You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Leif W <wa...@usa.net> on 2005/01/14 10:12:15 UTC
Re: [users@httpd] problem accessing virtual hosts from local network(Linux)
> Martijn Veening; 2005 January 12 Wednesday 16:43
>
> On our server we are hosting several virtual domains.
> When configuring a new account I cannot test whether or not it's
> working. When I type the url in the browser, it waits endlessly.
> I cannot access our own hosted virtual domains from our server itself
> (or local network).
> I'm sure it must have something to do with loopback or hosts, or
> perhaps
> firewall, but I cannot figure out what.
> Specs: Linux 2.4 + httpd 2.0,
> static IP/DHCP (ADSL),
> in /etc/hosts only 127.0.0.1 configured as localhost (should it
> contain
> all virtual domains as well ?),
> httpd.conf contains ServerName detri015.speed.planet.nl:80.
>
> If my request goes to the internet and back to our server, which
> should
> respond to itself as well, based on virtual domains, could that be a
> problem in itself ? Or is it a simple configuration problem ?
My guess is a Linux routing problem, not Apache. So, try to isolate
Apache functionality from general IP routing.
1) Configure a test virtual host and listen and namevirtualhost on
127.0.0.1, and log into that machine and try to access the test site.
My guess is that it will work fine. If so, it's not Apache, it's Linux
routing. I forget if there's a specific rule you need to add, or if
it's just plain broken. I worked around the problem by setting up
dnsmasq, use it as the DNS server for the LAN machines, optionally as
DHCP, but static is fine. Put the LAN's host names and internal IPs
(ex. 192.168.1.12, etc) into /etc/hosts, and dnsmasq will read it and
resolve to internal IPs.
2) From the gateway machine itself, try to ping 127.0.0.1. Try to ping
its external address (ex. 11.22.33.44), probably succeeds. Try to ping
the gateway, probably succeeds or you'd be offline. :p Try to ping DNS
servers, probably succeeds. Go inside the LAN, and from a LAN computer,
ping the internal gateway (ex. 192.168.1.1), probably succeeds (again
otherwise you'd be offline). Try to ping the external IP of the gateway
(11.22.33.44), probably fails (otherwise HTTP or anything else would
work). For another example, read the Perl man pages and write a very
simple client/server of your own, which simply listens for a connection
and prints a static response. Put the client and server on both
machines, and try it both ways, probably works every way except with
client on LAN, server on gateway, listening to external IP. Double
check your iptables rules. Try upgrading to kernel 2.6. I think I
remember this not working in 2.2 and 2.4, but it worked all of a sudden
in 2.6 with no changes to my iptables rules.
Leif
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from localnetwork(Linux)
Posted by Leif W <wa...@usa.net>.
> Martijn Veening; 2005 January 14 Friday 07:55
>
> Furthermore, a traceroute <external IP address) does not come further
> than my Alcatel DSL IP address 10.0.0.138. After that traceroute
> hangs.
They may be filtering ICMP protocol. traceroute uses a series of
"pings", similar to using ping, so it needs to talk ICMP to every host
along the route from you to (ex.) google.com, and then report the delays
at each hop. There is a program tcptraceroute which can instead use TCP
to talk to (usually) port 80, and it supposedly gathers data in that
manner. It sounds great in theory but I never got anywhere near the
same results as with ping, and most of the time it didn't seem to work
right at all, giving <10ms delay for every site even when it takes ping
over 120ms to hit the forst IP from the ISP, and also skips about 66% of
hops entirely when compared to an unfiltered ICMP based traceroute to
the same address.
Leif
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from local
network(Linux)
Posted by Martijn Veening <ma...@detrics.com>.
Furthermore, a traceroute <external IP address) does not come further
than my Alcatel DSL IP address 10.0.0.138. After that traceroute hangs.
On Fri, 2005-01-14 at 12:02, Martijn Veening wrote:
> OK, thanks for your extensive suggestions:
>
> Pinging my external IP-address from the gateway does NOT work (nor
> pinging my url).
> >From the outside world, everything works fine, also considering the
> different virtual domains (virtual hosting is config'd correctly), and
> pinging etc.
> Furthermore everything works fine, also internet from LAN through
> gateway by proxy, DNS etc.
> So it appears not to be Apache problem indeed (sorry) but Linux routing
> problem: i cannot ping my external IP-address from gateway itself.
> Should that be possible ?
>
> Martijn
>
>
> On Fri, 2005-01-14 at 09:12, Leif W wrote:
> > > Martijn Veening; 2005 January 12 Wednesday 16:43
> > >
> > > On our server we are hosting several virtual domains.
> > > When configuring a new account I cannot test whether or not it's
> > > working. When I type the url in the browser, it waits endlessly.
> > > I cannot access our own hosted virtual domains from our server itself
> > > (or local network).
> > > I'm sure it must have something to do with loopback or hosts, or
> > > perhaps
> > > firewall, but I cannot figure out what.
> > > Specs: Linux 2.4 + httpd 2.0,
> > > static IP/DHCP (ADSL),
> > > in /etc/hosts only 127.0.0.1 configured as localhost (should it
> > > contain
> > > all virtual domains as well ?),
> > > httpd.conf contains ServerName detri015.speed.planet.nl:80.
> > >
> > > If my request goes to the internet and back to our server, which
> > > should
> > > respond to itself as well, based on virtual domains, could that be a
> > > problem in itself ? Or is it a simple configuration problem ?
> >
> > My guess is a Linux routing problem, not Apache. So, try to isolate
> > Apache functionality from general IP routing.
> >
> > 1) Configure a test virtual host and listen and namevirtualhost on
> > 127.0.0.1, and log into that machine and try to access the test site.
> > My guess is that it will work fine. If so, it's not Apache, it's Linux
> > routing. I forget if there's a specific rule you need to add, or if
> > it's just plain broken. I worked around the problem by setting up
> > dnsmasq, use it as the DNS server for the LAN machines, optionally as
> > DHCP, but static is fine. Put the LAN's host names and internal IPs
> > (ex. 192.168.1.12, etc) into /etc/hosts, and dnsmasq will read it and
> > resolve to internal IPs.
> >
> > 2) From the gateway machine itself, try to ping 127.0.0.1. Try to ping
> > its external address (ex. 11.22.33.44), probably succeeds. Try to ping
> > the gateway, probably succeeds or you'd be offline. :p Try to ping DNS
> > servers, probably succeeds. Go inside the LAN, and from a LAN computer,
> > ping the internal gateway (ex. 192.168.1.1), probably succeeds (again
> > otherwise you'd be offline). Try to ping the external IP of the gateway
> > (11.22.33.44), probably fails (otherwise HTTP or anything else would
> > work). For another example, read the Perl man pages and write a very
> > simple client/server of your own, which simply listens for a connection
> > and prints a static response. Put the client and server on both
> > machines, and try it both ways, probably works every way except with
> > client on LAN, server on gateway, listening to external IP. Double
> > check your iptables rules. Try upgrading to kernel 2.6. I think I
> > remember this not working in 2.2 and 2.4, but it worked all of a sudden
> > in 2.6 with no changes to my iptables rules.
> >
> > Leif
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from localnetwork(Linux)
Posted by Leif W <wa...@usa.net>.
> Martijn Veening; 2005 January 14 Friday 07:02
>
> So it appears not to be Apache problem indeed (sorry) but Linux
> routing
> problem: i cannot ping my external IP-address from gateway itself.
> Should that be possible ?
I should think so, yes. The IP is on the same interface, same network
card as the computer you are logged into. This should not be passing
through any NAT tables at all, unless something is really screwed up.
>From the gateway, you should be able to ping every IP of every
interface, internal or external. The packets don't have to be routed or
NATted anywhere.
Leif
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from localnetwork(Linux)
Posted by Leif W <wa...@usa.net>.
> Martijn Veening; 2005 January 14 Friday 17:14
>
> Thanks ! Now I understand what's wrong. Clear answer.
> I already suspected something to be looping, because the browser did
> not
> return an error message, neither did traceroute.
> Thnx !
Heh, I was thinking it and could have sworn I wrote it down, but
apparently not. That's what I meant by Linux kernel 2.2 and 2.4 "not
working". I suspected it was a routing loop that perhaps required a
rule for iptables which I couldn't seem to get right.
However I did clearly explain my workaround, which is exactly the same,
and even mentioned the specific program to do it: dnsmasq. It's really
an excellent program worth checking out. No need to go crazy and run
BIND if you're not prepared for it. Source compiles, complex config
language, potential for security exploits, resource consumption. It's
usually overkill for a situation like yours when a simple /etc/hosts
file and dnsmasq will suffice. dnsmasq will also handle DHCP server
duties, so you can replace the overly complex ISC dhcp server, and still
have 100% functionality for most simple to moderate DHCP configurations,
yet a simple config. You can even specify a "banned" file to specify
hosts and ip addresses to respond "no domain" to LAN queries, good for
ad/spy servers.
Leif
> On Fri, 2005-01-14 at 12:06, Evan Smith wrote:
>> If you are using NAT you cannot access your external IP from inside
>> your network.
>>
>> If you want your virtual hosts to work from inside on the private
>> network you need to setup a name server and provide the domain names
>> and corresponding internal IP address/es
>>
>> What is happening is you are requesting the domain name and the DNS
>> server you are using (most likely your ISP's) is returning your
>> public
>> IP address. This kind of routing just doesn't work with NAT ie. you
>> say
>> you cannot ping your external IP from inside, thats right it will not
>> ping, it's basically a routing loop. this means when you are
>> requesting
>> your domain, which is really going to your external IP your browser
>> will just sit there because it cannot make a connection (no ping, no
>> connection)
>>
>> You need to host your own DNS server on your network so that when you
>> request a domain you will get the private IP address.
>>
>> ie.
>>
>> www.apple.com IN A 203.88.240.88 is what you would want the public
>> to get, because they need a public IP to reach you
>>
>> but when you are inside your network you want
>>
>> www.apple.com IN A 192.168.1.20
>>
>> so you get a direct connection to the server on your LAN, you can't
>> go
>> outside your LAN and come back in
>>
>>
>>
>> On 14/01/2005, at 11:02 PM, Martijn Veening wrote:
>>
>> > OK, thanks for your extensive suggestions:
>> >
>> > Pinging my external IP-address from the gateway does NOT work (nor
>> > pinging my url).
>> >> From the outside world, everything works fine, also considering
>> >> the
>> > different virtual domains (virtual hosting is config'd correctly),
>> > and
>> > pinging etc.
>> > Furthermore everything works fine, also internet from LAN through
>> > gateway by proxy, DNS etc.
>> > So it appears not to be Apache problem indeed (sorry) but Linux
>> > routing
>> > problem: i cannot ping my external IP-address from gateway itself.
>> > Should that be possible ?
>> >
>> > Martijn
>> >
>> >
>> > On Fri, 2005-01-14 at 09:12, Leif W wrote:
>> >>> Martijn Veening; 2005 January 12 Wednesday 16:43
>> >>>
>> >>> On our server we are hosting several virtual domains.
>> >>> When configuring a new account I cannot test whether or not it's
>> >>> working. When I type the url in the browser, it waits endlessly.
>> >>> I cannot access our own hosted virtual domains from our server
>> >>> itself
>> >>> (or local network).
>> >>> I'm sure it must have something to do with loopback or hosts, or
>> >>> perhaps
>> >>> firewall, but I cannot figure out what.
>> >>> Specs: Linux 2.4 + httpd 2.0,
>> >>> static IP/DHCP (ADSL),
>> >>> in /etc/hosts only 127.0.0.1 configured as localhost (should it
>> >>> contain
>> >>> all virtual domains as well ?),
>> >>> httpd.conf contains ServerName detri015.speed.planet.nl:80.
>> >>>
>> >>> If my request goes to the internet and back to our server, which
>> >>> should
>> >>> respond to itself as well, based on virtual domains, could that
>> >>> be a
>> >>> problem in itself ? Or is it a simple configuration problem ?
>> >>
>> >> My guess is a Linux routing problem, not Apache. So, try to
>> >> isolate
>> >> Apache functionality from general IP routing.
>> >>
>> >> 1) Configure a test virtual host and listen and namevirtualhost on
>> >> 127.0.0.1, and log into that machine and try to access the test
>> >> site.
>> >> My guess is that it will work fine. If so, it's not Apache, it's
>> >> Linux
>> >> routing. I forget if there's a specific rule you need to add, or
>> >> if
>> >> it's just plain broken. I worked around the problem by setting up
>> >> dnsmasq, use it as the DNS server for the LAN machines, optionally
>> >> as
>> >> DHCP, but static is fine. Put the LAN's host names and internal
>> >> IPs
>> >> (ex. 192.168.1.12, etc) into /etc/hosts, and dnsmasq will read it
>> >> and
>> >> resolve to internal IPs.
>> >>
>> >> 2) From the gateway machine itself, try to ping 127.0.0.1. Try to
>> >> ping
>> >> its external address (ex. 11.22.33.44), probably succeeds. Try to
>> >> ping
>> >> the gateway, probably succeeds or you'd be offline. :p Try to
>> >> ping
>> >> DNS
>> >> servers, probably succeeds. Go inside the LAN, and from a LAN
>> >> computer,
>> >> ping the internal gateway (ex. 192.168.1.1), probably succeeds
>> >> (again
>> >> otherwise you'd be offline). Try to ping the external IP of the
>> >> gateway
>> >> (11.22.33.44), probably fails (otherwise HTTP or anything else
>> >> would
>> >> work). For another example, read the Perl man pages and write a
>> >> very
>> >> simple client/server of your own, which simply listens for a
>> >> connection
>> >> and prints a static response. Put the client and server on both
>> >> machines, and try it both ways, probably works every way except
>> >> with
>> >> client on LAN, server on gateway, listening to external IP.
>> >> Double
>> >> check your iptables rules. Try upgrading to kernel 2.6. I think
>> >> I
>> >> remember this not working in 2.2 and 2.4, but it worked all of a
>> >> sudden
>> >> in 2.6 with no changes to my iptables rules.
>> >>
>> >> Leif
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from local
network(Linux)
Posted by Martijn Veening <ma...@detrics.com>.
Thanks ! Now I understand what's wrong. Clear answer.
I already suspected something to be looping, because the browser did not
return an error message, neither did traceroute.
Thnx !
On Fri, 2005-01-14 at 12:06, Evan Smith wrote:
> If you are using NAT you cannot access your external IP from inside
> your network.
>
> If you want your virtual hosts to work from inside on the private
> network you need to setup a name server and provide the domain names
> and corresponding internal IP address/es
>
> What is happening is you are requesting the domain name and the DNS
> server you are using (most likely your ISP's) is returning your public
> IP address. This kind of routing just doesn't work with NAT ie. you say
> you cannot ping your external IP from inside, thats right it will not
> ping, it's basically a routing loop. this means when you are requesting
> your domain, which is really going to your external IP your browser
> will just sit there because it cannot make a connection (no ping, no
> connection)
>
> You need to host your own DNS server on your network so that when you
> request a domain you will get the private IP address.
>
> ie.
>
> www.apple.com IN A 203.88.240.88 is what you would want the public
> to get, because they need a public IP to reach you
>
> but when you are inside your network you want
>
> www.apple.com IN A 192.168.1.20
>
> so you get a direct connection to the server on your LAN, you can't go
> outside your LAN and come back in
>
>
>
> On 14/01/2005, at 11:02 PM, Martijn Veening wrote:
>
> > OK, thanks for your extensive suggestions:
> >
> > Pinging my external IP-address from the gateway does NOT work (nor
> > pinging my url).
> >> From the outside world, everything works fine, also considering the
> > different virtual domains (virtual hosting is config'd correctly), and
> > pinging etc.
> > Furthermore everything works fine, also internet from LAN through
> > gateway by proxy, DNS etc.
> > So it appears not to be Apache problem indeed (sorry) but Linux routing
> > problem: i cannot ping my external IP-address from gateway itself.
> > Should that be possible ?
> >
> > Martijn
> >
> >
> > On Fri, 2005-01-14 at 09:12, Leif W wrote:
> >>> Martijn Veening; 2005 January 12 Wednesday 16:43
> >>>
> >>> On our server we are hosting several virtual domains.
> >>> When configuring a new account I cannot test whether or not it's
> >>> working. When I type the url in the browser, it waits endlessly.
> >>> I cannot access our own hosted virtual domains from our server itself
> >>> (or local network).
> >>> I'm sure it must have something to do with loopback or hosts, or
> >>> perhaps
> >>> firewall, but I cannot figure out what.
> >>> Specs: Linux 2.4 + httpd 2.0,
> >>> static IP/DHCP (ADSL),
> >>> in /etc/hosts only 127.0.0.1 configured as localhost (should it
> >>> contain
> >>> all virtual domains as well ?),
> >>> httpd.conf contains ServerName detri015.speed.planet.nl:80.
> >>>
> >>> If my request goes to the internet and back to our server, which
> >>> should
> >>> respond to itself as well, based on virtual domains, could that be a
> >>> problem in itself ? Or is it a simple configuration problem ?
> >>
> >> My guess is a Linux routing problem, not Apache. So, try to isolate
> >> Apache functionality from general IP routing.
> >>
> >> 1) Configure a test virtual host and listen and namevirtualhost on
> >> 127.0.0.1, and log into that machine and try to access the test site.
> >> My guess is that it will work fine. If so, it's not Apache, it's
> >> Linux
> >> routing. I forget if there's a specific rule you need to add, or if
> >> it's just plain broken. I worked around the problem by setting up
> >> dnsmasq, use it as the DNS server for the LAN machines, optionally as
> >> DHCP, but static is fine. Put the LAN's host names and internal IPs
> >> (ex. 192.168.1.12, etc) into /etc/hosts, and dnsmasq will read it and
> >> resolve to internal IPs.
> >>
> >> 2) From the gateway machine itself, try to ping 127.0.0.1. Try to
> >> ping
> >> its external address (ex. 11.22.33.44), probably succeeds. Try to
> >> ping
> >> the gateway, probably succeeds or you'd be offline. :p Try to ping
> >> DNS
> >> servers, probably succeeds. Go inside the LAN, and from a LAN
> >> computer,
> >> ping the internal gateway (ex. 192.168.1.1), probably succeeds (again
> >> otherwise you'd be offline). Try to ping the external IP of the
> >> gateway
> >> (11.22.33.44), probably fails (otherwise HTTP or anything else would
> >> work). For another example, read the Perl man pages and write a very
> >> simple client/server of your own, which simply listens for a
> >> connection
> >> and prints a static response. Put the client and server on both
> >> machines, and try it both ways, probably works every way except with
> >> client on LAN, server on gateway, listening to external IP. Double
> >> check your iptables rules. Try upgrading to kernel 2.6. I think I
> >> remember this not working in 2.2 and 2.4, but it worked all of a
> >> sudden
> >> in 2.6 with no changes to my iptables rules.
> >>
> >> Leif
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> The official User-To-User support forum of the Apache HTTP Server
> >> Project.
> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >>
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from local network(Linux)
Posted by Leif W <wa...@usa.net>.
> Evan Smith; 2005 January 14 Friday 07:06
>
> If you are using NAT you cannot access your external IP from inside
> your network.
While this is historically true and conceptually true in the most
literal sense, it is apparent that found a workaround. With Linux
kernel 2.6, you can do just this. I completely disabled my local DNS
and from a LAN node I was able to ping the gateway node using it's
external IP. I was able to hit the Apache server. The kernel team must
have figured out some hack, where if I would route to myself from the
LAN's internal interface to the external interface with the IP MASQ /
NAT, then pass the response back to the internal interface.
Leif
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem accessing virtual hosts from local network(Linux)
Posted by Evan Smith <es...@patsblacktown.nsw.edu.au>.
If you are using NAT you cannot access your external IP from inside
your network.
If you want your virtual hosts to work from inside on the private
network you need to setup a name server and provide the domain names
and corresponding internal IP address/es
What is happening is you are requesting the domain name and the DNS
server you are using (most likely your ISP's) is returning your public
IP address. This kind of routing just doesn't work with NAT ie. you say
you cannot ping your external IP from inside, thats right it will not
ping, it's basically a routing loop. this means when you are requesting
your domain, which is really going to your external IP your browser
will just sit there because it cannot make a connection (no ping, no
connection)
You need to host your own DNS server on your network so that when you
request a domain you will get the private IP address.
ie.
www.apple.com IN A 203.88.240.88 is what you would want the public
to get, because they need a public IP to reach you
but when you are inside your network you want
www.apple.com IN A 192.168.1.20
so you get a direct connection to the server on your LAN, you can't go
outside your LAN and come back in
On 14/01/2005, at 11:02 PM, Martijn Veening wrote:
> OK, thanks for your extensive suggestions:
>
> Pinging my external IP-address from the gateway does NOT work (nor
> pinging my url).
>> From the outside world, everything works fine, also considering the
> different virtual domains (virtual hosting is config'd correctly), and
> pinging etc.
> Furthermore everything works fine, also internet from LAN through
> gateway by proxy, DNS etc.
> So it appears not to be Apache problem indeed (sorry) but Linux routing
> problem: i cannot ping my external IP-address from gateway itself.
> Should that be possible ?
>
> Martijn
>
>
> On Fri, 2005-01-14 at 09:12, Leif W wrote:
>>> Martijn Veening; 2005 January 12 Wednesday 16:43
>>>
>>> On our server we are hosting several virtual domains.
>>> When configuring a new account I cannot test whether or not it's
>>> working. When I type the url in the browser, it waits endlessly.
>>> I cannot access our own hosted virtual domains from our server itself
>>> (or local network).
>>> I'm sure it must have something to do with loopback or hosts, or
>>> perhaps
>>> firewall, but I cannot figure out what.
>>> Specs: Linux 2.4 + httpd 2.0,
>>> static IP/DHCP (ADSL),
>>> in /etc/hosts only 127.0.0.1 configured as localhost (should it
>>> contain
>>> all virtual domains as well ?),
>>> httpd.conf contains ServerName detri015.speed.planet.nl:80.
>>>
>>> If my request goes to the internet and back to our server, which
>>> should
>>> respond to itself as well, based on virtual domains, could that be a
>>> problem in itself ? Or is it a simple configuration problem ?
>>
>> My guess is a Linux routing problem, not Apache. So, try to isolate
>> Apache functionality from general IP routing.
>>
>> 1) Configure a test virtual host and listen and namevirtualhost on
>> 127.0.0.1, and log into that machine and try to access the test site.
>> My guess is that it will work fine. If so, it's not Apache, it's
>> Linux
>> routing. I forget if there's a specific rule you need to add, or if
>> it's just plain broken. I worked around the problem by setting up
>> dnsmasq, use it as the DNS server for the LAN machines, optionally as
>> DHCP, but static is fine. Put the LAN's host names and internal IPs
>> (ex. 192.168.1.12, etc) into /etc/hosts, and dnsmasq will read it and
>> resolve to internal IPs.
>>
>> 2) From the gateway machine itself, try to ping 127.0.0.1. Try to
>> ping
>> its external address (ex. 11.22.33.44), probably succeeds. Try to
>> ping
>> the gateway, probably succeeds or you'd be offline. :p Try to ping
>> DNS
>> servers, probably succeeds. Go inside the LAN, and from a LAN
>> computer,
>> ping the internal gateway (ex. 192.168.1.1), probably succeeds (again
>> otherwise you'd be offline). Try to ping the external IP of the
>> gateway
>> (11.22.33.44), probably fails (otherwise HTTP or anything else would
>> work). For another example, read the Perl man pages and write a very
>> simple client/server of your own, which simply listens for a
>> connection
>> and prints a static response. Put the client and server on both
>> machines, and try it both ways, probably works every way except with
>> client on LAN, server on gateway, listening to external IP. Double
>> check your iptables rules. Try upgrading to kernel 2.6. I think I
>> remember this not working in 2.2 and 2.4, but it worked all of a
>> sudden
>> in 2.6 with no changes to my iptables rules.
>>
>> Leif
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] problem accessing virtual hosts from local
network(Linux)
Posted by Martijn Veening <ma...@detrics.com>.
OK, thanks for your extensive suggestions:
Pinging my external IP-address from the gateway does NOT work (nor
pinging my url).
>>From the outside world, everything works fine, also considering the
different virtual domains (virtual hosting is config'd correctly), and
pinging etc.
Furthermore everything works fine, also internet from LAN through
gateway by proxy, DNS etc.
So it appears not to be Apache problem indeed (sorry) but Linux routing
problem: i cannot ping my external IP-address from gateway itself.
Should that be possible ?
Martijn
On Fri, 2005-01-14 at 09:12, Leif W wrote:
> > Martijn Veening; 2005 January 12 Wednesday 16:43
> >
> > On our server we are hosting several virtual domains.
> > When configuring a new account I cannot test whether or not it's
> > working. When I type the url in the browser, it waits endlessly.
> > I cannot access our own hosted virtual domains from our server itself
> > (or local network).
> > I'm sure it must have something to do with loopback or hosts, or
> > perhaps
> > firewall, but I cannot figure out what.
> > Specs: Linux 2.4 + httpd 2.0,
> > static IP/DHCP (ADSL),
> > in /etc/hosts only 127.0.0.1 configured as localhost (should it
> > contain
> > all virtual domains as well ?),
> > httpd.conf contains ServerName detri015.speed.planet.nl:80.
> >
> > If my request goes to the internet and back to our server, which
> > should
> > respond to itself as well, based on virtual domains, could that be a
> > problem in itself ? Or is it a simple configuration problem ?
>
> My guess is a Linux routing problem, not Apache. So, try to isolate
> Apache functionality from general IP routing.
>
> 1) Configure a test virtual host and listen and namevirtualhost on
> 127.0.0.1, and log into that machine and try to access the test site.
> My guess is that it will work fine. If so, it's not Apache, it's Linux
> routing. I forget if there's a specific rule you need to add, or if
> it's just plain broken. I worked around the problem by setting up
> dnsmasq, use it as the DNS server for the LAN machines, optionally as
> DHCP, but static is fine. Put the LAN's host names and internal IPs
> (ex. 192.168.1.12, etc) into /etc/hosts, and dnsmasq will read it and
> resolve to internal IPs.
>
> 2) From the gateway machine itself, try to ping 127.0.0.1. Try to ping
> its external address (ex. 11.22.33.44), probably succeeds. Try to ping
> the gateway, probably succeeds or you'd be offline. :p Try to ping DNS
> servers, probably succeeds. Go inside the LAN, and from a LAN computer,
> ping the internal gateway (ex. 192.168.1.1), probably succeeds (again
> otherwise you'd be offline). Try to ping the external IP of the gateway
> (11.22.33.44), probably fails (otherwise HTTP or anything else would
> work). For another example, read the Perl man pages and write a very
> simple client/server of your own, which simply listens for a connection
> and prints a static response. Put the client and server on both
> machines, and try it both ways, probably works every way except with
> client on LAN, server on gateway, listening to external IP. Double
> check your iptables rules. Try upgrading to kernel 2.6. I think I
> remember this not working in 2.2 and 2.4, but it worked all of a sudden
> in 2.6 with no changes to my iptables rules.
>
> Leif
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org