Linux – How to get the free out IPs in our IDC

linux

Our company have a IDC (Internet Data Center), and in our IDC, there are many host machines, every host has 1-3 IPs.

There is a situation, such as one host machine has 3 IPs(eg. 102.23.33.1 -> 102.23.33.3). (means in the host machine, have configured the IPs to it)

If the host machine only use 102.23.33.1, and there free out the 102.23.33.2 and 102.23.33.3. We want to find out the free IPs.

How can I do that? I tried to use the forloop to ping the whole IPs, but this is not accurate, because some host machine are baned for ping.

EDIT

I means the host machine if has 3 IPs, and all can ping them, but the host machine only use the first IP to connect with public network, how can I find the other 2 IPs host machine do not use (or do not often use)?

EDIT-2

I mean the IPs all configured on the OS but may not be actually using them.

EDIT – 3

So, all the before, there can be understood as bellow:

I have a Router, and under it, there are many host machines, and every host machine have some IPs, and how can I record the IPs that go through the Router everyday.

Is there a tool for record the IPs which get through the Router? Or how can I realize my requirement ?

Best Answer

This adds a logging rule into the iptables FORWARD chain:

# iptables -I FORWARD -j LOG --log-prefix 'MYIPS: '

This searches for the matching packets:

# grep MYIPS /var/log/syslog

The file name may depend on your Linux distribution.

And this generates a list of unique IP addresses seen by the forwarding chain in your router:

# grep -oE '(SRC|DST)=[0-9.]*' /var/log/syslog | sed 's/.*=//' | sort -u

Related Solutions

Linux – Ubuntu Linux Router: Set outbound NAT on 2 interfaces

The problem lies in getting a response from the client LAN I think, and so yes you need to use NAT to the client-LAN as well.

Let me explain:

Nodes on your LAN have your gateway as their default gateway.

Thus any traffic from them, be it to the client network (10.0.0.0/8) or the wider world (0.0.0.0/8) goes to it.

Traffic to the wider world is then NAT'd onto the Internet.

Traffic to the client's LAN is forwarded as is (I'm assuming here forwarding is working which the NAT working indicates it is).

So a packet from a node on your internal LAN, let us say it's IP is 192.168.1.200 goes to your gateway and is forward to the client LAN. However it's source address is still 192.168.1.200.

The client machine receives this and tried to reply, to 192.168.1.200.

Unless the client LAN machines have routes set for 192.168.1.0/24, or their default gateway is able to forward the packets to your gateway, they will not be able to route.

With NAT enabled then at the gateway the source address 192.168.1.200 is NAT'd to your client LAN gateway address, which client LAN nodes can respond to, where it will be re-addressed by your gateway and returned.

Linux interface to get connected IPs

Besides ss and netstat I currently don't know any other tools that I'd recommend.

For how to get this information:

If you man netstat, you can see at the section FILES some listed files that netstat uses to collect its information.

Among these, there are /proc/net/tcp and /proc/net/udp.

If you cat /proc/net/tcp you can see various information about tcp connections on your system.

A sample output would be

sl local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode
0: 0101007F:0035 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 11190 1 0000000000000 000 100 0 0 10 0
1: 8700A8C0:91FC 0F02000A:15B3 01 00000000:00000000 02:00000AF6 00000000  1000        0 5565254 2 00000000000 00000 46 4 13 10 -1

rem_address here is the IP you are looking for. I don't know much about it, but I think st gives you information about the current state. 0A should mean LISTEN, 01 means ESTABLISHED.

Decoding a local_address or rem_address is rather easy, 8700A8C0:8F76 for example:

Format: hex(rev_ip):hex(port)

87 -> 135
00 -> 0
A8 -> 168
C0 -> 192
:8F76 -> 36726

=> 192.168.0.135, Port 36726

More information about the /proc/net directory is here.

More information about the presented data is here.

A related SO thread is also here.

Best Answer

Related Solutions

Linux – Ubuntu Linux Router: Set outbound NAT on 2 interfaces

Linux interface to get connected IPs

Related Question