You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by robert <ro...@estrell.com> on 2004/08/29 23:20:50 UTC
[users@httpd] Re: ip aliasing and port forwarding
Me <me <at> yzix.org> writes:
>
>
> > I have a
> static IP 67.117.202.1 and is mapped as eth1 on my fedora linux box.> if
> apache 1.3 listens to this IP address, I can see my website from > the
> outside world.This may seem like an odd question - but what's set
> up for eth0. The designation eth1 assumes (to me anyway) that you have 2 nics
on
> that box.
>
> If you have eth0 set up as as internal net number
> (ie: 192.168.1.15) you shouldn't have to alias that IP to eth1 (it would, in
> fact cause errors). Have you tried
> Listen *:80
> In your httpd.conf to make Apache listen to all
> available IP addresses?
>
> Also, perhaps a bit off topic, if you're trying to
> set up the Fedora box as a firewall or a NAT for your local net, you can find
> detailed instructions at http://tldp.org/HOWTO/IP-Masquerade-HOWTO/index.html
>
>
> Either way, you're going to need a gateway
> somewhere that allows your 192.168.1.0 network to access the Internet
> (67.117.202.1)
>
> I guess I'm with Zoe on this - more information is
> required about your network configuration to answer your question
> properly
> ----- Original Message -----
> From:
> Zoe Ballz
>
> To: users <at> httpd.apache.org ; Eugene
>
> Sent: Sunday, August 29, 2004 12:23
> AM
> Subject: Re: [users <at> httpd] ip aliasing
> and port forwarding
>
> Hiya
>
> Ok maybe I'm being thick - but if you do not have
> a router then how do you have your network set up to connect to the net?
Are
> you using windows ICS (internet connection sharing) or is your apache
server
> running as a proxy server? Please clarify and I may be able to help.
(Although
> a little off subject, but at the end of the day almost all
> apache administrators need to know a bit about networks
> too).
>
> All the best
>
> Zoe
>
I don't have a router because I have a static IP number the 67.XX
I got three nics on my box.
eth1 is the one connected to the modem that's how I can browse the
outside world.
now, on the same box I run apache and if I make
apache listen to 67.xx... i can see apache from the outside world,
meaning my friends can see my server.
what I want to do is make an alias for the 67.xxx with a 192.168.1.x
and make apache listen to the 192.168.1.x number i choose.
so that when my friends point to the 67.x.x ip number, they get redirected to
the 192.168.1.x and apache answers back.
right now this doesn't work, it seems like I am missing somehting with
ip aliasing. ofcourse i can get a router and give that router
the 67.x.x.x number then port forward port 80 to the 192.168. and apache will
be seen from the outside world, I am trying t osee if I
can get away with getting a router for this purpose.
eth1 is the nic connected to the 67.x.x..x
my alias is eth1:1, I got 3 nics on the box but the other nics are for
something else. Idon't have problem browsing outside, or being seen
as long as I use the 67.x, but I just wanted to see if I can
forward 67.x to the 192.x
that's all.
thanks,
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re[2]: [users@httpd] Re: ip aliasing and port forwarding
Posted by Eugene <ht...@infosatgeomatica.com>.
Hello Zoe, thats what I'm trying to explain: he can use this IP range
just locally, but not from outside. And just for info: no, we dont
have host domain on this address. We have five IP addresses that we
can use to connect to internet or for hosting. To connect to router I need:
1) router IP (I said DNS, sorry),
2) my IP, 3) subnet mask, 4) gateway for five IPs(in my case). So outside
will be accesible just these five IPs from 67.xxx.xxx.200 to
67.xxx.xxx.205 but not 192.xxx.xxx.xxx. Sorry for my English:)
Sunday, August 29, 2004, 8:01:11 PM, you wrote:
> Hiya
> Maybe I am missing the point of what you are trying to achive, but if all
> you want to do is to use http://192.168.bla.bla to access your site locally
> from the same machine, why dont you just make apache listen to the relevent
> addresses? This is done in httpd.conf .
> Listen 192.168.bla.bla:80
> Listen 67.bla.bla.bla:80
> Your friends in the outside world cannot use the 192 address to access the
> site as this this range of ips if for the sole use of small LANs and is
> invalid in the net.
> All the best
> Zoe
> http://zoeballz.net - Website Hosting for the Transgendered Community
> I don't have a router because I have a static IP number the 67.XX
> I got three nics on my box.
> eth1 is the one connected to the modem that's how I can browse the
> outside world.
> now, on the same box I run apache and if I make
> apache listen to 67.xx... i can see apache from the outside world,
> meaning my friends can see my server.
> what I want to do is make an alias for the 67.xxx with a 192.168.1.x
> and make apache listen to the 192.168.1.x number i choose.
> so that when my friends point to the 67.x.x ip number, they get redirected
> to
> the 192.168.1.x and apache answers back.
> right now this doesn't work, it seems like I am missing somehting with
> ip aliasing. ofcourse i can get a router and give that router
> the 67.x.x.x number then port forward port 80 to the 192.168. and apache
> will
> be seen from the outside world, I am trying t osee if I
> can get away with getting a router for this purpose.
> eth1 is the nic connected to the 67.x.x..x
> my alias is eth1:1, I got 3 nics on the box but the other nics are for
> something else. Idon't have problem browsing outside, or being seen
> as long as I use the 67.x, but I just wanted to see if I can
> forward 67.x to the 192.x
> that's all.
> thanks,
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
--
Best regards,
Eugene mailto:httpd.subscribe@infosatgeomatica.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: ip aliasing and port forwarding
Posted by Zoe Ballz <zo...@zoeballz.tv>.
Hiya
Maybe I am missing the point of what you are trying to achive, but if all
you want to do is to use http://192.168.bla.bla to access your site locally
from the same machine, why dont you just make apache listen to the relevent
addresses? This is done in httpd.conf .
Listen 192.168.bla.bla:80
Listen 67.bla.bla.bla:80
Your friends in the outside world cannot use the 192 address to access the
site as this this range of ips if for the sole use of small LANs and is
invalid in the net.
All the best
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
I don't have a router because I have a static IP number the 67.XX
I got three nics on my box.
eth1 is the one connected to the modem that's how I can browse the
outside world.
now, on the same box I run apache and if I make
apache listen to 67.xx... i can see apache from the outside world,
meaning my friends can see my server.
what I want to do is make an alias for the 67.xxx with a 192.168.1.x
and make apache listen to the 192.168.1.x number i choose.
so that when my friends point to the 67.x.x ip number, they get redirected
to
the 192.168.1.x and apache answers back.
right now this doesn't work, it seems like I am missing somehting with
ip aliasing. ofcourse i can get a router and give that router
the 67.x.x.x number then port forward port 80 to the 192.168. and apache
will
be seen from the outside world, I am trying t osee if I
can get away with getting a router for this purpose.
eth1 is the nic connected to the 67.x.x..x
my alias is eth1:1, I got 3 nics on the box but the other nics are for
something else. Idon't have problem browsing outside, or being seen
as long as I use the 67.x, but I just wanted to see if I can
forward 67.x to the 192.x
that's all.
thanks,
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Re: ip aliasing and port forwarding
Posted by Bill Bishop <b...@bandkshow.com>.
Your basic problem is not with Apache, it is with networking. The
192.168.x.x addresses are the "private" addresses. This means that any
router connected to the internet that receives a packet with a destination
of these addresses MUST drop that packet.
In other words, your friends will never be able to contact your system
across the Internet using any address in the 192.168.x.x range. They will
only be able to contact you on your 67.x.x.x address. Redirecting will not
help.
If you use a NAT, a Network Address Translator, you can translate the
67.x.x.x address your friends can connect to into a 192.168.x.x address, but
this is pointless since your site is already listening on the 67.x.x.x
address.
For more information on the 192.168.x.x private address space, see RFC-1918
on the http://www.ietf.org RFC pages link.
Best of luck to you.
-B^2
;)
> -----Original Message-----
> From: news [mailto:news@sea.gmane.org] On Behalf Of robert
> Sent: Sunday, August 29, 2004 2:21 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Re: ip aliasing and port forwarding
>
>
>
> I don't have a router because I have a static IP number the 67.XX
> I got three nics on my box.
> eth1 is the one connected to the modem that's how I can browse the
> outside world.
>
> now, on the same box I run apache and if I make
> apache listen to 67.xx... i can see apache from the outside world,
> meaning my friends can see my server.
>
> what I want to do is make an alias for the 67.xxx with a 192.168.1.x
> and make apache listen to the 192.168.1.x number i choose.
> so that when my friends point to the 67.x.x ip number, they get redirected
> to
> the 192.168.1.x and apache answers back.
>
> right now this doesn't work, it seems like I am missing somehting with
> ip aliasing. ofcourse i can get a router and give that router
> the 67.x.x.x number then port forward port 80 to the 192.168. and apache
> will
> be seen from the outside world, I am trying t osee if I
> can get away with getting a router for this purpose.
>
> eth1 is the nic connected to the 67.x.x..x
> my alias is eth1:1, I got 3 nics on the box but the other nics are for
> something else. Idon't have problem browsing outside, or being seen
> as long as I use the 67.x, but I just wanted to see if I can
> forward 67.x to the 192.x
> that's all.
> thanks,
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
AW: [users@httpd] Re: ip aliasing and port forwarding
Posted by Steffen Heil <li...@steffen-heil.de>.
Hi
> right now this doesn't work, it seems like I am missing somehting with ip
aliasing.
Right.
You seem to assume, that setting up an alias on eth1:1 make the set up ip
address an alias for the ip address of eth1. This is true, but not as you
interpret it.
In fact, "aliasing" in this context refers to network interfaces, not ips.
[Though it is called ip aliasing.] What it really does is, it binds a second
ip to the same interface.
This way, you can set up multiple ips on one nic. Thats all.
The assigned ips have nothing in common, except that they communication goes
through the same nic (which is what is aliased here).
If you want to so some forwarding between them, you might be able to set
this up in iptables. I have heared about such configurations, but I cannot
help on that.
Regards,
Steffen
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org