Can anyone tell me the logic of hosts and resolv.conf?
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Various services listen to incoming ports. Traditionally there is a gateway computer with the external WAN IP (e.g. a "router") which forwards TCP/IP packets to a host in the subnet based on the nature of the request. For example, An HTTP GET to port 80 goes to a predefined IP (on which the web server listens) in the local network by virtue of being on port 80.
I believe what you are asking about actually has nothing to do with the files you've brought up.
/etc/hosts is not that important if you have a properly configured DHCP server on the network. It's sort of a legacy file at this point, imho. (Disagreements?)
/etc/resolv.conf specified places to resolve hostnames into ip's, i.e. "oh, hostname is actually hostname.domainname.com". Or, "I'll ask the dns server at 18.104.22.168".
This is something that would tend to be done in a gateway router / firewall device, rather than on the local machine.
10.0.0.4 is a private IP address. No address beginning with a 10 is a valid internet address.
22.214.171.124 is a valid internet address. This is the address that would be advertised for ftp.com by a DNS server.
The firewall/router would have at least two network interfaces. One would have the address 126.96.36.199, and the other would have an address in the 10.0.0.0 range.
It would use network address translation to translate between the two ip address ranges, and port forwarding to direct all incoming traffic on ports 20 and 21 (i.e. FTP) to the server with IP address 10.0.0.4 on the internal network.
There are two main advantages of this. The first is that it allows many machines on a private network to share one, or a few, external IP addresses (thus helping stave off the IP-address famine). The other is that those on the outside never see the real IP addresses of machines on the internal network, providing some security benefits.
The main function of resolv.conf is to provide the addresses of DNS servers to applications on a machine, while the hosts file allow names to be locally associated with IP addresses on that machine.
At the moment http://ftp.com is responding with a web page, I am assuming this is because Apache is listening to the port 80.
Yes- and because you're giving the protocol as "http" (which implies port 80). If you used a dedicated FTP client (or entered the URL as ftp://ftp.com in many browsers), it would attempt a connection on port 20/1.
but if i ping 188.8.131.52 from another machine...
Pinging the external address shows little or nothing - only that ICMP echo-request packets are being dropped (most firewalls do this).
...or try to access ftp server (which is working locally) from outside, (firewall is set correctly), it doesn't respond. I guess, 10.0.0.4 doesn't have any idea what to do when it receives 184.108.40.206 yet.
If you can make a connection using FTP from the internal network, at least the FTP server is running on the machine. 10.0.0.4 will never see anything with the address "220.127.116.11" on it. It is whichever device is doing the routing between the internet and your internal network that needs to know to route all traffic on port 20/1 to 10.0.0.4. How is your network connected up? What sort of device is sitting between you and the internet?