Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Servers and such...
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
sirtoast
n00b
n00b


Joined: 06 May 2002
Posts: 72
Location: Halifax, NS

PostPosted: Mon May 06, 2002 11:03 pm    Post subject: Servers and such... Reply with quote

I'm trying to set up my gentoo box to be accessable from the net, either via ssh, or apache/squirrelmail as per the desktop-installation readme from the site here. I've got everything set up, and running fine, or so it would seem.

I'm on a high speed internet connection (DSL) but not PPPoE. My IP is set via DHCP (currently inet addr:10.50.129.227 Bcast:10.50.129.239 Mask:255.255.255.240) and the ISP assigns a different IP to all outgoing (as in outside the ISP's LAN) traffic. Some funky IP translation/forwarding/masqerading or whatever it's called, going on.

I've setup a domain on dyndns.org, and installed a client to update (dyndnsupdate), and have set crond to run the ipcheck/update hourly.

Everything should be fine...yes?

I can't get any communication back ot my PC, by pinging the external IP, or by trying use http or ssh. If i use ssh/http to my internal ip, it works fine. I can't seem to get in from outside the local IPs.

Any suggestions? I don't think it's a setup problem with my system, although it certainly wouldn't be a surpise, I'm a fairly bottom-level linux user, and this is the longest I stuck with ANY dist (been using RH/Mandrake/slackware/Corel on and off since 1996...

Any help would be appreciated
_________________
Toast
http://toastnet.org
Back to top
View user's profile Send private message
klieber
Administrator
Administrator


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Mon May 06, 2002 11:52 pm    Post subject: Re: Servers and such... Reply with quote

sirtoast wrote:
My IP is set via DHCP (currently inet addr:10.50.129.227


This is your problem -- that's not a publicly-addressable IP address. Any IP address that starts with 10.x.x.x, 192.168.x.x or 172.16.x.x through 172.31.x.x aren't addressable from the internet.

What happens is your ISP turns that into a "real" IP address at their router or firewall. You need to find out what that "real" IP address is. In your case, your "real" IP is:

Code:
142.177.186.117


Or, at least it was when you posted your question. It may change, depending on how your ISP is set up.

You need to contact your ISP and ask them how they translate IP addresses and whether or not what you want to do is possible. (they may tell you it isn't supported, but you need to get them to tell you if it's even technically possible given their network setup.)

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
sirtoast
n00b
n00b


Joined: 06 May 2002
Posts: 72
Location: Halifax, NS

PostPosted: Tue May 07, 2002 12:15 am    Post subject: Reply with quote

Exactly, as of now, my real-world IP is 142.177.140.216, and even though I have apache and sshd running, by pointing to that IP, it's not letting me log on from outside the the router. I can get http headers from network-tools.com for the realworld IP. Maybe I'm misunderstanding, but if I can see that I'm running apache, the communication is getting through right?

Header are:
HTTP/1.1 200 OK
Date: Tue, 07 May 2002 00:09:23 GMT
Server: Apache/1.3.24 (Unix) PHP/4.1.2 mod_ssl/2.8.8 OpenSSL/0.9.6c
_________________
Toast
http://toastnet.org
Back to top
View user's profile Send private message
klieber
Administrator
Administrator


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Tue May 07, 2002 12:19 am    Post subject: Reply with quote

sirtoast wrote:
Maybe I'm misunderstanding, but if I can see that I'm running apache, the communication is getting through right?


except that a lot of servers run apache, so you may be looking at someone else's server. However, I just went to that page and got the default apache install page. If you check your httpd logs and see that someone hit your page, then you know that part is working. Then, we can focus on other areas as the potential cause of the problem.

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
klieber
Administrator
Administrator


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Tue May 07, 2002 12:21 am    Post subject: Reply with quote

OK, I just tried to ssh to that IP address and got through just fine, so *something* is responding on port 22.

What is it that isn't working for you?'

EDIT: just to clarify, I got an ssh challenge/response prompt on port 22 -- I didn't actually get into your box. :)

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
sirtoast
n00b
n00b


Joined: 06 May 2002
Posts: 72
Location: Halifax, NS

PostPosted: Tue May 07, 2002 12:42 am    Post subject: Reply with quote

so would I not be able to bring up the http or ssh from the same pc, using the external IP?

The only reason why, would be to troubleshoot and ensure that the external ip is working...not that I generally want to ssh to the box i'm sitting at:)

I had asked someone from work to try and bring the IP up, but they couldn't, and then after you said you could, I called them back, and it worked, so maybe it was user error to begin with. Sorry to waste your time, like i said...bottom level linux user:)
_________________
Toast
http://toastnet.org
Back to top
View user's profile Send private message
klieber
Administrator
Administrator


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Tue May 07, 2002 12:49 am    Post subject: Reply with quote

sirtoast wrote:
so would I not be able to bring up the http or ssh from the same pc, using the external IP?


Might not -- your ISP might have things configured to not do that. Depends. (how's that for an answer. :))

Sounds like you have it all set now, but if you need some further help testing the connection, send me a PM and we'll work out the details.

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
Nitro
Bodhisattva
Bodhisattva


Joined: 08 Apr 2002
Posts: 661
Location: San Francisco

PostPosted: Tue May 07, 2002 12:51 am    Post subject: Reply with quote

I can do a traceroute to your IP fine, and I can see your webserver fine.

I'm a little confused here though, are you going from [internal pc] --> [server's WAN nic]? If that is what you are trying to do, then I think it is an issue with your routes. Run route -n, and show us its output.

This computer functions as a router too right?
_________________
- Kyle Manna

Please, please SEARCH before posting.

There are three kinds of people in the world: those who can count, and those who can't.
Back to top
View user's profile Send private message
sirtoast
n00b
n00b


Joined: 06 May 2002
Posts: 72
Location: Halifax, NS

PostPosted: Tue May 07, 2002 1:08 am    Post subject: Reply with quote

No, this just my home PC. I'm trying to make it accessable from other locations, namely work and other PCs. It's a standalone PC, on ADSL, with a DHCP assigned IP. The IP is a 10.50.?.? address, and there is a router which dynamically assigns an external IP on a rotating basis (142.177.?.?)

My problem was that I didn't think my apache or ssh servers were working correctly, because if i tried to connect to the external ip (142.177.?.?) it wasn't working. I could connect by using the internal ip however.

Turns out that the servers were and are running correctly, but when i asked a friend to try from work, he said it wasn't coming up, but that was a keying error when he was keying the IP.

As it stands now, I know the servers are live, but I guess I can't connect to them via the external IP.

As for the route -n output

crouton root # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.50.129.224 0.0.0.0 255.255.255.240 U 0 0 0 eth0
0.0.0.0 10.50.129.225 0.0.0.0 UG 0 0 0 eth0
_________________
Toast
http://toastnet.org
Back to top
View user's profile Send private message
Nitro
Bodhisattva
Bodhisattva


Joined: 08 Apr 2002
Posts: 661
Location: San Francisco

PostPosted: Tue May 07, 2002 1:13 am    Post subject: Reply with quote

Try running:
Code:
route add -host <your-external ip> dev eth0
That should send the requests to your eth0 interface (lo would be better...) instead of out to your ISP's routers.

By the way, where is your loopback device?
_________________
- Kyle Manna

Please, please SEARCH before posting.

There are three kinds of people in the world: those who can count, and those who can't.
Back to top
View user's profile Send private message
sirtoast
n00b
n00b


Joined: 06 May 2002
Posts: 72
Location: Halifax, NS

PostPosted: Tue May 07, 2002 1:24 am    Post subject: Reply with quote

here's what comes up with ifconfig, is that what you were inquiring about for loopback?

crouton root # ifconfig
eth0 Link encap:Ethernet HWaddr 00:60:97:21:F4:79
inet addr:10.50.129.227 Bcast:10.50.129.239 Mask:255.255.255.240
UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1
RX packets:1033180 errors:0 dropped:0 overruns:0 frame:0
TX packets:9265 errors:0 dropped:0 overruns:0 carrier:0
collisions:25 txqueuelen:100
RX bytes:1383939970 (1319.8 Mb) TX bytes:1577058 (1.5 Mb)
Interrupt:5 Base address:0xe800

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:427 errors:0 dropped:0 overruns:0 frame:0
TX packets:427 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:34641 (33.8 Kb) TX bytes:34641 (33.8 Kb)
_________________
Toast
http://toastnet.org
Back to top
View user's profile Send private message
Nitro
Bodhisattva
Bodhisattva


Joined: 08 Apr 2002
Posts: 661
Location: San Francisco

PostPosted: Tue May 07, 2002 1:31 am    Post subject: Reply with quote

I guess you're all fine. I just was expecting to see it in the route listing.

By the way, did that route command work for you?
_________________
- Kyle Manna

Please, please SEARCH before posting.

There are three kinds of people in the world: those who can count, and those who can't.
Back to top
View user's profile Send private message
sirtoast
n00b
n00b


Joined: 06 May 2002
Posts: 72
Location: Halifax, NS

PostPosted: Tue May 07, 2002 1:37 am    Post subject: Reply with quote

I didn't run the route command, only because my external IP is always changing. It was 142.177.140.216 when you were looking at it a few messages ago, now it's flipped to 142.177.181.231, so to add it would make it out of date within an hour more than likely.

Nitro, I really want to thank you and klieber for your help. It's great to have a supportive community here
_________________
Toast
http://toastnet.org
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum