Announcement

Collapse
No announcement yet.

Resolve host name to multiple IP

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Resolve host name to multiple IP

    I need a way to fetch all the IP addresses a hostname may resolve to

    Code:
    HOST ADDR ftp.example.com to ip&
    Will give me 1 ip address, but if there are redundant ISP links to the server, I would like to have both of them. How best to approach this? I found (old) code in the forum for resolving MX records, which I can probably adapt. I'm just hoping this is a bridge someone else has already crossed and is willing to share the code.

    Thanks.
    Real programmers use a magnetized needle and a steady hand

  • #2
    I might be wrong but I'd expect that a single FQ DNS will only resolve to a single IP Address. There might be a load balancer or an anti-DDOS device in front of it that might redirect to another IP but only it would know those details as part of it's configuration.

    If you are referring to IP Addresses for sub-domains you would need to know all the sub-domains to fetch the IP Addresses.
    <b>George W. Bleck</b>
    <img src='http://www.blecktech.com/myemail.gif'>

    Comment


    • #3
      Good practice for service hosting (mail, web, ftp) is to have redundant inbound ISP links. Each FQDN should have at least two DNS entries (one from each ISP). Smart programs can then retrieve both options, and if one doesn't work, it will use the other. Kinda like having multiple MX records for your domain; if one IP address is unresponsive the SMTP mechanism will try the other. a load balancer will work for outbound traffic, or to steer inbound traffic from multiple links to a single internal host, but won't help the sender (client) if one of those links is down.

      I'm trying to make my program smart enough to know all the possibilities for a given host name (rather than the single response of HOST ADDR), so I can round-robin my way through them when trying to connect.
      Last edited by Bud Durland; 25 Jun 2019, 12:31 PM. Reason: typos
      Real programmers use a magnetized needle and a steady hand

      Comment


      • #4
        I might be wrong but I'd expect that a single FQ DNS will only resolve to a single IP Address.
        I just started playing around with this this other day. I need to 1) get both IPv4 and IPv6 addresses from DNS and 2) need to, in some circumstances, reduce the normal timeout period from the default of around 10 seconds if the lookup fails (bad URL). A DNS query can, it seems, return multiple address records. For instance, when querying www.att.com for an IPv4 address, a single A resource record is returned. However, when querying the same URL for an IPV6 address, 2 AAAA resource records are returned. I'm still trying to figure this stuff out.

        Comment


        • #5
          Originally posted by George Bleck View Post
          I might be wrong but I'd expect that a single FQ DNS will only resolve to a single IP Address.
          Both is possible in theory. One IP address assigned to multiple host names (A records) and multiple IP addresses assigned to one host name.

          Think of it: you can a) add as many A (or CNAME) records to a DNS server pointing to one IP address as you see fit. And b) you can also assign multiple different IP addresses to a NIC.

          Comment


          • #6
            Knuth, what you said is not really apples to apples. Many DNS entries to 1 IP Address is quite normal. Also, having more than 1 IP Address on a NIC is not what is being raised here and technically also has nothing to do with DNS per se. The statement here is 1 DNS having multiple IP Addresses during resolution.

            This is DNS being used to allow fault tolerance / load balancing. Although in fault tolerance I'd think you would want to swing the DNS to the another IP Address not have DNS just hand it out directly. A DNS server might give you a round-robin of IP Addresses but that's load balancing. The issue is that it's the function of the DNS and not something your app can query directly (except potentially by multiple calls) - hence why I was saying it might not be capable.
            <b>George W. Bleck</b>
            <img src='http://www.blecktech.com/myemail.gif'>

            Comment


            • #7
              This is DNS being used to allow fault tolerance / load balancing.
              This is my specific interest. For this project, a "client" application is concurrently connected to two peer servers for load balancing and fault tolerance. The client monitors the status of those servers and links, and routes traffic accordingly. The servers should not be running on the same NIC, machine, site, city, country, etc. - which would reduce the level of fault tolerance in a platform. However, the client needs to discover those redundant servers to get started.

              Comment


              • #8
                Originally posted by Jerry Wilson View Post

                This is my specific interest. For this project, a "client" application is concurrently connected to two peer servers for load balancing and fault tolerance. The client monitors the status of those servers and links, and routes traffic accordingly. The servers should not be running on the same NIC, machine, site, city, country, etc. - which would reduce the level of fault tolerance in a platform. However, the client needs to discover those redundant servers to get started.
                I don't see how you can "discover" those redundant servers in that situation. The "client" needs to be told the IP addresses of those peer servers to route appropriately.

                How will the client route the traffic? Is it a DNS server or an actual router?

                Comment


                • #9
                  Originally posted by Stuart McLachlan View Post

                  I don't see how you can "discover" those redundant servers in that situation. The "client" needs to be told the IP addresses of those peer servers to route appropriately.

                  How will the client route the traffic? Is it a DNS server or an actual router?
                  Therein is what I'm trying to do.. In my case, I need to be able to connect to the FTP server at a supplier's site. They have redundant ISP links, but no official load balancer. There is a DNS record for their FTP server on both ISP links, so "ftp.example.com" may resolve to an external address of 1.2.3.4 or 5.6.7.8, depending on the whim of the (off site) DNS servers. Their firewall then routes the traffic from the incoming port to the internal FTP server. I want to be able to get a list of all the external IP addresses that 'ftp.example.com' could resolve to, then try one after the other until I get a connection.

                  Real programmers use a magnetized needle and a steady hand

                  Comment


                  • #10
                    Originally posted by Stuart McLachlan View Post

                    I don't see how you can "discover" those redundant servers in that situation. The "client" needs to be told the IP addresses of those peer servers to route appropriately.

                    How will the client route the traffic? Is it a DNS server or an actual router?
                    My example was flawed. In my case, there will probably be two "logical" servers - each with a separate URL (e.g. server_1.mynet.com, server_2.mynet.com). And those servers should be physically separated. In turn, the logical servers could be a cluster of concurrent, peer applications running on one or more VMs or physical machines, and distributing work for that logical server/cluster. So, a client application will know the URL for both logical servers and can "discover" the IP addresses for each of those servers with, at least, two DNS queries. The client will then select one of the candidate IP addresses for each server and connect to each of them.

                    This means that the client application doesn't need to be configured with the IP addresses of the servers - it can rely on DNS to retrieve that information. It may also provide a level of disaster recovery. For example, a standby server, with a different IP address, could running at a third site. If one of the "primary" servers fails, an integrated NMS could configure the backup server and then post a change to DNS - pointing the URL for the failed server to the backup server. I suspect that this is not a novel idea (it's too obvious).

                    I suspect load balancers could be employed but the network model cannot require them.

                    As I mentioned earlier, I'm still trying to figure out how all of this stuff works, and I appreciate the feedback.

                    Comment


                    • #11
                      Originally posted by Bud Durland View Post

                      Therein is what I'm trying to do.. In my case, I need to be able to connect to the FTP server at a supplier's site. They have redundant ISP links, but no official load balancer. There is a DNS record for their FTP server on both ISP links, so "ftp.example.com" may resolve to an external address of 1.2.3.4 or 5.6.7.8, depending on the whim of the (off site) DNS servers. Their firewall then routes the traffic from the incoming port to the internal FTP server. I want to be able to get a list of all the external IP addresses that 'ftp.example.com' could resolve to, then try one after the other until I get a connection.
                      You are actually going "against the wishes" of the system, the system being DNS. DNS resolves to a specific IP address for a reason, that's what it wants you to use. Potentially you can continually flush your DNS cache then re-resolve and see if you get something different, but DNS is what is giving you the IP Address so if DNS is not doing a round robin or a failover scenario has not switched to an alternate IP you are at the whim of what DNS gives you.
                      <b>George W. Bleck</b>
                      <img src='http://www.blecktech.com/myemail.gif'>

                      Comment


                      • #12
                        Originally posted by George Bleck View Post
                        Knuth, what you said is not really apples to apples. Many DNS entries to 1 IP Address is quite normal. Also, having more than 1 IP Address on a NIC is not what is being raised here and technically also has nothing to do with DNS per se. The statement here is 1 DNS having multiple IP Addresses during resolution.
                        Let me introduce you to DNS Round Robin.

                        Comment


                        • #13
                          Originally posted by George Bleck View Post

                          You are actually going "against the wishes" of the system, the system being DNS. DNS resolves to a specific IP address for a reason, that's what it wants you to use. Potentially you can continually flush your DNS cache then re-resolve and see if you get something different, but DNS is what is giving you the IP Address so if DNS is not doing a round robin or a failover scenario has not switched to an alternate IP you are at the whim of what DNS gives you.
                          Not really; in this case, DNS can resolve to 2 specific IP addresses; I simply want to know both of them. DNS "knows" that 'ftp.example.com" will resolve to BOTH 1.2.3.4 and 5.6.7.8. I need to figure out how to get it to divulge both of these addresses. Sites like dnsstuff.com can do it by querying DNS, (example for my company's mail server here). Maybe I'll just revisit the 'MX query' code here in the forum to see if it can be modified. Or maybe SocketTools can do it.
                          Real programmers use a magnetized needle and a steady hand

                          Comment


                          • #14
                            Originally posted by Bud Durland View Post
                            DNS "knows" that 'ftp.example.com" will resolve to BOTH 1.2.3.4 and 5.6.7.8. I need to figure out how to get it to divulge both of these addresses.
                            You can't it's entirely up to the person who configures the DNS server to decide what response to give to a request for the A record for ftp.example.com. You have no control over that,

                            Sites like dnsstuff.com can do it by querying DNS (example for my company's mail server here).,
                            No they can't. See above. Asking for the A record for your comany's mail server only returns one IP address in response.. A mail server's MX records are a different matter entirely. They are designed to be multi valued, that's why there is provision for a Priority/Preference value in them (and they return a name which is tied via an A or CName record to an IP address.

                            Comment


                            • #15
                              Originally posted by Stuart McLachlan View Post
                              No they can't. See above.
                              Sorry, I remain unconvinced. I see too many examples of programs that can return multiple IP's for a host name. The DNS server for my work domains is configured so that each host name that is externally resolvable has two IP addresses. I'm at home now, so I'm 'external' to work. When I use NSLOOKUP I get both addresses for the mail server:

                              Code:
                              C:\Users\Bud>nslookup
                              Default Server:  <redacted>
                              Address:  192.168.1.1
                              
                              > set type=a
                              > mail.mrpcap.com
                              Server:  <redacted>
                              Address:  192.168.1.1
                              
                              Non-authoritative answer:
                              Name:    mail.mrpcap.com
                              Addresses:  64.19.80.245
                                        216.130.229.52
                              I suppose I could do some kind of kludgy code to redirect NSLOOKUP output to a file, then parse it. Or maybe I'll learn how to make the DNS calls.
                              Real programmers use a magnetized needle and a steady hand

                              Comment


                              • #16
                                Well here is a pointer to the API you might want to look at...

                                https://docs.microsoft.com/en-us/win...dns-dnsquery_a
                                <b>George W. Bleck</b>
                                <img src='http://www.blecktech.com/myemail.gif'>

                                Comment


                                • #17
                                  Using WinAPI DnsQuery mentioned by George
                                  retrieve type A DNS record(s)

                                  Code:
                                  #COMPILE EXE 'PBWIN10
                                  #DIM ALL
                                  #INCLUDE "WIN32API.INC"  'Jose Roca includes
                                  #INCLUDE "IpTypes.inc"
                                  #INCLUDE "WinDns.inc"
                                  
                                  FUNCTION PBMAIN () AS LONG
                                  LOCAL lResult    AS LONG
                                  DIM arDNSrec(0)  AS LOCAL ASCIIZ * %MAX_HOSTNAME_LEN
                                  
                                      lResult = MyDNSQuery ("mail.mrpcap.com", arDNSrec())
                                  
                                      MSGBOX JOIN$(arDNSrec(), $CRLF)
                                  
                                  END FUNCTION
                                  
                                  FUNCTION MyDNSQuery (BYREF sDomain AS ASCIIZ, BYREF arDNSrec() AS ASCIIZ * %MAX_HOSTNAME_LEN) AS LONG
                                  LOCAL lReturn           AS LONG
                                  LOCAL lpResults         AS DWORD
                                  LOCAL lpDNSRecord       AS DNS_RECORD PTR
                                  LOCAL lpARecord         AS DNS_A_DATA PTR
                                  
                                      IF UBOUND(arDNSrec()) - LBOUND(arDNSrec()) <> -1 THEN
                                          ERASE arDNSrec()
                                      END IF
                                  
                                      lReturn = DnsQuery (sDomain, %DNS_TYPE_A, %DNS_QUERY_STANDARD, BYVAL(0), BYVAL VARPTR(lpDNSRecord), BYVAL(0))
                                  
                                      IF lReturn = %ERROR_SUCCESS THEN
                                          lpResults = lpDNSRecord
                                          DO WHILE lpDNSRecord <> 0
                                              lpARecord = VARPTR (@lpDNSRecord.Data)
                                              IF UBOUND(arDNSrec()) - LBOUND(arDNSrec()) = -1 THEN
                                                  REDIM arDNSrec (0 TO 0)
                                              ELSE
                                                  REDIM PRESERVE arDNSrec (0 TO ARRAYATTR (arDNSrec(), 4))
                                              END IF
                                              arDNSrec (ARRAYATTR (arDNSrec(), 4) - 1) = IPLongToString(@lpARecord.IpAddress)
                                              lpDNSRecord = @lpDNSRecord.pNext
                                          LOOP
                                          DnsRecordListFree (lpResults, %DnsFreeRecordList)
                                          lReturn = %TRUE
                                      END IF
                                      FUNCTION = lReturn
                                  END FUNCTION
                                  
                                  FUNCTION IPLongToString(BYVAL IPaddress AS LONG) AS STRING
                                    DIM IPAddr  AS BYTE PTR
                                    IPAddr = VARPTR(IPaddress)
                                    FUNCTION = USING$("#_.#_.#_.#", @IPAddr, @IPAddr[1], @IPAddr[2], @IPAddr[3])
                                  END FUNCTION

                                  Comment


                                  • #18
                                    Originally posted by Stuart McLachlan View Post
                                    A mail server's MX records are a different matter entirely. They are designed to be multi valued, that's why there is provision for a Priority/Preference value in them (and they return a name which is tied via an A or CName record to an IP address.
                                    The way you put it is not quite right.

                                    A mail server doesn't have a MX record. A domain has 0-n MX records, where each MX record preferably points to a different host name (i.e. primary and backup mail server). And those host names in turn then have either a A or CNAME record.

                                    MX records

                                    Code:
                                    1    powerbasic.com    MX    spamx3.sitedart.net    198.7.58.153    Preference: 30    Answer    
                                    2    powerbasic.com    MX    spamx1.sitedart.net    38.89.254.79    Preference: 10    Answer    
                                    3    powerbasic.com    MX    spamx4.sitedart.net    95.216.36.251    Preference: 40    Answer    
                                    4    powerbasic.com    MX    spamx2.sitedart.net    62.212.72.235    Preference: 20    Answer
                                    A / CNAME records for those hosts

                                    Code:
                                    1    spamx3.sitedart.net    A    spamx3.sitedart.net    46.165.224.87    
                                    2    spamx3.sitedart.net    A    spamx3.sitedart.net    46.165.224.87    
                                    3    spamx3.sitedart.net    A    spamx3.sitedart.net    198.7.58.151    
                                    4    spamx3.sitedart.net    A    spamx3.sitedart.net    198.7.58.151    
                                    5    spamx3.sitedart.net    A    spamx3.sitedart.net    198.7.58.151    
                                    6    spamx3.sitedart.net    A    spamx3.sitedart.net    198.7.58.151    
                                    7    spamx3.sitedart.net    A    spamx3.sitedart.net    198.7.58.151    
                                    8    spamx1.sitedart.net    A    spamx1.sitedart.net    85.25.237.90    
                                    9    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    10    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    11    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    12    spamx1.sitedart.net    A    spamx1.sitedart.net    149.13.73.46    
                                    13    spamx1.sitedart.net    A    spamx1.sitedart.net    149.13.73.46    
                                    14    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    15    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    16    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    17    spamx1.sitedart.net    A    spamx1.sitedart.net    85.25.237.90    
                                    18    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    19    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    20    spamx1.sitedart.net    A    spamx1.sitedart.net    85.25.237.90    
                                    21    spamx1.sitedart.net    A    spamx1.sitedart.net    149.13.73.46    
                                    22    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    23    spamx1.sitedart.net    A    spamx1.sitedart.net    85.25.237.90    
                                    24    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    25    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    26    spamx1.sitedart.net    A    spamx1.sitedart.net    149.13.73.46    
                                    27    spamx1.sitedart.net    A    spamx1.sitedart.net    85.25.237.90    
                                    28    spamx1.sitedart.net    A    spamx1.sitedart.net    149.13.73.58    
                                    29    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    30    spamx1.sitedart.net    A    spamx1.sitedart.net    38.89.254.82    
                                    31    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    32    spamx1.sitedart.net    A    spamx1.sitedart.net    5.79.86.41    
                                    33    spamx4.sitedart.net    A    spamx4.sitedart.net    209.58.136.65    
                                    34    spamx4.sitedart.net    A    spamx4.sitedart.net    209.58.136.65    
                                    35    spamx4.sitedart.net    A    spamx4.sitedart.net    209.58.136.65    
                                    36    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172    
                                    37    spamx2.sitedart.net    A    spamx2.sitedart.net    95.216.37.110    
                                    38    spamx2.sitedart.net    A    spamx2.sitedart.net    95.216.37.110    
                                    39    spamx2.sitedart.net    A    spamx2.sitedart.net    95.216.37.110    
                                    40    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172    
                                    41    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172    
                                    42    spamx2.sitedart.net    A    spamx2.sitedart.net    95.216.37.110    
                                    43    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172    
                                    44    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172    
                                    45    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172    
                                    46    spamx2.sitedart.net    A    spamx2.sitedart.net    85.25.237.172

                                    Comment


                                    • #19
                                      Originally posted by Rod Macia View Post
                                      Using WinAPI DnsQuery mentioned by George
                                      retrieve type A DNS record(s)
                                      Perfect! just what i was looking for. many thanks!

                                      Real programmers use a magnetized needle and a steady hand

                                      Comment


                                      • #20
                                        Originally posted by Knuth Konrad View Post

                                        Let me introduce you to DNS Round Robin.
                                        And to DNS Hijacking.

                                        As I was playing with low-level DNS agent code, I noticed that obviously bogus URLs (e.g. www.this_is_bogus.com) we're being resolved by Level3 DNS servers to IP addresses 23.202.231.167 and 23.202.231.167. These appear to be belong to Akamai Techologies - a content deliver network (CDN). I'm beginning to think that using URLs for client configuration is not worth the effort.

                                        Comment

                                        Working...
                                        X