127.0.0.1 vs 0.0.0.0?

Questions about Wi-Fi and other network devices, file sharing, firewalls, connection sharing etc
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
pauljames77
Level 2
Level 2
Posts: 91
Joined: Sun Oct 04, 2020 6:11 pm

127.0.0.1 vs 0.0.0.0?

Post by pauljames77 »

Do you use 127.0.0.1, or 0.0.0.0 to block domains in /etc/hosts?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Moonstone Man
Level 16
Level 16
Posts: 6078
Joined: Mon Aug 27, 2012 10:17 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by Moonstone Man »

pauljames77 wrote: Tue May 18, 2021 10:15 pm Do you use 127.0.0.1, or 0.0.0.0 to block domains in /etc/hosts?
It doesn't matter what one you use.
pauljames77
Level 2
Level 2
Posts: 91
Joined: Sun Oct 04, 2020 6:11 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by pauljames77 »

What do you mean it doesn't matter which one you use?

My question should be - What is the recommended one to use, and why?
1000
Level 6
Level 6
Posts: 1024
Joined: Wed Jul 29, 2020 2:14 am

Re: 127.0.0.1 vs 0.0.0.0?

Post by 1000 »

0.0.0.0
A way to specify "any IPv4 address at all".
https://en.wikipedia.org/wiki/0.0.0.0


127.0.0.1
localhost is a hostname that refers to the current computer
https://en.wikipedia.org/wiki/Localhost


Host file
maps hostnames to IP addresses.
About host file generally
https://en.wikipedia.org/wiki/Hosts_(file)

About host file in Linux
https://www.2daygeek.com/linux-etc-host ... -on-linux/

channel: " DNS Made Easy Videos" - title: " DNS Explained "
https://www.youtube.com/watch?v=72snZctFFtA

So with /etc/hosts you can bypass DNS and redirect name website to local IP on your computer.
In the link above you will notice that this is also used to block websites on your computer.

But it is not a perfect solution.
1. No support for regular expressions. https://en.wikipedia.org/wiki/Regular_e ... c_concepts
So you can't block multiple pages with ( 1 ) a similar name.
2. Not very useful for users with a web browser. This is more useful for administrators .
When you enter the address in your web browser, then a website today can make several Internet connections simultaneously.
( ads, fonts, locks and other data downloaded from other sites than main website )
So only you and your web browser know what web page did you enter.
Therefore, users use browser plug-ins to block unnecessary connections.

Read also this ;)
https://stackoverflow.com/questions/207 ... -localhost

and this

https://www.man7.org/linux/man-pages/man5/hosts.5.html

Edited.
I am not an expert
- I get nervous when I see 0.0.0.0 . I can't trust
- For me 127.0.0.1 looks safer.
But If I have my own website there 127.0.0.1, and I used 127.0.0.1 to block websites.
then I guess that any blocked website instead blocked will open my page.
Last edited by 1000 on Thu May 20, 2021 5:04 am, edited 2 times in total.
pauljames77
Level 2
Level 2
Posts: 91
Joined: Sun Oct 04, 2020 6:11 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by pauljames77 »

Thanks for the reply.
User avatar
trytip
Level 14
Level 14
Posts: 5371
Joined: Tue Jul 05, 2016 1:20 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by trytip »

pauljames77 wrote: Wed May 19, 2021 8:55 pm Thanks for the reply.
# There is a version of this file that uses 127.0.0.1 instead of 0.0.0.0
# available at http://someonewhocares.org/hosts/.
# On some machines the zero version may run minutely faster, however it
# may not be compatible with all systems.
https://someonewhocares.org/hosts/zero/
Image
t42
Level 11
Level 11
Posts: 3709
Joined: Mon Jan 20, 2014 6:48 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by t42 »

sometimes a wallpaper may help not fail to remember what is important
https://i.postimg.cc/tJ854bCK/h-1650.png
-=t42=-
1000
Level 6
Level 6
Posts: 1024
Joined: Wed Jul 29, 2020 2:14 am

Re: 127.0.0.1 vs 0.0.0.0?

Post by 1000 »

t42 the picture is very nice.
I suspect that it has an educational purpose.
But the meaning of this may be a little misunderstood.
I'll try to explain it a bit.

1. Adress 127.0.0.1 if working, usually refers to the current computer.
You can have your own website there.
You may also not have your own page.
But you can always use this address.
For one person this place
it could be an address, and for another person this place it could be a website.


2. You don't need to install Apache to have your own website.
I have netdata installed at home.
Another person may have the print server installed for the printer.

So often a place may exist.


3. Example with netstat command

Code: Select all

# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:8125          0.0.0.0:*               LISTEN      1384/netdata        
tcp        0      0 127.0.0.1:19999         0.0.0.0:*               LISTEN      1384/netdata        
udp        0      0 127.0.0.1:8125          0.0.0.0:*                           1384/netdata        
Each connection has a specific purpose. So not everything has to work in the web browser.
Address 127.0.0.1:19999 ( IP:port ) working in a web browser.
Address 0.0.0.0:* ( "Foreign Address" ) allows me to connect from any address and any port to address 127.0.0.1:19999.
Currently, only the Internet firewall protects me.

I don't know how exactly 0.0.0.0 working.
If I replaces the address 127.0.0.1:19999 to 0.0.0.0:19999
I assume the site won't work, but why?
I think it's just a program lock to prevent invalid connection.
Because if we believe that 0.0.0.0 it means any number of addresses,
and the application will not have an error
- then the program may use one random address
- several addresses at the same time
- all addresses simultaneously.

It does not make sense.
Maybe exists one exception, but I do not know him.
When I wrote that I think 0.0.0.0 is less secure, I had a case in mind when the application may run erratically.
For example, some badly written add-on / app.

Edit
The example may not be the best.
Because address 127.0.0.1:19999 will work for me in web browser
But 127.0.0.1 not.
But the similarity can be deceiving.
User avatar
trytip
Level 14
Level 14
Posts: 5371
Joined: Tue Jul 05, 2016 1:20 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by trytip »

1000 wrote: Sat May 22, 2021 7:12 pm Edit
The example may not be the best.
Because address 127.0.0.1:19999 will work for me in web browser
But 127.0.0.1 not.
But the similarity can be deceiving.
your 127.0.0.1 has a port speciffied to it which is why you can open it, i thought netdata used 9999 but maybe it's a typo and this has no value on the speed between what's in question. have you tried 0.0.0.0:19999 ? fix the port if i got it wrong
Image
1000
Level 6
Level 6
Posts: 1024
Joined: Wed Jul 29, 2020 2:14 am

Re: 127.0.0.1 vs 0.0.0.0?

Post by 1000 »

This is not a bug. This is the real output " netstat -tulpn " of command.
And from doc ( documentation ) https://www.netdata.cloud/blog/netdata-agent-dashboard/
The hows and whys of publicly serving metrics by default

We decided years ago to spin up the web server on port 19999 by default. ...
============
Edited.
have you tried 0.0.0.0:19999 ?
You're right, it also works on my computer.

Code: Select all

# ping -c2 0.0.0.0
PING 0.0.0.0 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.089 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.065 ms

--- 0.0.0.0 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1038ms
rtt min/avg/max/mdev = 0.065/0.077/0.089/0.012 ms
This shows that ping is being redirected from 0.0.0.0 to 127.0.0.1
But I don't know how / where it is set.

Of course this web server / dashboard / metrics not working with my external IP. The firewall is effectively blocking access.
Aztaroth
Level 5
Level 5
Posts: 769
Joined: Mon Jan 11, 2021 1:48 am

Re: 127.0.0.1 vs 0.0.0.0?

Post by Aztaroth »

I am not an expert
- I get nervous when I see 0.0.0.0 . I can't trust
- For me 127.0.0.1 looks safer.
It's just the opposite :oops: .
I use Steven Black's hosts unified list (details here https://github.com/StevenBlack/hosts)
If you scroll down, you'll find this section :
We recommend using 0.0.0.0 instead of 127.0.0.1

Traditionally most host files use 127.0.0.1, the loopback address, to establish an IP connection to the local machine.

We prefer to use 0.0.0.0, which is defined as a non-routable meta-address used to designate an invalid, unknown, or non-applicable target.

Using 0.0.0.0 is empirically faster, possibly because there's no wait for a timeout resolution. It also does not interfere with a web server that may be running on the local PC.
So, using 127.0.0.0 is not really equivalent to 0.0.0.0 (called a 'sink hole')

PS : for those interested, the quick link to SB's list is https://raw.githubusercontent.com/Steve ... ster/hosts. Save it as hosts, then replace your etc/hosts with it (82.077 entries banned on last version)
dual boot LMDE4 (mostly) + LM19.3 Cinnamon (sometimes)
User avatar
trytip
Level 14
Level 14
Posts: 5371
Joined: Tue Jul 05, 2016 1:20 pm

Re: 127.0.0.1 vs 0.0.0.0?

Post by trytip »

Aztaroth wrote: Mon Jun 14, 2021 2:26 am
I am not an expert
- I get nervous when I see 0.0.0.0 . I can't trust
- For me 127.0.0.1 looks safer.
It's just the opposite :oops: .
I use Steven Black's hosts unified list (details here https://github.com/StevenBlack/hosts)

PS : for those interested, the quick link to SB's list is https://raw.githubusercontent.com/Steve ... ster/hosts. Save it as hosts, then replace your etc/hosts with it (82.077 entries banned on last version)
developers should be developed enough to know that people may need an ipv6 version of it also. i create my own hosts with sources from ublock origin extension/addon and even though i blocked ipv6 i always create ipv6 entries just in case i need them for family.
for every 0.0.0.0 entry there should be an equal ::1 entry

Code: Select all

0.0.0.0 badstuff.com
::1 badstuff.com
0.0.0.0 www.badstuff.com
::1 www.bad.stuff.com
but for all that said and done, i see privacy blockers and extensions use 127.0.0.1 instead of 0.0.0.0. i mean if 0.0.0.0 is faster why are developers still using 127.0.0.1 https://someonewhocares.org/hosts/
Image
Aztaroth
Level 5
Level 5
Posts: 769
Joined: Mon Jan 11, 2021 1:48 am

Re: 127.0.0.1 vs 0.0.0.0?

Post by Aztaroth »

trytip wrote :
if 0.0.0.0 is faster why are developers still using 127.0.0.1 https://someonewhocares.org/hosts/
In fact, both host files exist on the site you're referring, one with 127.0.0.1, the other with 0.0.0.0 but no justification of choice is given (or I missed it).
Steven Black gives an explanation that fits me by principle (I'm not guru enough to put it as a statement) because I don't see the need to transform my own computer (127.0.0.1) in a garbage collector when there is one open to everybody (0.0.0.0).
By the way, if you look at the source of host datas, SB's list includes Dan Pollock's one (someonewhocares), so we may guess they try to achieve the same goal.
As we both try, you using 127.0.0.1 and I using 0.0.0.0.
Best wishes of success for them and for us...
dual boot LMDE4 (mostly) + LM19.3 Cinnamon (sometimes)
Locked

Return to “Networking”