1. Introduction
Indeed, the curl command-line tool has been invaluable in web development and data retrieval. In essence, it enables developers and system administrators to retrieve data from the Internet easily.
Nevertheless, while using curl to make an HTTP request, it is advisable to forward the request via the specific server interface as determined by the network infrastructure policies.
In this tutorial, we’ll discuss how to use curl and route the request through the server’s specific interface.
2. Understanding the Basics of curl Command
Here, the ip address command offers a glimpse into the system’s network interfaces. It starts with the loopback interface (lo), with IP address 127.0.0.1, for internal communication. Next, the Ethernet interfaces like ens160 and ens280 emerge. The ens160, with IP address 172.31.200.55, stands ready for communication, alongside ens280, IP address 172.31.200.52:
$ ip address
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens160: mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:e7:c4:b2 brd ff:ff:ff:ff:ff:ff
inet 172.31.200.55/24 brd 172.31.200.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
3: ens280: mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:e0:8b:3e brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 172.31.200.52/24 brd 172.31.200.255 scope global noprefixroute ens280
valid_lft forever preferred_lft forever
Next, curl https://ipinfo.io/ip retrieves the NAT’ed public IP address of the server. In this instance, the output shows the IP address 208.91.115.10. It leverages the ipinfo.io service to get the system’s outward-facing IP address in networking configurations:
$ curl https://ipinfo.io/ip
208.91.115.10
In this case, the curl request is routed toward the server’s default interface.
3. Using a Specific Interface Option
The curl command offers the– interface option to route the curl request through a specific interface. You can quickly obtain a comprehensive list of available curl command options using the –help flag. Additionally, to narrow down the interface options from the extensive list, we utilized the grep command for filtering:
$ curl --help | grep interface
--dns-interface Interface to use for DNS requests
--interface Use network INTERFACE (or address)
Usually, the –interface option directs the curl utility to make an HTTPS request through the network interface ens160 to ipinfo.io to retrieve the server’s NAT-ed IP address.
This command ensures the request is routed through a specific network pathway, which is crucial for systems with multiple interfaces:
$ curl --interface ens160 https://ipinfo.io/ip
208.91.115.10
Similarly, we direct the curl utility to make an HTTPS request through the network interface ens280 to ipinfo.io:
$ curl --interface ens280 https://ipinfo.io/ip
208.91.115.10
In both cases, the request traffic is routed through different interfaces on the same server, resulting in the same outbound NAT’ed IP address.
When executed with the -vvv option, curl provides detailed insights into its interaction with the ipinfo.io webserver. It details DNS resolution, indicating the server was contacted for IP address retrieval. The log then records the TCP connection setup, identifying the local and remote endpoints. Specifically, in this case, the local interface ens160 with the IP address 172.31.200.55 establishes the TCP connection.
Finally, SSL/TLS negotiation specifics follow, outlining the cryptographic protocols and algorithms used for secure communication:
$ curl -vvv --interface ens160 https://ipinfo.io/ip
* Uses proxy env variable no_proxy == '127.0.0.1,localhost'
* Trying 34.117.186.192...
* TCP_NODELAY set
* Local Interface ens160 is ip 172.31.200.55 using address family 2
* Local port: 0
* Connected to ipinfo.io (34.117.186.192) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
...
... output truncated ...
...
* TLSv1.3 (IN), TLS app data, [no content] (0):
* TLSv1.3 (OUT), TLS app data, [no content] (0):
* Connection #0 to host ipinfo.io left intact
208.91.115.10
Similarly, in another scenario, the ens280 interface with the IP address 172.31.200.52 is used as the local interface to establish the TCP connection with the server:
$ curl -vvv --interface ens280 https://ipinfo.io/ip
* Uses proxy env variable no_proxy == '127.0.0.1,localhost'
* Trying 34.117.186.192...
* TCP_NODELAY set
* Local Interface ens280 is ip 172.31.200.52 using address family 2
* Local port: 0
* Connected to ipinfo.io (34.117.186.192) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
...
... output truncated ...
...
* TLSv1.3 (IN), TLS app data, [no content] (0):
* TLSv1.3 (OUT), TLS app data, [no content] (0):
* Connection #0 to host ipinfo.io left intact
208.91.115.10
The -vvv verbosity level offers vital visibility into every step of the HTTP transaction, empowering administrators to troubleshoot and optimize network performance effectively.
4. Conclusion
Mastering the curl command with specific interface options is crucial for network management. The –interface option controls routing requests in environments with multiple interfaces.
Detailed outputs, especially with -vvv, offer comprehensive insights into HTTP transactions, aiding in diagnosing network issues and optimizing performance.