How to determine the IP adrreses on a server

Discussion in 'Installation/Configuration' started by phall472, Mar 18, 2010.

  1. phall472

    phall472 New Member


    I have a dedicated server running Debian Lenney, through a hosting service, which is supposed to have 8 static IP addresses.

    I have one domain name. I would like to have two more domain names pointing to a different IP address.

    However the hosting company tells me that all 8 IP addresses are in use now and I need to buy more.

    I am a PHP Mysql programmer but I do not know Linux OS.

    I need to know how to determine the 8 IP addresses and if they all are being used and for what they are being used for.

    I have full root access.

    Thank you
  2. BorderAmigos

    BorderAmigos New Member

    Assuming it's a Linux server, type "ip addr" at the shell. Also, ping or traceroute the domain name.

    Can't see how one domain would be using 8 IP addresses. Who is your host?
  3. phall472

    phall472 New Member


    Here is what I received from the instructions you gave me:

    ([email protected])-(~) $ ip addr
    -bash: ip: command not found

    In my original post I said it is Debian Lenney Linux OS.

    Any help is appreciated
  4. BorderAmigos

    BorderAmigos New Member

    aptitude install iproute

    All my servers are Debian Lenny. IP command is part of the iproute package. You either don't have it installed or you are prevented from using it. If you are in a jailkit type shell you may not have access to it. If you have full access then install iproute.
  5. phall472

    phall472 New Member

    Hello BorderAmigos

    Yes It is a dedicated server and I have full Root acces.

    I installed iproute and I googled how to run it.

    I got the following:

    ([email protected])-(~) $ ip address show
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
    2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNO WN qlen 1000
    link/ether 00:21:85:1e:a2:84 brd ff:ff:ff:ff:ff:ff
    inet ??.214.44.31/24 brd ??.214.44.255 scope global eth0
    inet ??.214.44.32/24 brd ??.214.44.255 scope global secondary eth0:0
    inet6 fe80::221:85ff:fe1e:a284/64 scope link
    valid_lft forever preferred_lft forever
    4: teql0: <NOARP> mtu 1500 qdisc noop state DOWN qlen 100
    5: tunl0: <NOARP> mtu 1480 qdisc noop state DOWN
    link/ipip brd
    6: gre0: <NOARP> mtu 1476 qdisc noop state DOWN
    link/gre brd
    7: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
    link/sit brd
    8: ip6tnl0: <NOARP> mtu 1460 qdisc noop state DOWN
    link/tunnel6 :: brd ::

    Can you tell me from this which IP are being used.

    I can run other commands if you need more information. I have used ?? to block the first part of the IP addresses for security.

    Thank you
  6. BorderAmigos

    BorderAmigos New Member

    The only IP addresses shown there are on these lines...

    inet ??.214.44.31/24 brd ??.214.44.255 scope global eth0
    inet ??.214.44.32/24 brd ??.214.44.255 scope global secondary eth0:0

    Assuming you put the ?? for obfuscation. I'm not familiar with many of the other items shown in your setup and can't say how they effect IP usage.
  7. phall472

    phall472 New Member


    Thank you for your help BorderAmigos.

    Yes I placed the two question marks for security. (??.214.44.31/24)

    inet ??.214.44.31/24 brd ??.214.44.255 scope global eth0
    inet ??.214.44.32/24 brd ??.214.44.255 scope global secondary eth0:0

    Does anyone else have any suggestions to determine the usage of the eight IP addresses.
  8. dbrumbaugh

    dbrumbaugh New Member

    IP usage - Take the backdoor

    May I suggest that we start with knowing the IP addresses that are assigned to you. If you don't know, submit a support ticket to your host asking that question. Be sure to ask what IP's are usable of the assigned group.

    Once you have that information, you need to put on your detective hat. Start with putting the IP's in a browser. You should be able to determine how they are being used and then by whom. There are many on-line tools that will help discover & define their usage. Port scan the IP; get a domain name and do a whois; what ever; let the snoop come out in you! I know you have it, cause you are an admitted programmer. :)

    My guess is that your host has bound 2 IP's to your server as posted. One is called the lead IP and is likely the IP that you are using on your current website. The second is then used to interface to a VLAN within the data center that allows background routing of all other assigned IP's to this single IP on your server. (This cuts down on the cost of the network infrastructure for the data center)

    Depending on how well the background networking is configured, it is possible that someone has hi-jacked your IP's. This may account for the hosting company's response to your initial IP question. If the IP's are really in use and you can show an example of abuse by another client of the hosting company, that should spur them to take action.

    Hope this helps.
  9. phall472

    phall472 New Member

    Hello dbrumbaugh

    Thank you for your reply.

    I have finally got some of the answers from my provider.

    (1) They had only given me 4 IP not 8. They just gave me another 4 yesterday.

    (2) They can't explain why I was told that all my IPs were used.

    I will open another ticket for another question.

    Thank you

Share This Page