How can I determine which is my IP address on a different network?

1/13/2020

I'm trying to launch a SNMP query from a pod uploaded in an Azure cloud to an internal host on my company's network. The snmpget queries work well from the pod to, say, a public SNMP server, but the query to my target host results in:

root@status-tanner-api-86557c6786-wpvdx:/home/status-tanner-api/poller# snmpget -c public -v 2c 192.168.118.23 1.3.6.1.2.1.1.1.0
Timeout: No Response from 192.168.118.23.

an NMAP shows that the SNMP port is open|filtered:

Nmap scan report for 192.168.118.23
Host is up (0.16s latency).
PORT    STATE         SERVICE
161/udp open|filtered snmp

I requested a new rule to allow 161UDP from my pod, but I'm suspecting that I requested the rule to be made for the wrong IP address.

My theory is that I should be able to determine the IP address my pod uses to access this target host if I could get inside the target host, open a connection from the pod and see using netstat which is the IP address my pod is using. The problem is that I currently have no access to this host. So, my question is How can I see from which address my pod is reaching the target host? Some sort of public address is obviously being used, but I can't tell which one is it without entering the target host.

I'm pretty sure I'm missing an important network tool that should help me in this situation. Any suggestion would be profoundly appreciated.

-- diego92sigma6
azure
kubernetes
networking
nmap

1 Answer

1/13/2020

By default Kubernetes will use you node ip to reach the others servers, so you need to make a firewall rule using your node IP.

I've tested using a busybox pod to reach other server in my network

Here is my lab-1 node IP with ip 10.128.0.62:

$rabello@lab-1:~ ip ad | grep ens4 | grep inet
    inet 10.128.0.62/32 scope global dynamic ens4

In this node I have a busybox pod with the ip 192.168.251.219:

$ kubectl exec -it busybox sh
/ # ip ad | grep eth0 | grep inet
    inet 192.168.251.219/32 scope global eth0

When perform a ping test to another server in the network (server-1) we have:

/ # ping 10.128.0.61
PING 10.128.0.61 (10.128.0.61): 56 data bytes
64 bytes from 10.128.0.61: seq=0 ttl=63 time=1.478 ms
64 bytes from 10.128.0.61: seq=1 ttl=63 time=0.337 ms
^C
--- 10.128.0.61 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.337/0.907/1.478 ms

Using tcpdump on server-1, we can see the ping requests from my pod using the node ip from lab-1:

rabello@server-1:~$ sudo tcpdump -n icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:16:09.291714 IP 10.128.0.62 > 10.128.0.61: ICMP echo request, id 6230, seq 0, length 64
10:16:09.291775 IP 10.128.0.61 > 10.128.0.62: ICMP echo reply, id 6230, seq 0, length 64
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel

Make sure you have an appropriate firewall rule to allow your node (or your vpc range) reach your destination and check if you VPN is up (if you have one).

I hope it helps! =)

-- KoopaKiller
Source: StackOverflow