ipinfo, networking’s Swiss army knife

November 13th, 2023 - 08:00November 11th, 2023 - 19:24 / bronto / 2 Comments

A few days ago I saw this post from Marco d’Itri on Mastodon. He is such an expert in Networking matters that if he says that a tool is useful, it is a good reason in itself to try it out even if networking is not your daily bread. So I tested ipinfo and indeed it’s so great that I immediately added it to all my PCs!

Ipinfo is the official CLI for the IPinfo.io IP address API. It collects in a single tool some of the functionality offered by other tools like whois or ipcalc (for example), in addition to geolocation, subnetting, IP validation, and more.

Before I start presenting my favourite functionalities, please note that there is a limit of 1000 API calls per IP for non-authenticated requests. If you need more, you must use the authenticated API, which also includes an option for a free plan.

Getting information about an IP

Similar to whois, but with a terse output and including geolocation information:

$ ipinfo 8.8.8.8
Core
- IP           8.8.8.8
- Anycast      true
- Hostname     dns.google
- City         Mountain View
- Region       California
- Country      United States (US)
- Currency     USD ($)
- Location     37.4056,-122.0775
- Organization AS15169 Google LLC
- Postal       94043
- Timezone     America/Los_Angeles

My IP

The command

ipinfo myip

is very useful when your Internet connection goes through a NAT device. ipinfo will find your public IP and show all the information related to that IP, just like when you query any other IP. If you just need to extract the IP (f.e. in a script), you can filter for just that:

ipinfo myip -f ip | tail -n 1

Grep IP

When you want to extract IP addresses (IPv4, IPv6, or both) from a text file, you can use:

ipinfo grepip filename    # shows lines containing IPs and highlights them
ipinfo grepip -o filename # looks up IPs in the file and prints them
ipinfo grepip -4 filename # as above, but only looks up IPv4 addresses
ipinfo grepip -6 filename # as above, but only looks up IPv6 addresses

You can also use ipinfo grepip to filter a stream of text, for example in a pipe with other commands:

wget -O - http://example.com/address-database.txt | ipinfo grepip -6

CIDR to range

When you have an IP range in CIDR notation and you want to know what interval of addresses is represented by that range you can use ipinfo cidr2range. It works with both IPv4 and IPv6 addresses:

$  ipinfo cidr2range fe80::4580:d144:cdee:ae16/64
fe80::-fe80::ffff:ffff:ffff:ffff
$ ipinfo cidr2range 192.168.100.0/22
192.168.100.0-192.168.103.255

Range to CIDR

When you have a range of IPs, and you want to know how it can be expressed in one or more CIDR ranges, you can use ipinfo range2cidr:

$ ipinfo range2cidr 192.168.0.0-192.168.0.191
192.168.0.0/25
192.168.0.128/26

Split CIDR

ipinfo splitcidr is useful when you have a large range and you want to split it in subranges. E.g. let’s say you have a VPC in AWS whose range is 10.10.0.0/16, and you want to break it down in /19 chunks:

$ ipinfo splitcidr 10.10.0.0/16 19
10.10.0.0/19
10.10.32.0/19
10.10.64.0/19
10.10.96.0/19
10.10.128.0/19
10.10.160.0/19
10.10.192.0/19
10.10.224.0/19

If you want to have these CIDR ranges expressed as IP ranges, you can just pipe ipinfo splitcidr in ipinfo cidr2range:

$ ipinfo splitcidr 10.10.0.0/16 19 | ipinfo cidr2range 
10.10.0.0-10.10.31.255
10.10.32.0-10.10.63.255
10.10.64.0-10.10.95.255
10.10.96.0-10.10.127.255
10.10.128.0-10.10.159.255
10.10.160.0-10.10.191.255
10.10.192.0-10.10.223.255
10.10.224.0-10.10.255.255

Tools

The ipinfo tool subcommand provides a number of very useful tools, among which I’ll mention:

is_ipv4 reports if the given input is an IPv4 address
is_ipv6 reports if the given input is an IPv6 address
is_valid reports if the given input is a valid IP address
prefix is_valid reports if a given input is a valid CIDR range

Installation

Ipinfo is available for many operating systems, in packages of different formats. Refer to the installation instructions in Github, or refer to the Releases page for the manual installation from one of the provided packages.

Documentation

There is no “formal” documentation, but you can refer to the Quick Start section of the README in Github.

Exploring Docker overlay networks

April 11th, 2017 - 16:42 / bronto / 4 Comments

In the past months I have made several attempts to explore Docker overlay networks, but there were a few pieces to set up before I could really experiment and… well, let’s say that I have probably approached the problem the wrong way and wasted some time along the way. Not again. I have set aside some time and worked agile enough to do the whole job, from start to finish. Nowadays there is little point in creating overlay networks by hand, except that it’s still a good learning experience. And a learning experience with Docker and networking was exactly what I was after.

When I started exploring multi-host Docker networks, Docker was quite different than it is now. In particular, Docker Swarm didn’t exist yet, and there was a certain amount of manual work required in order to create an overlay network, so that containers located in different hosts can communicate.

Before Swarm, in order to set up an overlay network one needed to:

have at least two docker hosts to establish an overlay network;
have a supported key/value store available for the docker hosts to sync information;
configure the docker hosts to use the key/value store;
create an overlay network on one of the docker host; if everything worked well, the network will “propagate” to the other docker hosts that had registered with the key/value store;
create named containers on different hosts; then try and ping each other using the names: if everything was done correctly, you would be able to ping the containers through the overlay network.

This looks like simple high-level checklist. I’ll now describe the actual steps needed to get this working, leaving the details of my failuers to the last section of this post.

Continue reading →

How I configure a docker host with CFEngine

June 18th, 2016 - 23:48February 11th, 2017 - 18:45 / bronto / Leave a comment

After some lengthy busy times I’ve been able to restart my work on Docker. Last time I played with some containers to create a Consul cluster using three containers running on the same docker host — something you will never want to do in production.

Getting ready to learn about #docker overlay networks. Created a 3-container #consul cluster: instructive though not advisable in prod 😉

— Marco Marongiu (@brontolinux) 10 aprile 2016

And the reason why I was playing with a Consul cluster on docker was that you need a key/value store to play with overlay networks in Docker, and Consul is one of the supported stores. Besides, Consul is another technology I wanted to play with since the first minute I’ve known it.

To run an overlay network you need more than one Docker host otherwise it’s pretty pointless. That suggested me that it was time to automate the installation of a Docker host, so that I could put together a test lab quickly and also maintain it. And, as always, CFEngine was my friend. The following policy will not work out of the box for you since it uses a number of libraries of mine, but I’m sure you’ll get the idea.