1

I've been struggling to figure out why my page which uses curl library in PHP worked on my dev machine but failed on my remote server. One suspicion is that it's related to whether the curl has an SSL support, as indicated in one of the comments here:

If your curl installation is not compiled with SSL support you will beat your head against a wall when trying to figure out why curl_exec() is failing to fail or do anything else ...

So, I ran this script to find out whether SSL is supported on both my dev machine and remote server. Both my dev machine and remote server produced the following (looks like both support SSL):

CURL_VERSION_IPV6 matches CURL_VERSION_KERBEROS4 does not match CURL_VERSION_SSL matches CURL_VERSION_LIBZ matches

However, when I ran curl from the command line on my remote server (the one where my script failed), here's what I got (i.e. curl hang):

curl -v http://<my-domain>/blog/press-release/
* About to connect() to <my-domain> port 80
*   Trying 66.201.45.235...

The same curl command line worked fine on my dev machine although it returned a different IP address:

curl -v http://<my-domain>/blog/press-release/
* About to connect() to <my-domain> port 80 (#0)
*   Trying 10.3.1.207... connected

Please... please help? Any other way to figure out the differences between the installed curl on my dev machine and remote server? Why did they return different addresses?

moey
  • 10,587
  • 25
  • 68
  • 112
  • Check /etc/hosts. `` is probably set up as a different IP address for testing on your dev server. – pgl Dec 20 '11 at 16:08

1 Answers1

3

A domain name (like my-domain.com) is resolved to an IP address through DNS.

When a program tries to access a network device by name, the operating system contacts it's configured DNS server and asks it for the IP address that corresponds to the supplied name. The DNS server will then either respond with an IP address (or set of IP addresses - it is possible to configure a name to resolve to more than one IP address) or an error message that says, in essence "I couldn't find that name". The operating system will also have a hosts file, which is a list of domain-to-IP mappings that are statically configured. If there is a match for the requested domain in the host file, the DNS server will not be contacted and the configured IP will be used instead.

A corporate LAN will often have it's own internal DNS server which controls an internal domain, and if it gets a request for a member of that domain, it will return the LAN IP address of that host, instead of the WAN IP address.

My guess for your problem is that one of two things is happening:

  • The hosts file on your dev server has a configured entry for the relevant domain, which is internal to you network. I say this because the address you get on your dev machine resolves to an IP address that lies in a range normally reserved for LANs
  • The machine you are trying to contact is on your own domain, hosted inside the network where your dev machine resides, and your LAN has a DNS server which controls your domain, used by you dev machine for DNS lookups.

Either way, the actual problem that you need to resolve is that the host you are trying to contact does not accept connections from the WAN on the 66.201.45.235 address, which is what the internet sees it's IP address as. This could be because of server configuration, firewalls, NAT or any one of a number of other things.

This is not likely to be anything SSL related - cURL is trying to connect to port 80, which is used for un-encrypted HTTP connections, and does not require SSL.

You should contact your network administrator to resolve the issue.

DaveRandom
  • 87,921
  • 11
  • 154
  • 174
  • Thank you very much. This is very clear and definitely deserves more than an +1-vote! I just gave all points I could possibly trigger for you. :) – moey Dec 20 '11 at 16:57
  • Thanks a lot, I was struggling for many hours, you saved my life!! – Sachin Vairagi Mar 21 '22 at 12:42