LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Can anyone tell me the logic of hosts and resolv.conf? (https://www.linuxquestions.org/questions/linux-networking-3/can-anyone-tell-me-the-logic-of-hosts-and-resolv-conf-721677/)

demia 04-25-2009 06:31 PM
Can anyone tell me the logic of hosts and resolv.conf?
 
Hi,

Let's say my 10.0.0.4 has ftp server, and it's domain name is ftp.com, and ftp.com is already mapped on it's external ip:75.0.0.1

assume ftp.com from any browser reaches to 75.0.0.1

so how this 10.0.0.4 takes this address and knows that 75.0.0.1 is actually 10.0.0.4 ??

i played with resolv.conf with no luck.

any help will be appreciated, with a little explanation as to why.


Thank you,

jhwilliams 04-25-2009 06:39 PM
Various services listen to incoming ports. Traditionally there is a gateway computer with the external WAN IP (e.g. a "router") which forwards TCP/IP packets to a host in the subnet based on the nature of the request. For example, An HTTP GET to port 80 goes to a predefined IP (on which the web server listens) in the local network by virtue of being on port 80.

I believe what you are asking about actually has nothing to do with the files you've brought up.

/etc/hosts is not that important if you have a properly configured DHCP server on the network. It's sort of a legacy file at this point, imho. (Disagreements?)

/etc/resolv.conf specified places to resolve hostnames into ip's, i.e. "oh, hostname is actually hostname.domainname.com". Or, "I'll ask the dns server at 33.44.55.66".

Robhogg 04-25-2009 06:48 PM
This is something that would tend to be done in a gateway router / firewall device, rather than on the local machine.
  • 10.0.0.4 is a private IP address. No address beginning with a 10 is a valid internet address.
  • 75.0.0.1 is a valid internet address. This is the address that would be advertised for ftp.com by a DNS server.
  • The firewall/router would have at least two network interfaces. One would have the address 75.0.0.1, and the other would have an address in the 10.0.0.0 range.
  • It would use network address translation to translate between the two ip address ranges, and port forwarding to direct all incoming traffic on ports 20 and 21 (i.e. FTP) to the server with IP address 10.0.0.4 on the internal network.
  • There are two main advantages of this. The first is that it allows many machines on a private network to share one, or a few, external IP addresses (thus helping stave off the IP-address famine). The other is that those on the outside never see the real IP addresses of machines on the internal network, providing some security benefits.
  • The main function of resolv.conf is to provide the addresses of DNS servers to applications on a machine, while the hosts file allow names to be locally associated with IP addresses on that machine.
Hope this is reasonably clear :).

Rob

demia 04-25-2009 06:57 PM
Thanks James, Rob,

So how exactly I can make 10.0.0.4 (internal) machine be aware of 75.0.0.1 (external)?

At the moment http://ftp.com is responding with a web page, I am assuming this is because Apache is listening to the port 80.

but if i ping 75.0.0.1 from another machine, or try to access ftp server (which is working locally) from outside, (firewall is set correctly), it doesn't respond.

I guess, 10.0.0.4 doesn't have any idea what to do when it receives 75.0.0.1 yet.

What files do i change? So that each and every port on the local machine is responding to external requests?

domain name : ftp.com
ext ip : 75.0.0.1
int ip : 10.0.0.4

Thanks,

Robhogg 04-25-2009 07:11 PM
Quote:
Originally Posted by demia (Post 3520878)
At the moment http://ftp.com is responding with a web page, I am assuming this is because Apache is listening to the port 80.
Yes- and because you're giving the protocol as "http" (which implies port 80). If you used a dedicated FTP client (or entered the URL as ftp://ftp.com in many browsers), it would attempt a connection on port 20/1.

Quote:
but if i ping 75.0.0.1 from another machine...
Pinging the external address shows little or nothing - only that ICMP echo-request packets are being dropped (most firewalls do this).

Quote:
...or try to access ftp server (which is working locally) from outside, (firewall is set correctly), it doesn't respond. I guess, 10.0.0.4 doesn't have any idea what to do when it receives 75.0.0.1 yet.
If you can make a connection using FTP from the internal network, at least the FTP server is running on the machine. 10.0.0.4 will never see anything with the address "75.0.0.1" on it. It is whichever device is doing the routing between the internet and your internal network that needs to know to route all traffic on port 20/1 to 10.0.0.4. How is your network connected up? What sort of device is sitting between you and the internet?

Rob

demia 04-25-2009 07:33 PM
Thanks for pointing out that I was looking at the wrong direction. It was my proftpd server that was not responding, and i checked that there is a parameter you can set:
AllowForeignAddress on

and this was the problem. But it was nice to know about the things you mentioned.

Cheers,


All times are GMT -5. The time now is 03:11 AM.