[ale] Accessing Server without Domain Name

[Geoffrey]

Christopher R. Curzio wrote:
> What are you talking about?

Chill and read the threads.

> 
> Making an assumption that the IP address of the webserver is assigned
> dynamically is a bad one, as that would be a pretty silly setup to have an
> internal IP bouncing around where you have to constantly redefine the
> external to internal port redirect.

First of all, we're talking about a router sitting in someone's house 
connected to a DSL (static ip).  So, regardless of whether the router 
assigns a static or dynamic ip to the various devices on the inside 
network, he's still got a problem getting to it from the outside world. 
  without telling the router where to send port 80 requests.

It will be a private IP that the internet is not privy to.  Further, ANY 
request to his single static ip is not going to find it's way to the web 
server inside.

Most of these devices do assign dynamic ips from a static list on a 
first come first serve basis.

> Further, if he's on the same network
> as the server, and types the IP of his server into the browser, the router
> wouldn't even be bothered with the request.

His exact words:

'I _thought_ all I needed to do was to dial in the static IP address in 
any web browser, but that isn't quite working...'

Point being, the only IP address he's mentioned is the static one.  If 
he types the static IP into a browser on his internal network, he will 
get to the router, becasue the router has that ip assigned to it. 
Otherwise, he'd never get to the internet at all.

Someone made the comment that he could test it from his internal 
network, but he's already done that.  The question was how does he get 
to a webserver that sits behind his router that has a static ip.

> 
> The router shouldn't care about any traffic on the internal network unless
> directly addressed to the router. Aaron said: "The system is currently
> living on my home network, which includes internet access via Static IP
> DSL Gateway connected through one of those little stand alone
> Router/Firewall boxes." That says to me that the internal network is in
> happy-land of 192.168 (or something similar), and they all push through
> the router to get to the internet via NAT. 

Correct, and I'm fully aware of this.

> 
> Aaron also said: "We would like to access this http server from the
> internet for testing" - note, "from the internet". If he types in the
> internal IP address of the webserver in a browser on the same network, it
> will work.


THE RECOOMENDATION WAS TO TYPE THE IP ADDRESS INTO THE BROWSER, making 
reference to the static ip.  Yes, if he uses the internal ip he will get 
there, BUT THAT'S NOT THE PROBLEM AT HAND.

Provided Apache is set up properly, anyway. However if the port
> 80 redirect is not set up to bounce External_IP:80 to Webserver_IP:80,
> accessing the external IP from the internet will get you a big fat
> "Connection Refused". And if the webserver is getting its IP assigned
> dynamically, the redirect via the router isn't going to work very well
> every time the webserver gets a new IP. 

Wrong, because the bloody router is assigning the ip to the webserver, 
so it knows where to send the goods.

> 
> Replace his Router/Firewall with a Linux box running iptables, and you
> have a perfect description of *my* home network.

Replace your linux box with my dual bastion/choke firewall configuration 
with three static ips, vpn router, dmz, web server and 9 computers on my 
private network, and you should realize that I DO KNOW WHAT I'M TALKING 
ABOUT....

-- 
Until later: Geoffrey		esoteric at 3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.