DSL and NAT'ed customer addresses
Gerald Combs
gerald at ethereal.com
Sat Feb 22 20:33:46 CST 2003
On Sat, 22 Feb 2003, Hanasaki JiJi wrote:
> Ah.. ya missed a key thing. He isn't doing the NAT. The DSL provider
> is NAT'ing AND there are multiple internal IPs on a single externalIP.
What address is his provider giving him? If it's in one of the private
ranges listed in RFC 1918 (10.0.0.0 - 10.255.255.255, 172.16.0.0 -
172.31.255.255, or 192.168.0.0 - 192.168.255.255) then his proider is
likely NATing him.
If his address is NOT in any of these ranges he might be able to use a
dynamic DNS service (assuming his provider isn't otherwise blocking access
to the port he's trying to serve).
> Joshua Bergland wrote:
> > I am using ddclient as my dyndns client, and it has an option in its
> > configuration file to have it use 'web based IP detection' ... it
> > checked the information returned by http://checkip.dyndns.org and then
> > uses that to set the ip address for your chosen domain :-)
> >
> > Make sure to set it to only change your dyndns settings at the dyndns
> > only if your ip address changes, as doing it more frequently is
> > considered abuse according to dyndns.org
> >
> > http://clients.dyndns.org/unix.php?service=dyndns
> >
> > Just my two cents,
> > Josh
> >
> > Hanasaki JiJi wrote:
> >
> >> NAT
> >>
> >> MyLinuxBox(ip=ip1) <== NATer ==> outside world (ip=ip2)
> >>
> >> dyndns does a great job for dynamically assigned/changing IPs but how
> >> does it help when the insideIP!=outsideIP?
> >>
> >> Jason Clinton wrote:
> >>
> >>> Hanasaki JiJi wrote:
> >>>
> >>>> Any thoughts on how he might run a server that can have connections
> >>>> initiated to it from anywhere on the net?
> >>>>
> >>>
> >>> If he's behind a NAT he needs two things:
> >>>
> >>> 1. The ability to update the IP address of the router to a dyndns
> >>> service like dyndns.org so that no matter what his IP address is at
> >>> any given time, you can still find it from outside his NAT.
> >>>
> >>> 2. The NAT needs to be able to 'port forward' the port the particular
> >>> server would run on. IE: port 80 for HTTP, 21 FTP, 22 SSH, 23 Telnet,
> >>> 25 SMTP.
> >>>
> >>> If you have the ability to let people know you're running on some odd
> >>> ports then you'll be better capable of avoiding your ISP's probes for
> >>> users running service (which is a violation of most end user
> >>> agreements). In the case of SMTP, you don't have a choice because all
> >>> SMTP servers look at port 25. In the case of HTTP, however, you could
> >>> distribute a URL that contains the port number it in like this:
> >>>
> >>> http://archemides.homeunix.org:8888/
> >>> (i don't actually have an http server running here)
> >>>
> >>
> >
> >
> >
>
> --
> = Management is doing things right; leadership is doing the =
> = right things. - Peter Drucker =
> =_______________________________________________________________=
> = http://www.sun.com/service/sunps/jdc/javacenter.pdf =
> = www.sun.com | www.javasoft.com | http://wwws.sun.com/sunone =
>
>
>
>
More information about the Kclug
mailing list