Networking :: Individually Address Hosts In Private Network From The Outside
May 24, 2011
The facts are as follows:
1. I have at work a regular LAN with many PCs, each with a DNS-registered public IP. Therefore I am able to address each of these PCs by their fully-qualified names and, for instance, initiate ssh sessions to any of these computers just by typing "ssh <name_of_machine>" from a terminal.
2. Within the aforementioned LAN I have just created a private network with some clients, which access the LAN through a router (a D-link DIR-825). We have created this private network for many reasons, but most importantly because we need to guarantee that the hosts in this network will remain networked among them even if the LAN goes down for any reason (which unfortunately happens often). But we still need to have access to the hosts in the private network from the LAN.
3. I am able to define port forwarding rules in the router in order to access certain services on the private network's clients. For example. I am able to access (by ssh) hosts "H1" and "H2" on the private network from a client on the LAN by defining rules for forwarding ports "P1" and "P2" on the router's public IP to TCP port 22 on the private IPs of "H1" and "H2", respectively. Then I would access each of these hosts from the LAN by using:
>ssh -p P1 [ip.address.of.router] (for accessing H1) and >ssh -p P2 [ip.address.of.router] (for accessing H2)
4. The problem with the port forwarding approach is that it is not easily scalable. For instance, If I wanted to enable ssh access to each host in the private network, I would have to define a port forwarding rule for each machine, and then REMEMBER all these port rules when initiating a ssh session from the LAN in order to point to the right host. And the problem gets worse when considering more services in addition to ssh.
5. The ideal solution would be to be have a means for addressing each host in the private network individually, in much the same way in which I address the hosts in the LAN (which have DNS-registered names). For instance, in order to access hosts H1 and H2 as in the previous example, i would like to be able to just type
>ssh [name_of_host_H1] (for accessing H1) and >ssh [name_of_host_H2] (for accessing H2)
The bottom line:
I guess I can say that what I need is some kind of combined DNS-ing and routing that allows me to communicate with the hosts in the private network from outside of it in a transparent way.
The question is: what are any possible solutions for accomplishing this? I have searched the web and found stuff about things like VPNs, reverse-proxies and NAT servers, but I really can't understand if any of these could serve to solve my problem (BTW, isn't my router doing some sort of NAT-ing already? could I just add some DNS-ing in some way?)
View 3 Replies
ADVERTISEMENT
Feb 24, 2010
Currently my OS is Ubuntu 9.04 Jaunty Jackalope Desktop OS and my web server is Apache2. I have a public address 60.x.y.z and my pc local address is 10.x.y.z. I have a web app in my Apache2 which currently run in localhost(10.x.y.z).
I would like to enable the web app so that it could be browse from outside. I know there maybe some port forwarding process and some commands involved in order to do that. But I have no idea on the steps to do that.
View 5 Replies
View Related
May 15, 2011
I recently just upgraded from humble Linux user to confused Linux admin of my own virtual Linux server. When I issue the ifconfig command I get following output.
Code:
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:1.2.3.4 P-t-P:1.2.3.4 Bcast:1.2.3.4 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
The WAN IP of the interface is not really 1.2.3.4 I just changed that IP for security reasons.What I am trying to figure out, is it possible to assign a private IP address to the same interface or can I only have one IP address per interface. I understand I have a mask of /32 so I am not going to be able to subnet the address to create any more addresses, so I assume I am stuck with the WAN IP (public IP) that I have, and just need to deal with it.
The reason I ask this is because I have been reading through several DNS/BIND tutorials/walk-throughs, and a lot of them specify setting up a intranet access with 192.168.1.1 address for the local DNS server, but since I am connecting to the sever via SSH I figure I do not need a private IP address.
View 5 Replies
View Related
May 28, 2010
I have to build a netwrok for small lab and office setup.Setup as belowI have a PC running with Centos 5.4 and has 4 NIC cards. eth0, eth1, eth2 and eth3
View 3 Replies
View Related
Jul 26, 2011
I just changed my CentOS server from DHCP to static IP address. After the change, I cannot ping other hosts on the same subnet. (I can ping the CentOS itself).The IP address of CentOS is 192.168.0.202.After pinging 192.168.0.106 (106 is on and other host can ping it), arp -a shows? (192.168.0.106) at <incomplete> on eth0 It looks ARP cannot resolve MAC address of hosts 192.168.0.106.
View 1 Replies
View Related
Jan 2, 2011
Something is definitely odd here:Quote:
[rena@mercury:~ 500]
$ hostname
mercury
[code]....
View 9 Replies
View Related
Apr 30, 2010
I can reach other hosts by means of their global addresses by either the IP address or hostname (that has the global address). What I want to (also) do is have a hostname that references the IPv6 link local IP address (an AAAA record in DNS, or just the fe80::<whatever> address in /etc/hosts) and use that host name in commands to access that host. The problem is, an interface ID is needed when making such a reference.
It sure looks like the programs just pass the host name string on to the resolver library, which does not understand the significance of the '%' even though it could find and see that the name preceding the '%' is consistent with that being an IPv6 link local address (e.g. the logic could have been "split at first % and see if preceeding name is found as a link local address and accept that if so, or ignore the split otherwise" ... but it isn't). Is there a different syntax for this ... or was it overlooked in the design of programming around IPv6?I want to be able to address a host by its link local address, while still using a mnemonic instead of having to type the IPv6 address.
View 1 Replies
View Related
Jan 17, 2011
[Code]....
What I want: multiple virtual hosts with ssl and only 1 ip address: In my example: server = 192.168.227.129
[Code]....
View 9 Replies
View Related
Jan 11, 2011
We have to connect one PC in private network (campus) with other PC (mostly a modem in our case)in public network. Connection should be peer to peer like and we have to use C coding for establishing connection between this two systems. Is it possible if we use port forwarding or is there any other way?
View 2 Replies
View Related
Jul 27, 2011
I run a server that is connected to several other boxes in a private network (192.168.0.0). I have had no problems previously, but upon a reinstall of Debian squeeze I have no connectivity to the private network: a ping of other addresses on that network fail. Ping and connection to outside world is fine. This box is configured similarly to another on this private network which connects successfully. I have quadruple-checked all my basic information. I post my ifconfig below of the malfunctioning device, then the ifconfig for equivalent nic on a box connected succesfully to the private network.
Questions:
1.Could it be a cable problem? (I don't see how since the cables have not been changed I do not believe since my reinstallation).
2. What about the difference in the last lines of eth1 below and eth2 of the successful box. Is it significant that the bad eth1 reads Memory:fc3a0000-fc3c0000
View 5 Replies
View Related
Dec 16, 2010
Version 10.04 LTS. Installed desktop version and network worked but I needed a static IP address and the install configures for a DHCP configured address. I tried changing to static address using the System->Preferences->Network Connections application but was unable to get the system to come up with the network up.
So I manually modified the /etc/network/interfaces and the /etc/resolv.conf files. I restart the system but when I do an ifconfig, I don't see a configured IP address on eth0 (only the loopback address). If I run /sbin/ifup eth0 everything then works fine and ifconfig shows the correct address bound to eth0.
My files are as follows:
View 2 Replies
View Related
May 6, 2010
I have a small office network with windows machines and a Linux Internet access server (CentOS 5.4). For Internet access I use masquerade, so everione can access every Internet service.
I periodicali have quite big traffic from one of the hosts, but I can't figure out which one is that?
Is there any linux command which will show me the bytes/packets (or any useful infos) going to specific hosts?
View 9 Replies
View Related
Oct 1, 2010
I Own a netcafe and I want to limit the netspeed for some of the users on the network because some of them maybe use torrent or other ways to eat the bandwidth and the net became so slow for other users.
My task is a way to limit the net speed for some users on the network, I tried a mikrotik RouterOS but it look like a miss to install I wanted an easier way than this, I use linux or windows or any OS to make this task done please help me to do it !!
View 4 Replies
View Related
May 11, 2010
Is it possible to have different /etc/hosts file for different network connections without having to go in and change it every time? The why: I have dyndns and port forwarding to get to my desktop. My laptop is sometimes on the same network, and sometimes not. Also, sometimes the dyndns doesn't update properly, or the outside connection is down, but I want to get to my desktop (and I'm too lazy to walk up the stairs). I'd like to be able to keep one set of bookmarks, ssh command aliases, etc. that would always get to it the fastest and most reliable way possible.
View 1 Replies
View Related
Aug 4, 2009
I need a script but i am not good at programming soWhat script have to do:- Every 1 minute is checking if ip address is available (ping)- if ip answers nothing happens- if ip does not answers: * file /etc/hosts is changed by one stored in /home/user/hosts* notification by xterm to restart some programIf finally ip answers file /etc/hosts is changed by one stored in /home/user2/hosts
View 6 Replies
View Related
Aug 17, 2011
Well, as many proxy applications, GNOME Network Proxy Preferences only allow to ignore hosts. What I want to do is exactly the opposite. I only want to use the proxy for few sites. Is it possible to define only the allowed hosts in any way?
PS: I know FoxyProxy add-on for Firefox does this, but 1)I don't use Firefox and 2)I want the proxy settings system wide not only for browser.
View 9 Replies
View Related
Nov 4, 2010
system is RedHat v4. I removed root: admin-name@domain from /etc/aliases then ran /usr/bin/newaliases.
The admin does not get the emails but now the email generated by the cronjobs is being sent to my-name@domain outlook email from "root@localhost.localddomain". No other changes were made. Where should I start looking for the definition of sent crontab email to my-name@domain?
View 3 Replies
View Related
Jun 27, 2011
Problem:Your company network has internal only hosts / websites with names that end in .local, e.g.Your freshly installed Ubuntu machine works fine on the network, has internet access, etc. but cannot connect to these particular systems.Testing DNS with tools like dig / nslookup works fine, but normal name resolution with ping / telnet / browsers does not work.Solution:1. Open a terminal window2. Enter the command sudo nano /etc/nsswitch.conf3. Change the following line:hosts: files mdns4_minimal [notfound=RETURN] dns mdns4to this:hosts: files dns4. Press Ctrl-X, Y, Enter to saveExplanation:Ubuntu ships configured to do name lookups for self-configuring networks, based on the AppleTalk / mDNS / Bonjour protocol. In the configuration shipped for the resolver, this protocol is considered the final aurhority for the ".local" top level domain, and DNS will not be checked. The above configuration change eliminates this and restricts lookups to (a) /etc/hosts file, followed by (b) DNS
View 1 Replies
View Related
May 30, 2011
I found this IP address in my hosts.allowQuote:ALL: 119.42.68.232I cannot find any other evidence of intrusion.
View 4 Replies
View Related
Jul 2, 2010
What is the (officially) proper way to configure Apache so that a given IP address can have two or more virtual host names, each going to different distinct configurations (e.g. with different DocumentRoot, Alias, etc), and also do this for the IP address so that it goes to a designated configuration rather than defaulting to the first or a random host name?
Apache documentation does not appear to address this. If so, it has it hidden in a non-obvious place.
View 7 Replies
View Related
Jul 21, 2010
1) I'm not sure which IP address to use when I list my machine name in /etc/hosts, particularly after reading:
Quote:
By the w]ay, Arnt Gulbrandsen <agulbra@nvg.unit.no> says that 127.0.0.1 # should NEVER be named with the name of the machine. It causes problems # for some (stupid) programs, irc and reputedly talk. :^)
Here's what I have now:
Code:
root@eagleswing:~# hostname
eagleswing
root@eagleswing:~# cat /etc/HOSTNAME
eagleswing.5binc
[Code]...
I'm not certain how to include my router in /etc/hosts so I can use it to link my PCs as stated above. I was thinking of writing (see above link):
192.168.2.1 localbelkin Will this work & is it proper?
3) Do I need to make use of any other IP addresses at this link? What are the WAN IP & Default Gateway addresses used for? I am going to be serving documents & running scripts on Apache.
View 2 Replies
View Related
Aug 10, 2010
I have setup Denyhosts to run on my server, and have been using it succesfully for the last few weeks, to allow me to ssh into my server from my home dev machine.
This morning, I accidentally typed my password incorrectly three times - and ended up being locked out of the system (tghat was ok, because that was what was supposed to happen). I logged into the server via another way and took the following actions (in the order given)
/etc/init.d/ssh stop
/etc/init.d/denyhosts stop
removed my IP address from /etc/hosts.deny
/etc/init.d/ssh start
[Code].....
View 1 Replies
View Related
Feb 26, 2010
I have openSUSE 11.2 installed and i need to create a gateway server that allows virtual private network connections. I want to play with my friends some lan games, but we are in different networks, so i want to create this gateway server so we can connect with VPN clients to this server and play freely.
View 7 Replies
View Related
Sep 24, 2009
Fedora 11 I have tried just about everything in webmin, the current one I am working with is openswan, and I get this error: ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.secrets ipsec rsasigkey: key pair generation failed: "-8037"
My boss would like to have our employees connect to our linux server, then access their personal computers to work when they are unable to be in the office. Everyone else in the office uses winblows and they are unwilling to try anything else no matter what the benefit. The most important one is the CAD guy, we need him to work on drawings from school or his latest flings house and I am just running out of steam. how to fix this error or radically change my approach, I will try or do anything.
View 2 Replies
View Related
Apr 3, 2011
I have DDNS configured and working for dynamic addresses, but it's not quite right for static addresses yet. The DHCP server assigns the static address, but it doesn't update the DNS sever with the associated host name. Which means I have to use the IP address when accessing the host instead of the host name. How can I get the DHCP server to update the DNS with the host name associated with the fixed-address?Here is my current dhcpd.conf.
Code:
ddns-update-style interim;
ignore client-updates;
[code]....
View 2 Replies
View Related
Feb 22, 2011
I am trying to run two web servers (Virtual Hosts) on a single Linux Centos 5.5 box with a single IP address 192.168.0.182. I did all the pre-installation requirements such yum install mysql, yum install mysqladmin, service httpd start, service mysqld start etc etc.In /var/www/html directory, I have two folder called server1 and server2. These two folders have the necessary web server php script files and folders. I opened the browser and managed to install the script on one web server successfully. When I put the IP address 192.168.0.182 on the browser address bar, the page loads without any problem. Now I would like to be able to install the other web server script and I don't know how to?Here is my httpd configuration;
<VirtualHost *>
DocumentRoot /var/www/html/server1
ServerName development.mysite.com
[code]....
View 15 Replies
View Related
Mar 15, 2011
I'm trying to setup a OpenVpn on my Ubuntu 10.04 and after doing the configs from here: [URL] I get an error:
[Code]....
View 1 Replies
View Related
Dec 11, 2009
I use getaddrinfo to get the ip address of the server, it works well on other 3 machines, but always get local address 127.0.0.1 on an 64 bit linux machine. Therefore, other remote clients can not connect to the socket server because the server binds local address l27.0.0.1.
I have also tried pass 0.0.0.0 to getaddrinfo, now the server bind on 0.0.0.0(all available interface). But now I can not print the correct network address of the server, as it is always 0.0.0.0 which is provided by getsockname.
I do not know how to get the network address of the server, rather than the local address.
View 7 Replies
View Related
Aug 29, 2010
I just installed open Suse 11.3, and I cannot SSH my school. Upon further investigation I could not even ping any machines outside my local area network. Ironically I could nmap machines outside my local area network.
View 4 Replies
View Related
Aug 21, 2011
since a few weeks I have a problem connecting to other hosts when I'm using another wireless network, which has a different DNS IP than I have in my network. I have to change /etc/resolv.conf to change the nameserver. Can NetworkManager control the nameserver? If yes, how?
View 3 Replies
View Related
