New Zealand ADSL Mailing List


Re: Resolve Local Domain

From: Bruce Hoult <bruce_at_hoult.org>
Date: Mon, 11 Jul 2005 23:38:55 +1200
Message-id: <ef2af7bbad80bbb6c1249daf77769bb6@hoult.org>

On 10/07/2005, at 7:05 PM, Steve Phillips wrote:

> On Sun, 10 Jul 2005, Andrew Walters wrote:
>
>> My 3Com OfficeConnect router handles it fine. It simply routes
>> internal conxns
>> going to whatever happens to be its public IP address back to itself
>> and
>> through the appropriately forwarded port.
>>
>
> yup, and it means its broken because that would mean that it is not
> reporting the source IP correctly which could cause issues.
>
> think about this.
>
> 192.168.1.1 talks to 1.2.3.4 (your public ip), this then translates to
> 192.168.1.200 (your server) and forwards a request through saying
> "192.168.1.1 is talking to 192.168.1.200 on the web port"
>
> so 192.168.1.200 tries to reply to 192.168.1.1 and seeing as it is on
> the local subnet, responds directly (shortest path, directly connected
> links take precidence) - as a result, 192.168.1.1 who thinks it is
> talking to 1.2.3.4 gets an answer from 192.168.1.200 and says "bugger
> off, i'm not talking to you" and throws the packet away.
>
> For this to work the host 192.168.1.200 would either have to force all
> traffic via its default route (assuming this is the NAT device) and
> ignore local precidence or the NAT device would have to do source
> NATting as well as Destination NAT which would tend to break logs.

This works with my WRT54GS access point/router.

G5:~ bruce$ ssh bruce.hoult.org
Last login: Mon Jul 11 23:34:06 2005 from g5.local
Linux 2.6.10.
bruce@k7:~$ logout
Connection to bruce.hoult.org closed.
G5:~ bruce$ ssh bruce.hoult.org
Last login: Mon Jul 11 23:34:30 2005 from 192.168.0.1
Linux 2.6.10.
bruce@k7:~$ logout

So it thinks the connection comes from 192.168.0.1, which is the
Linksys router.

You'd think that Cisco would get that sort of thing more or less right,
even in their consumer line, wouldn't you? 

-- 
This message is part of the NZ ADSL mailing list. 
see http://unixathome.org/adsl/ for archives, FAQ, 
and various documents. 
To unsubscribe: send mail to majordomo@lists.unixathome.org 
with "unsubscribe adsl" in the body of the message
Received on Mon Jul 11 23:41:10 2005

This archive was generated by hypermail 2.2.0 : Thu Nov 30 11:48:34 2006 EST