We help IT Professionals succeed at work.

Pinging tunneled IPs always shows as up with PHP?

Medium Priority
311 Views
Last Modified: 2012-05-12
On a linux server, the network-scripts has something like this, for example:

IPADDR_START=109.203.120.64
IPADDR_END=109.203.120.79
CLONENUM_START=134
NETMASK=255.255.255.255


And those IPs are pretty much tunneled to the server. However, when I do a simple check to see if the IP is up and pointed to the proper server with PHP:

function check_content($url)
{
      global $timeout;
      $ch = curl_init();

      curl_setopt ($ch, CURLOPT_URL, $url);
      curl_setopt ($ch, CURLOPT_HEADER, 0);
      curl_setopt ($ch, CURLOPT_TIMEOUT, 20);
      curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

      $string = curl_exec($ch);
      curl_close ($ch);

      $pos = strpos($string, "Username:");
      if ($pos === false) {
            return 0;
      }
      $pos = strpos($string, "Password:");
      if ($pos === false) {
            return 0;
      }
      return 1;
}

This always shows as UP, even if the IPs are down. So if I use http://109.203.120.64 on that server that has them linked, it displays as UP and is getting the proper page, almost as if it gave that 'ip' local access lke 127.0.0.1 would.

I'm not sure how to solve this, but I need to make sure the IP is UP and it's going to the right page (with a simple check to see if username/pass is on that page.) Any suggestions?
Comment
Watch Question

nociSoftware Engineer
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
you're not pinging but curling... ;-)

pinging is the use of the PING program using icmp packets to verify the state of a node.
you are requesting some URL ?? that appearantly does contain a Username: and a Password: somewhere.
Or those strings are allways missing and you have logics reversed.
Accepting a 0 return as OK and a 1 as invalid ..

It might help if you log the string of a failed & succesfull curl call and verify if they are what you expected.

Author

Commented:
Sorry about that, meant CURLING. If I ping the server if it's down it states it is up, though, long as I ping it from the server where I setup the networking script files.

And yeah, I'm checking for the page to see if there is a username and password string. Nothing more, no manipulating yet or anything like that. 0 means it never found it, (===false) and 1 means it found it.

But I'm guessing the main thing isn't to do with the script, probably to do with the networking/linux:

When I setup the IP in linux networking scripts, even though THIS ip is down:
PING 204.145.90.26 (204.145.90.26) 56(84) bytes of data.
64 bytes from 204.145.90.26: icmp_seq=1 ttl=64 time=0.013 ms
64 bytes from 204.145.90.26: icmp_seq=2 ttl=64 time=0.016 ms
64 bytes from 204.145.90.26: icmp_seq=3 ttl=64 time=0.008 ms
64 bytes from 204.145.90.26: icmp_seq=4 ttl=64 time=0.017 ms


 You can tell by the MS though that its checking locally rather then a remote check. It's like 204.145.90.26 become an internal IP instead of a external one when you're doing checks on it. Another IP on the same server that isn't setup:

64 bytes from 204.145.90.25: icmp_seq=42 ttl=57 time=31.8 ms
64 bytes from 204.145.90.25: icmp_seq=43 ttl=57 time=31.7 ms
64 bytes from 204.145.90.25: icmp_seq=44 ttl=57 time=31.8 ms
64 bytes from 204.145.90.25: icmp_seq=45 ttl=57 time=31.7 ms
64 bytes from 204.145.90.25: icmp_seq=46 ttl=57 time=31.8 ms
64 bytes from 204.145.90.25: icmp_seq=47 ttl=57 time=31.7 ms
64 bytes from 204.145.90.25: icmp_seq=48 ttl=57 time=31.7 ms


Author

Commented:
Rather I want to know of a PHP way if possible to get around this, so I don't need to call a secondary server to do the pinging and spit out the result to this server. Would be a pain ;)
nociSoftware Engineer
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
please define up & down...
If there is an interface active with that IP address you will get an answer.... on icmp.
even if the HTTP is down. It would bestrange you still get an answer when the system (hardware/ VM) is turned off.
You may need to do some traceroute (or tcptraceroute) to the server to see where the answer comes from in case of your service being down.


What you want to do is monitoring. Why not use a monitoring tool like ICINGA or NAGIOS.
(They are the almost same, where ICINGA is a comunity effort and NAGIOS more or less a one-man show).
For icinga/nagios there also is a proxy tool (NRPE) so if you install NRPE on the "other" server, you can do a check form there. And have the result in your central server. Icinga, Nagios can do a lot more checking like memory usage etc. and it can also try to attract your attention if case of misbehaving of some component.

Author

Commented:
Hello, I can add a random Ip like 2.2.2.2 to my network scripts (ifcfg-range2/etc) and then do a service network restart, and 'ping 2.2.2.2'. It will actually get a valid PING response of very low MS, like 0.014 ping. So the network is making a networked IP local or something.

Yes, I want monitoring, can those scripts be somehow grabbed? The idea is the monitoring is that I have a system that checks what is up or down, and then processes what it needs to do using the IPs that are online. So it's more then just a monitoring script overall, but I'll give ICINGA a look. I'm hoping it has a way to grab what's online/offline easily through a php script or something similar. I 'dont' really want to have to ping on a central server to figure out of they are online or offline, but it's coming to that case where it's going to be, apparently.
nociSoftware Engineer
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
If you configure a local interface... yes then there is something up, the local interface...

the check_http nagios plugin (also ICINGA) can take a grep into account on the content returned.
CERTIFIED EXPERT

Commented:
> When I setup the IP in linux networking scripts, even though THIS ip is down:
> PING 204.145.90.26 (204.145.90.26) 56(84) bytes of data.
> 64 bytes from 204.145.90.26: icmp_seq=1 ttl=64 time=0.013 ms

This is where you're fundamentally incorrect - the IP is NOT down, it's up.  The TUNNEL may be down, but if that IP is the tunnel endpoint, then yes, it will set up a local host route for it and the IP will be local to the machine (and UP) and return miniscule ping times.  You would need to ping the other tunnel endpoint which you might be able to do by manually specifying an interface, aka "ping -I tun0 x.x.x.x"

Author

Commented:
Sorry, that IP had come up, reason why it might be pinging now..

This for example atm is down:
C:\Users\>ping 69.160.254.197

Pinging 69.160.254.197 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.


/var/www/html/broadcast$ ping -I eth0 69.160.254.197 -c 5
PING 69.160.254.197 (69.160.254.197) from 69.160.254.197 eth0: 56(84) bytes of data.
64 bytes from 69.160.254.197: icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from 69.160.254.197: icmp_seq=2 ttl=64 time=0.017 ms
64 bytes from 69.160.254.197: icmp_seq=3 ttl=64 time=0.016 ms
64 bytes from 69.160.254.197: icmp_seq=4 ttl=64 time=0.018 ms
64 bytes from 69.160.254.197: icmp_seq=5 ttl=64 time=0.018 ms


^tried with eth0 but no luck yet, and the tunnel is active, but the IP is not. Any other idea?
CERTIFIED EXPERT

Commented:
I don't really know what you mean by "tunnel is active, but the IP is not".  What exactly is your network architecture?

One server, with multiple pptp tunnels to other servers?

And you say:

IPADDR_START=109.203.120.64
IPADDR_END=109.203.120.79
CLONENUM_START=134
NETMASK=255.255.255.255

But if your range of IPs is .64 -> .79, then your netmask should clearly be 255.255.255.240

I'm just trying to figure out what exactly you're trying to monitor here.

Author

Commented:
Ah sorry, I"m no network guru. Most of the stuff is automated. Let me try to explain it.

We have several servers that are tunneled to one 'global server'. The global server has a bunch of ipcfg-eth0-rangeX files to link the tunnel.

The server with the IP 69.160.254.197 went down, but the global server, if I just do a PING to see if the server is still online, pings fine, most likely from what you said above? If you piing it from your machine, it times out, because the server is down right now/offline. Aiming to know 'why' that is and how I can attempt to find out what IPs still resolve.

If 69.160.254.197 WAS online and I went to it on a webpage, because it is tunneled, the page http://69.160.254.197 would load. Since the server that had 69.160.254.197 and was tunneled to the GLOBAL SERVER is down, the page doesn't load anymore.

I want to be able to detect this on the global server and run my script to delink/remove it, or at least notify me that there is something wrong with the IP 69.160.254.197.

The thing is, if I do a wget http://69.160.254.197// on the global server, it comes up with the page it should. Even though the IP is down. Thats why I thought it's locally linking it regardless if its down or up, like a local IP would be.

Sorry if it doesn't make any sense, let me know if you need more information.
CERTIFIED EXPERT
Commented:
If you do a wget  http://69.160.254.197/ and that IP is actually local to you because of the tunnel endpoint, then what you are getting I gather is the identical output as http://127.0.0.1/, because you likely have a webserver running on the global server.

What I'd suggest doing is putting a unique file in each remote endpoints web tree so that you can craft your curl command to retrieve http://remote_ip/unique_filename.html

The file unique_filename.html must NOT exist on the global server.

This way the only way you can retrieve the correct file is if the tunnel is up.

Make sense?
nociSoftware Engineer
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
I agree with xterm.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.