Appearance
Monitoring IP Addresses
Pingward supports monitoring endpoints using IP addresses (IPv4 or IPv6) instead of hostnames. This is useful for:
- Testing load balancers directly
- Monitoring services before DNS is configured
- Validating specific server instances
- Testing internal infrastructure endpoints
Basic Usage
Simply enter an IP address in the URL field:
IPv4:
https://192.168.1.100/health
http://10.0.0.50:8080/api/statusIPv6:
https://[2001:db8::1]/health
http://[fe80::1]:8443/api/statusIPv6 addresses must be enclosed in brackets [...] as per RFC 3986.
Virtual Hosts & SNI
If your server uses virtual hosting or SNI (Server Name Indication), you must provide a Host header override:
- Enter the IP address in the URL field
- Enter the hostname in the Host Header field
Example: Testing a Load Balancer
| Field | Value |
|---|---|
| URL | https://192.168.1.100/health |
| Host Header | api.example.com |
This sends the HTTP request to 192.168.1.100 but includes Host: api.example.com in the headers, allowing the server to route to the correct virtual host.
Example: Testing Kubernetes Services
yaml
URL: https://10.96.0.1:443/healthz
Host Header: kubernetes.default.svc.cluster.localWhen to Use IP Addresses
Good Use Cases:
- Load balancer health checks - Test individual backend servers
- Pre-production testing - Validate before DNS cutover
- Internal services - Monitor services without public DNS
- Disaster recovery - Fallback when DNS fails
Considerations:
- SSL/TLS: Using IP addresses with HTTPS requires proper certificate configuration
- Virtual hosting: Always provide a Host header if the server uses name-based virtual hosting
- Firewalls: Ensure Pingward workers can reach the IP address
SSL/TLS with IP Addresses
For HTTPS connections to IP addresses, the server's SSL certificate must include:
- The IP address in the Subject Alternative Name (SAN) extension, OR
- A wildcard/hostname that matches the Host header override
If the certificate only contains hostnames, use the Host Header field to match the certificate.
Regional Testing
IP addresses work with all region settings. Tests execute from selected regions, connecting directly to the specified IP address.
Troubleshooting
"SSL handshake failed"
- Verify the SSL certificate is valid for the IP address or Host header
- Check that the Host header matches a name in the certificate's SAN
"Connection refused"
- Confirm the IP address is reachable from Pingward workers
- Check firewall rules allow traffic from Pingward's IP ranges
- Verify the port is correct
"Virtual host not found"
- Ensure you've set the Host header to match the server's virtual host configuration
- Check server logs to see what hostname was received
Security Notes
- Host header values are validated to prevent CRLF injection attacks
- All IP addresses are logged in test results
- Consider network segmentation when exposing internal IPs to monitoring
See Also
- Endpoints - General endpoint configuration
- Headers - Custom HTTP headers
- Authentication - Auth for IP-based tests