not working for HTTPS.(Error: SSL certificate problem: Invalid certificate chain).
My question is not why, and I do not want to skip the certificate validation.
How can I get the same effect in Objective-C like curl's
--resolve option:
--resolve <host:port:address>
Provide a custom address for a specific host and port pair. Using this, you can make the curl requests(s)
use a specified address and prevent the otherwise normally resolved address to be used. Consider it a sort
of /etc/hosts alternative provided on the command line. The port number should be the number used for the
specific protocol the host will be used for. It means you need several entries if you want to provide
address for the same host but different ports.
In other words, How to make custom DNS query in HTTPS requests in Objective-C?
When you are using https, the address that you use in your request, and the address given to you by the certificate returned by the server, must agree.
If you send a request to https://100.100.100.100 then the server must return a certificate for 100.100.100.100. Even if you connected successfully to https:// www.xyz.com, and www.xyz.com resolved to 100.100.100.100, connecting to https://100.100.100.100 isn't going to work, cannot work, and absolutely must not work, because the server will return a certificate for www.xyz.com and not for 100.100.100.100.
I see following options:
Use your own DNS server with corresponding configuration of host/ip entry
If you want to stick with Objective C, there is a guideline frome apple Overriding SSL Chain Validation Correctly
Use libcurl which supports the feature you mentioned: http://curl.haxx.se/libcurl/c/resolve.html
example
#include <stdio.h>
#include <curl/curl.h>
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
struct curl_slist *host = NULL;
/* Each single name resolve string should be written using the format
HOST:PORT:ADDRESS where HOST is the name libcurl will try to resolve,
PORT is the port number of the service where libcurl wants to connect to
the HOST and ADDRESS is the numerical IP address
*/
host = curl_slist_append(NULL, "example.com:80:127.0.0.1");
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_RESOLVE, host);
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
res = curl_easy_perform(curl);
/* always cleanup */
curl_easy_cleanup(curl);
}
curl_slist_free_all(host);
return (int)res;
}
Update:
Since author don't want to skip certificate validation this is not an option now:
You can try to ignore ssl certificate in AFNetworking in your case
I want to allow invalid SSL certificates with AFNetworking
I am developing a chat application.
But Right now chatting is possible with only google because I know only google's port no.
xmppClient = [[XMPPClient alloc] init];
[xmppClient addDelegate:self];
// Replace me with the proper domain and port.
// The example below is setup for a typical google talk account.
[xmppClient setDomain:#"talk.google.com"];
[xmppClient setPort:5222];
You can see that, google has set 5222 as port number.
Same way I want to set port no for yahoo, windows messenger & other popular sites, How can I get all these?
(Is it something like that - "XMPP is specific for Google ones" ? ? )
Kraken's Openfire Properties Page has the port and domain information you need. Just re-use and try with your application.
5222/tcp is the default port for XMPP, but your implementation may have a different one. To find out, you do a DNS SRV query for _xmpp-client._tcp.YOURDOMAIN, where you replace YOURDOMAIN with the domain you're trying to connect to. This will return 0+ records that have hostname/port combinations for how to connect. If you get 0 records back, assume port 5222.
For example, I want to connect to the GoogleTalk server, and log in with the account foo#gmail.com. My client performs the lookup that can be simulated with dig on the command line like this:
% dig +short -t SRV _xmpp-client._tcp.gmail.com.
20 0 5222 talk1.l.google.com.
20 0 5222 talk4.l.google.com.
5 0 5222 talk.l.google.com.
20 0 5222 talk3.l.google.com.
20 0 5222 talk2.l.google.com.
The result with the lowest priority number is 5 0 5222 talk.l.google.com., which means you open a TCP connection to talk.l.google.com on port 5222.
To make SRV queries from code, check out this answer, which relies on DNSServiceQueryRecord.
5222 is the default port for XMPP, but
your implementation may have a
different one. To find out, you do a
DNS server query for
_xmpp-client._tcp.DOMAIN_Name, where you replace DOMAIN_Name with the
domain you're trying to connect to(ex.
gmail.com,google.com,yahoo.com). This
will return 0+ records that have
hostName/port combinations for how to
connect. If you get 0 records back,
assume port 5222.
i want to check my server connection to know if its available or not to inform the user..
so how to send a pkg or msg to the server (it's not SQL server; it's a server contains some serviecs) ...
thnx in adcvance ..
With all the possibilities for firewalls blocking ICMP packets or specific ports, the only way to guarantee that a service is running is to do something that uses that service.
For instance, if it were a JDBC server, you could execute a non-destructive SQL query, such as select * from sysibm.sysdummy1 for DB2. If it's a HTTP server, you could create a GET packet for index.htm.
If you actually have control over the service, it's a simple matter to create a special sub-service to handle these requests (such as you send through a CHECK packet and get back an OKAY response).
That way, you avoid all the possible firewall issues and the test is a true end-to-end one. PINGs and traceroutes will be able to tell if you can get to the machine (firewalls permitting) but they won't tell you if your service is functioning.
Take this from someone who's had to battle the network gods in a corporate environment where machines are locked up as tight as the proverbial fishes ...
If you can open a port but don't want to use ping (i dont know why but hey) you could use something like this:
import socket
host = ''
port = 55555
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind((host, port))
s.listen(1)
while 1:
try:
clientsock, clientaddr = s.accept()
clientsock.sendall('alive')
clientsock.close()
except:
pass
which is nothing more then a simple python socket server listening on 55555 and returning alive