Re: IP routing with remote DNS, but server & client on same subnet - how?

On Oct 17, 12:30 pm, Pascal Hambourg <boite-a-s...@xxxxxxxxxxxxxxx>
wrote:
Hello,

Randy Brick MacKenna a écrit :





1. With the cable modem plugged in, I surfed to my websitewww.foodomain.net
(which is a server on my home network)
2. I surfed to a link to a large document (32Meg)
3. *Before* clicking on the link, I unplugged the cable modem
(disconnecting from the internet)
4. I clicked on the file link -- and it timed out, server
unreachable.

Next experiment:

1. With the cable modem plugged in, I surfed to my websitewww.foodomain.net
2. I surfed to a link to a large document (32Meg)
3. I *first* clicked on the link, then during the file transfer, I
unplugged the cable modem
4. The file transfer completed successfully!

So, from this I deduce that the internet connection is required only
for DNS -- but after that the actual routing of packets from the
server and the client (all within my home network) do not involve the
internet connect

IHMO this sounds a bit optimistic.

First, I believe there is more than just DNS. If you browsed the website
before unplugging the cable, it is likely that the DNS resolution was
already cached by the client. You said in your first post that you told
your registrar to redirectwww.foodomain.netto
[your.public.ip.address]:32004. DNS does not handle ports (neither does
the the "hosts" file), so I guess there is some form of web indirection
(HTTP redirect, frame...) performed not by a DNS server but by a web
server hostingwww.foodomain.netoperated by your registrar. So I guess
the path is as follows :

1) User browses URL <http://www.foodomain.net/some/file>.
2) Browser sends a DNS query asking for the IP address of host
"www.foodomain.net".
3) DNS replies with the IP address of a registrar's web server.
4) Browser connects to that IP address on port 80 and asks for
"/some/file" on host "www.foodomain.net".
5) Web server replies that the document is actually at URL
<http://[your.public.ip.address]:32004/some/file>.
6) Browser connects to your.public.ip.address on port 32004.
7) Router transparently forwards the connection to 192.168.1.10.
8) Browser asks for page "/some/file" on that connection.

So, even though you cache the DNS resolution forwww.foodomain.net, you
still need the internet connection in order to use the web redirection
performed by your registrar.

Second, even though your second test was successul, as Stefan wrote, the
port forwarding rule on the router may be bound to the internet link
state. I'll take for example the way the port forwarding is done in
Linux - I believe some Linksys routers run Linux. The port forwarding
rules is used only for the first packet of the redirected connection ;
then a NAT mapping is created for all other packets of that connection.
So if the transfer has started before the port forwarding rule is
removed, it does not stop. But any subsequent new HTTP connection will
fail because the port forwarding rule does not exist any more.

A workaround to all this would be a local DNS server resolvingwww.foodomain.netinto the private web server address and having the web
server listening on port 80.

Okay, I did some reading on setting up a local DNS -- but I think that
may cause some other problems. Some people mentioned that it could
screw up connections to secure websites, like banking.

So, I guess maybe I'm back to the hosts file.

But, if I edit a hosts file on my XP laptop, that will be fine when
I'm connected to my home network (it will say to just map www.foodomain.net
to 192.168.1.10:32004) -- but if I use my laptop outside of my home,
when I'm traveling, and I want to get to my foodomain website -- then
that hosts file will cause it to fail, since I'm not on my home
network anymore.

I guess some sort of dynamic hosts file, based on which network I'm
connected to, would be the trick...

-Randy

.

Relevant Pages

  • Re: dsl-g604t port forwarding (static ip help)
    ... I'm having problems getting the port forwarding to word on said ... Here are my DNS server ip's as well, which are for the isp Qwest that I ... look at the settings in it's interface. ...
    (Ubuntu)
  • Re: Cant add computer to domain
    ... > I have a small home network with a 2000 server. ... a DNS client of STRICTLY you internal DNS. ...
    (microsoft.public.win2000.active_directory)
  • SBS2K3 single NIC 2wire 3800HG router with Uverse
    ... Everything is wroking fine with port forwarding and dynamic dns ... except that clients including smartphones can't access the server using the ... I think the problem is that the port forwarding is working from outside the ...
    (microsoft.public.windows.server.sbs)
  • Re: pop/smtp connectivity
    ... My home network is running 2003 server ... > with DNS also with mydomain.com. ... Create a new host record named mail, in the mydomain.com zone, give it the ...
    (microsoft.public.windows.server.dns)
  • Re: Newbie question(s) for any Winroute expert
    ... >I have a small home network that has been running ICS for some time now. ... >I have installed it and can do everything I need to do from the Winroute PC. ... > Proxy server is disabled ... > DNS Forwarding is enabled ...
    (comp.security.firewalls)