Way to cause connection to a different online server in server farm?

Posted on 2013-09-05
Medium Priority
Last Modified: 2013-09-05
I'm trying to test for IP ranges to open in a firewall, for connection to a provider's web site.
They have many servers and, if you connect thru different PCs you get redirected to one of them.
There seems to be some memory held somewhere that will redirect you to the same server if you connect from the same PC with the same user.
I'd like to be able to go to the site from 1 PC over and over and collect the IP addresses with a packet reader, but there appears to be something that needs to be flushed out each time.

Is there a command line process that can reset this, so that the web site does not recognise the request as being from the same source?

(I don't want to wait a week for the provider to send the IP addresses to me)
Allowing a Fully Qualified Domain Name thru the firewall does not work.

TIA !!
Question by:machine_run

Accepted Solution

alicain earned 668 total points
ID: 39468429
How about doing an NSLOOKUP of the hostname to see what addresses are registered in DNS for it?

LVL 35

Assisted Solution

by:Paul MacDonald
Paul MacDonald earned 668 total points
ID: 39468436
It may be the server sets a cookie, but more likely you're not waiting long enough for the session to expire.  Most web sites use something like 20 minutes, but all the does is kill the session (in other words, if you closed your browser for 20 minutes, the session would expire) - you'd still have no way to guarantee you hit a different server each time.

It's not clear to me what data you're trying to collect, but is it possible the web site itself could get the data and send it to you on some sort of schedule or trigger?

Author Comment

ID: 39468450
The site operators, ADP, are not quick to respond to say the least.
Users are attempting to log into portal.adp.com

I'm having a bear of a time trying to allow this thru the firewall.
This just started happening. They may have moved to an akamai server farm.

So far users can get to the site 50% of the time.
There are still IP Addresses I have to try to find.
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

LVL 13

Assisted Solution

by:Daniel Helgenberger
Daniel Helgenberger earned 664 total points
ID: 39468477
Ok, let me try. I hope I do you no wrong; and understood it correctly

You are connecting from your computer through your firewall to different web site / service (a big one, like google or facebook or such?). Then, you end up on the same server even if you use  different computers in your network.

This may have to reasons, please let me write an analogy:
Say, you take your car and go on vacation. You have never been there before, you have to use a map had have to take some detours. It takes a long time. On the way back home, you already know the way. It is much faster therefore.
The next year, you remember the the way you want and take the same route (here we go!) - even if there may be a new highway around which you did not know about. So once you learned about the new highway you forget the old route and take the new, better one back.

This is called routing in network terms and works all the same way basically. The map is the routing table and your memory is the routing cache. Imagine the same with your firewall. Since you have only one, the firewall knows the way and always point you to the same server because it is much quicker then to find a new one every time. Not even if you use another computer in your network, because it still asks the same router.

But, you can forget the way you wend any time. In routing this is a cache flush:
ip route flush cache

Open in new window

Would be the command on a unix / linux router (you did not tell us what make/model) the same can be achieved by rebooting it.
To test other ways, just use your smartphone in a cellular network. Since it uses another router, chances are you end up on another server.

Reason number 2:
If it is a big websites my incorporate load balancing among many other things which lets you always end on the same server. This is something you cannot change.
LVL 35

Expert Comment

by:Paul MacDonald
ID: 39468483
Can you not create a firewall rule that allows access to portal.adp.com?  It has to be done by IP?

Author Comment

ID: 39468498

allowing portal.adp.com isn't doing it (at least not all the time)

Allowing *.adp.com was working for at least a year.

Looks like they are redirecting logons to other domains.
LVL 35

Expert Comment

by:Paul MacDonald
ID: 39468537
Interesting!  And they won't tell you what those other domains are?  That seems shady (or buggy)...

Is there a way to check the router log for the denied connection?  You may get some information that way.  Even PINGing "portal.adp.com" from a machine that can't access the site may tell you what IP that machine is resolving from the host name.

Author Closing Comment

ID: 39468587

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question