[SOLVED] Connecting socket using bogus address -- No problem! But why?

dwhitney67 · 03-04-2013, 04:52 PM

I cannot understand why an attempt to connect to a bogus address using port 22 fails, yet if I change the port to 80 it succeeds. I would expect both cases to fail.

Here's some code that demonstrates the issue:

Code:

#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <string.h>
#include <assert.h>
#include <stdio.h>

int main()
{
    const char* address = "bogus";
    //const char* port = "22";
    const char* port = "80";

    struct sockaddr_in sin;
    struct addrinfo    hints;
    struct addrinfo*   host_info = 0;

    memset(&sin, 0, sizeof(sin));
    memset(&hints, 0, sizeof(hints));

    hints.ai_family  = AF_INET;
    hints.ai_flags   = 0;   // superfluous
    hints.ai_addrlen = sizeof(sin);

    assert(getaddrinfo(address, port, &hints, &host_info) == 0);
    assert(host_info != 0);

    memcpy(&sin, host_info->ai_addr, host_info->ai_addrlen);

    int sock = 0;

    assert((sock = socket(AF_INET, SOCK_STREAM, 0)) > 0);

    assert(connect(sock, (struct sockaddr*) &sin, (socklen_t) sizeof(sin)) == 0);

    printf("Success!\n");

    return 0;
}

With port 80 in use, I successfully connect and see the printed message of "Success!". If I change the port to 22, then the assert(), when attempting to connect, is triggered.

Can anyone help explain this odd behavior?

ntubski · 03-04-2013, 07:21 PM

Quote:

Originally Posted by dwhitney67

If I change the port to 22, then the assert(), when attempting to connect, is triggered.

But the assert around getaddrinfo() is not triggered? Maybe try printing the host info that is returned by getaddrinfo() then.

dwhitney67 · 03-04-2013, 08:26 PM

Quote:

Originally Posted by ntubski

But the assert around getaddrinfo() is not triggered? Maybe try printing the host info that is returned by getaddrinfo() then.

ntubski,

Thanks for the pointer.

I printed out the IP address and came up with an address of 199.101.28.20. Using my web browser, I found it to be http://search.dnsassist.verizon.net. This explains why using port 80 I was able to connect.

Code:

    ...
    struct sockaddr_in* sin2 = (struct sockaddr_in*)host_info->ai_addr;
    printf("%s\n", inet_ntoa(sin2->sin_addr));
    ...

So apparently my system fails over to that IP address (of my ISP) when I supply any bogus server name and port 80. It would be nice if I could configure my system to avoid such a thing. Any ideas on how to do this?

chrism01 · 03-04-2013, 10:11 PM

I'd expect that's probably the default of most ISPs; the pkt goes as far as it can (sort of).
If you want a test addr, stick to localhost range 127.0.0.0/8 or possibly something in your normal lan addr range eg 192.168.0.0/16.
This RFC lists the 'special' ranges; https://tools.ietf.org/html/rfc3330

ntubski · 03-05-2013, 09:34 AM

According to http://log.psi.cc/2008/03/02/how-to-...ns-assistance/ and http://domnit.org/verizon/ you may be able to opt out of this "feature".

dwhitney67 · 03-06-2013, 08:11 AM

Quote:

Originally Posted by ntubski

According to http://log.psi.cc/2008/03/02/how-to-...ns-assistance/ and http://domnit.org/verizon/ you may be able to opt out of this "feature".

Again, thanks! The second link you provided was clearer to understand than the first.

The issue is now resolved.