8

I think I may be in a situation where the answer is this is not possible but in case not here goes...

I have written an ASP .NET MVC 3 application and I am using the Request.UserHostName property and then passing the value that that returns into Dns.GetHostEntry to find out all the possible IPs and the host name for the currently connected client, for example:

var clientAddress = Request.UserHostName;
var entry = Dns.GetHostEntry(clientAddress);

Generally that is fine except I have a case where I get a "host not found" SocketException from the Dns.GetHostEntry call.

The really odd thing is that the address that is returned from the Request.UserHostName property is not the public address or any of the private addresses. To prove this I ran this bit of code on the client machine in question...

var host = Dns.GetHostEntry(Dns.GetHostName());

foreach (var a in host.Aliases)
{
    Console.WriteLine("alias '{0}'", a);
}

foreach (var a in host.AddressList)
{
    Console.WriteLine("ip address '{0}'", a);
}

// ...from http://stackoverflow.com/a/2353177/1039947...
String direction = "";
WebRequest request = WebRequest.Create("http://checkip.dyndns.org/");
using (WebResponse response = request.GetResponse())
{
    using (var stream = new StreamReader(response.GetResponseStream()))
    {
        direction = stream.ReadToEnd();
    }
}

int first = direction.IndexOf("Address: ") + 9;
int last = direction.LastIndexOf("</body>");
direction = direction.Substring(first, last - first);

Console.WriteLine("Public IP: '{0}'", direction);

It prints three IP addresses (::1, one private and one public) but none of them are the address that is returned from Request.UserHostName.

If I pass in any of the addresses printed from the above test application into the Dns.GetHostEntry method I get a sensible value back.

So, is there any way that I could get from this strange IP address that is not the public nor any of the privates, to one where I could get the host entry for it without an exception (and what is this address)?

By the way, there is no X_FORWARD_FOR header or anything else that I may be able to identify the client with, as far as I can tell, in the HTTP message?

Background to the Question

So it was pointed out (thanks Damien) that if I explained why I am asking this perhaps someone can provide an alternative approach so here is some background...

I have a requirement that the administrator of the application should be allowed to specify in the configuration a single machine that is allowed to view the page - IP address or machine name - I can probably get the machine name requirement removed but even if they specify the IP address in the configuration it will still not match the IP address that is returned from the UserHostName property since they will use the IP address that is returned when they ping the machine name.

My thinking, therefore, was that if I take whatever is sent in the HTTP header and pass that into GetHostEntry then take all the possible results from that (all the IPs and the host name) and see if any of them match the configured value I could say "allow" otherwise "disallow" (I was going to remove the part of the host name before the first dot too, to cover that eventuality). That scheme has been blown out of the water by this situation I have where the IP address is not at all what I would expect.

kmp
  • 10,535
  • 11
  • 75
  • 125
  • 1
    All you can generally tell (in HTTP) is *an* IP address that the request purports to come from (this may actually be a firewall or proxy address, `X_FORWARD_FOR` is a nicety but not actually required). I have a feeling we'd do much better if we knew the overall problem to be solved here (as in, I'm sure your final goal isn't "obtain a host entry for the client" - that sounds like part of a "solution" - one that isn't going to work) – Damien_The_Unbeliever Nov 28 '12 at 11:13
  • @Damien_The_Unbeliever Thanks - I have added some background – kmp Nov 28 '12 at 14:59
  • 1
    Unless you're in a tightly constrained network, there's no way to achieve the requirement that's been asked for. Is this an intranet site or an internet facing one? – Damien_The_Unbeliever Nov 28 '12 at 15:15
  • @Damien_The_Unbeliever an intranet application - not internet facing – kmp Nov 28 '12 at 17:57
  • possible duplicate of [How can I read the client's machine/computer name from the browser?](http://stackoverflow.com/questions/922476/how-can-i-read-the-clients-machine-computer-name-from-the-browser) – Liam Oct 29 '14 at 13:26

3 Answers3

8

The host name of the client is not normally known because it is not transmitted at the HTTP level. The server cannot know it. Look at the HTTP requests with Fiddler to see for yourself that there is not a lot of information available to the server (and the client can forge all request contents of course).

Use the UserHostAddress property to get the IP address. That is the most you can reliably find out. Once you have that you can try to reverse the IP to a host name but that is not always possible.

usr
  • 168,620
  • 35
  • 240
  • 369
  • 1
    That's correct. Relying on .NET to convert the IP to a host only to then convert that host back to the IP is failure-prone and not useful. – EricLaw Nov 28 '12 at 16:21
  • And there might be zero or multiple host names for any given IP! And there might be many IPs for any given host. It is m:n. The mapping between IP and host name is not well defined. – usr Nov 28 '12 at 16:48
  • Thanks - that was what I concluded before asking the question too - just wondered if there was some other way (perhaps lower in the stack) that I could get hold of the IP address that I would be able to reliably match against but I guess not – kmp Nov 28 '12 at 17:56
  • *Certainly* not because the HTTP request does not contain the host name, neither do the lower layers. – usr Nov 28 '12 at 20:46
6

I have a more specific answer to your question. By examining the source code for HttpRequest.UserHostName here, I found that it maps to a IIS server variable named REMOTE_HOST which is described here. The property will return the IP adddress of the client, unless you have configured IIS in the way described, in which case IIS will do a reverse DNS lookup to attempt to return the name associated with the IP.

Elroy Flynn
  • 3,032
  • 1
  • 24
  • 33
  • 1
    The above link that describes the REMOTE_HOST user variable is rotten. A web search for "configure iis reverse lookup remote_host" produces some useful results, but it might be that IIS no longer supports the reverse-lookup option. – Elroy Flynn Jan 20 '19 at 04:04
0

Make sure you read the Remarks section at Dns.GetHostEntry on the many cases it can (partially) fail:

Remarks

The GetHostEntry method queries a DNS server for the IP address that is associated with a host name or IP address.

If an empty string is passed as the hostNameOrAddress argument, then this method returns the IPv4 and IPv6 addresses of the local host.

If the host name could not be found, the SocketException exception is returned with a value of 11001 (Windows Sockets error WSAHOST_NOT_FOUND). This exception can be returned if the DNS server does not respond. This exception can also be returned if the name is not an official host name or alias, or it cannot be found in the database(s) being queried.

The ArgumentException exception is also returned if the hostNameOrAddress parameter contains Any or IPv6Any.

The GetHostEntry method assumes that if an IP literal string is passed in the hostNameOrAddress parameter that the application wants an IPHostEntry instance returned with all of the properties set. These properties include the AddressList, Aliases, and HostName. As a result, the implementation of the GetHostEntry method exhibits the following behavior when an IP string literal is passed:

  1. The method tries to parse the address. If the hostNameOrAddress parameter contains a legal IP string literal, then the first phase succeeds.
  2. A reverse lookup using the IP address of the IP string literal is attempted to obtain the host name. This result is set as the HostName property.
  3. The host name from this reverse lookup is used again to obtain all the possible IP addresses associated with the name and set as the AddressList property.

For an IPv4 string literal, all three steps above may succeed. But it is possible for a stale DNS record for an IPv4 address that actually belongs to a different host to be returned. This may cause step #3 to fail and throw an exception (there is a DNS PTR record for the IPv4 address, but no DNS A record for the IPv4 address).

For IPv6, step #2 above may fail, since most IPv6 deployments do not register the reverse (PTR) record for an IPv6 address. So this method may return the string IPv6 literal as the fully-qualified domain (FQDN) host name in the HostName property.

The GetHostAddresses method has different behavior with respect to IP literals. If step #1 above succeeds (it successfully parses as an IP address), that address is immediately returned as the result. There is no attempt at a reverse lookup.

IPv6 addresses are filtered from the results of the GetHostEntry method if the local computer does not have IPv6 installed. As a result, it is possible to get back an empty IPHostEntry instance if only IPv6 results where available for the hostNameOrAddress.parameter.

The Aliases property of the IPHostEntry instance returned is not populated by this method and will always be empty.

George Birbilis
  • 2,782
  • 2
  • 33
  • 35