Using C# how would one determine if a URL is an intranet URL? I would like some code to do something if a URL is an intranet one vs public.
you cannot implicitely know. if your intranet urls look like fully qualified domain names then it's difficult to tell. the only way to tell is to query two different DNS-servers (your own and a public one). If both return the same result, then it's an internet domain. if the public DNS-server isn't able to resolve the address, then it's most likely an intranet domain.
Do you know the internal subnets (in terms of IP addresses)? If so, I'd just resolve the host name and see if it's internal that way.
if the url resolves to a tcpIp address which is one of the IP addresses set aside as a private IPAddress, then it is definitely on your Intranet. these are
10.xxx.xxx.xxx,
172.16.xxx.xxx through 172.31.xxx.xxx, and
192.168.xxx.xxx
if it resolves to any other IP address it might still be on your intranet, but it has a public IP address so it is potentially accessible from outside the Intranet
The simple, and not perfect but works for the 80% case is to simply check if the URL has a period in it. I know Intranet URLs can be fully qualified, but in my experience (at Microsoft) most do not, and this works pretty well.
In general, there is no reliable way to tell an intranet URL from an Internet URL. If the intranet is available to your program, then it will look just like the Internet, and if not, then you still won't know whether the URL is supposed to be a working intranet URL or is just a (temporarily) broken Internet URL.
You will need some special knowledge, such as the domain names or IPs of the servers that are providing the intranet, in order to tell them apart.
If you want to determine whether any given URL is an intranet url in any company (as opposed to specializing your code for one particular company), I wish you luck.
Usually, but not always, itranet urls do not have a TLD (Top Level Domain, such as .com). However, I've seen some that do.
Almost always (AFAIK), intranet domains will resolve to a similar IP address as the computer's current address. Note that I did not say the same subnet; large intranets can have multiple subnets. Also note that if the computer is not in a corporate intranet, there will be regualr domain names that resolve to similar IP addresses. (Unless the computer is behind NAT)
I am not a C# programmer, so I can't offer you code, but the basic method would involve comparing the hostname part of the URL to that of server(s) in your intranet. Or, if your URL just uses an IP not a DNS name, compare the IP to that of your intranet server(s).
Crack the URL using string manipulation - though I imagine C# must have a URL class that will do this for you - and extract the hostname, compare it to a list of servers.
You could interrogate internet explorer to see if the domain would match the list of accepted intranet domains.
Registry key is HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
There if the domain has a value for 1 for the protocol it will be deemed an intranet domain. You'll need to perform a nslookup to gather the 'real' address.
To add to what others have said, Intranet do not have any of the know top-level domain in its address. I've worked in a few companies and all the Intranet were something like:
http://developments/admin - you will notice that there's no top-level domain at all. So, it resolves to a computer within the network. Again, as the name suggests, you are not likely to access it beyond the corporate environment.
Related
There's a similar question ( Can I temporarily override DNS resolution within a .NET application? ) but I just can't figure it out with the meager response there.
Background info
I have a server set up in my home network, an old computer. Our router has the right ports forwarded, the server runs server software for things like http, svn, games, etc. I've got a domain name registered that always points to our external IP address. For all intents and purposes, I've got a typical webserver set up. My friends can game on my server by connecting via the domain name, I can push and pull svn projects, etc.
The only problem is that I also need to use my server when I'm connected to my home network (the same network as the server). Using the domain name results in Windows resolving it to our own IP address, and my router is too retarded to realize it just needs to forward it back into our network to the server as per the usual. I've done some looking around, configuring, telnetting and DNS overriding, but I have it on good authority that our ISP apparently crippled the DNS override feature of their routers to prevent this exact scenario. Apparently they don't like internal loopbacks.
I now basically have to keep 2 configs for each of my server's services: one config that specifies the domain name for when I'm abroad, and a second that specifies the server's internal IP for when I'm at home. It's frustrating because it just isn't always possible.
I want to instantiate a global DNS resolution request/response listener that will do the following: if the requested domain name matches a given string, override the IP in the response with one of my choice.
I've looked things up like easyhook, dllimport, msdn pages, etc, but I still can't figure out where to actually start, which classes I need to get access to, and so on. I basically have no pre-existing code for this particular problem.
I have Visual Studio, years of relatively simple programming experience and a good understanding of unfamiliar code and everything else, just no idea how to start or what to look for.
Many thanks for anything that can get me going.
Couple of pointers, DNS is as you mentioned some server somewhere that knows how to resolve a Domain name to an IP ADDRESS. There are two types of responses 1) Definitive for the domain and 2) Not Definitive for the Domain. Obviously any Definitive response will win.
DNS does not run at TCP/IP layer it runs one layer below using UDP (port 53). As a result DNS is tied into the TCP/IP stack whereby the stack first looks locally to a local host table and sees is the name is there, if it cannot find it the stack will send out the DNS request prior to the session start or SYN packet flying. In order for this to happen, the DNS servers must resolve the address.
I do not fully understand your issue because most Windows servers only have 1 IP Address and one associated Domain name. Unless of course they are using DHCP which just means the server uses multiple address on boot up and DNS server receive updates to what those new address are.
Public vs. Private IP addresses are the responsibility of a router. The router is configured to do NAT (Network Address Translation). This allows a private server to have unroutable addresses like 10.10.1.100 etc. But the router will answer ARPs for the public address making the public network think the router is the public address. So one of your solutions could be to convert your server to a private address and use a "real" router that can perform NAT. Port forwarding is not really routing rather it's a way to "trick" packets destined for one port number to be forwarded to another port dedicated for that application.
My suggestion is to either follow the suggestions above or add the Domain names you want to the local Host table on the server. This will get you what you want. A better solution is to configure your own server to be a DNS server definitive for your domain, that way you get to control everything.
I ended up solving this with (as a few have suggested) the hosts file after all.
I first used ManagedWifi to set a network connection monitor. It detects changes to my connection status and reports the network name.
Then I wrote a console app that stays open (using Hidden Start allows me to hide the window) and safely modifies the hosts file, then flushes the DNS cache. This seems to work in pretty much realtime. :)
I don't know about networking, but I ask my sysadmin to host my application into subdomain at our official site, for example the official site of my office is downtoearth.com. And then he just ask IP address of my computer where I developed my application, then he said that my application already accessible from myapp.downtoearth.com
I can open my application from that domain, but my problem now is when I try to get my current URL, it give me IP address of my computer. I tried using HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) and HttpContext.Current.Request.Url.Host but it give me the same result, what I want is my domain myapp.downtoearth.com/ not my IP address. Is there some ways to solve it?
My internet office use Proxy, so my computer didn't have an IP public. Of course if it give IP address of my computer, it will get error 404 not found. I use Razor MVC4 and IIS 8.
Sorry if there is some misspelling, English is not my default language and this is my first question at stackoverflow. I hope you understand my problem.
Probably your application is behind some load balancer. You shouldn't use the Request.Url as this is not working as it is expected in all circumstances. In your case the request is treated as local and this is why Url is your IP. Instead you can use Request.UserHostName. Please find this link
I'm writing a program that is accessed from a local network and also from the outside. I have to identify local and outside requests in order to give different functionality to each. Is that possible?
An alternative is to document the IP addresses of all the local computers and to get the IP address of the client thru Request.ServerVariables["Remote_ADDRS"] and compare them, if the request IP address doesn't match that means the request is not local. That seems to be awkward and inefficient because I would have to save all local addresses and any new computer would have to be regestered.
Is there a simple way to identify if a request is coming from the local network or from the outside?
Thank you!
Your network administrator will be able to tell you the IP range of the internal network. Then you can simply check if the client IP falls into the internal range.
This way, you only need to change your configuration, when the internal ranges is changed. This should not happen too often.
Edit: Here is a question and answer about IP ranges (albeit in Java, but should be very simple to convert).
Are you on a domain with the internal users? If so you could just offer the internal functionality only to those who login with integrated authentication.
If you are programming an application which is heavily using the network (e.g. pings, dns resolves, etc), is it better to use IP addresses in the code (e.g. if making a folder path on a server - //192.183.181.182/test/test1 for example), or hostnames?
I am assuming IP addresses as they tend to be static in the enterprise, and hostnames can have aliases etc to a single IP address. Is this a valid reason to prefer IP addresses?
Thanks
The problem with using hardcoded IP addresses is that if you need to change it, you need to change the code, while if you use hostnames, if you need to change it, you can change where the hostname points, without touching the code :)
Fully agreeing with jcarlosn above, and throwing in my $0.02 as a network infrastructure guy...
As a network engineer, I could go on for quite some time about the number of instances where I've seen people mistakenly hard-code an IP into an application, and the suffering that happens for years because the company has to contort the growth of IT infrastructure around that original assumption of a hardcoded ip and a subnet in some particular facility. This has an impact on operational and capital expenses of the company.
Also consider what happens when that app is deployed on hundreds of PCs, and has now become business critical to your company and business partners.
Please use DNS names, or if you feel you must use an ip for some bizarre reason... use a local application config file as suggested in another post. Please understand though that a config file doesn't change the corporate downtime for a business-critical app to get migrated to a new IP address. If your desktop people are good, they can probably rewrite an application config file as quickly as you could migrate a DNS name... if you work for a company with no real scripting skills in the desktop deployment dept, please reconsider using DNS with no longer than a 30 minute TTL on that A record.
There are valid reasons for both. Multi-homed servers can cause issues when using names (as you mention), but IP addresses aren't necessarily stable either- especially in a DHCP environment that's not using reservations (more common than you might think).
If it were me, I'd put the path/hostname/IP in config- then you can change to whatever's needed without rebuilding the code. If you're doing name lookups yourself internally, just make sure your code is prepared for either an IP or a hostname.
IPv4 addresses (32bit addresses) are supposed to become obsolete in 2012,
(I think they made a movie about that, with earthquakes and tsunamis.)
There are already no new IPv4 addresses available for sale.
The new standard, IPv6, uses.much longer addresses.
Let the user decide, if he/she has a hostname, store that.
However, hostname may have more than 1 IP address.
If user provides an IP address (v4 or v6), store that.
If you get q MAC address, store that.
Explain the users pros and cons (e.g. names ate more static).
We've got an Asp.Net / IIS6 web application which sits on two servers in separate data centers on our intranet in an active-passive failover configuration. Lets call these servers MyAppSpringfield and MyAppShelbyville.
Now we've got a DNS name set up called 'MyApp', so that the users can simply access the application through http://myapp, and they don't need to know which server they're actually using.
Each month we swap the active and passive nodes around by changing the DNS entry, to keep in good practice for when the day comes that the active node dies for some reason.
Now we need to set up SSL for access to the application, but i've heard that HTTPS certificates are linked to a certain IP address or a certain application common name, so i'm worried this won't be possible, since the IP address that 'MyApp' points to will change every month.
Can anyone tell me if this is possible to set up SSL on those servers, in such a way that either IP will be fine with the cert and the users can simply access it via https://myapp ?
Thanks a lot
I don't think you have a problem. I'm no SSL expert, but I believe it is tied to the domain name, rather than the IP. I've switched IPs and data centers on several sites recently with no problem as far as SSL Certs are concerned. The Cert isn't aware of the IP address when it is issued, only the domain name.