hi, im running apache with virtual servers. When i try and goto one of my virtual servers from another workstation in my house it forwards me directly to my router. I think this is a problem with reverse DNS, my router not allowing loopback or something.

How would i configure this to work correctly ?

Thanks in advance

Regards, Ben.

>> When i try and goto one of my virtual servers from another workstation in my house

I assume what you mean is... whenever you type in 192.168.x.x from inside your house, you're not seeing a webpage on your server??

>>it forwards me directly to my router

Can you clarify here? What do you see? The router's config page?

I don't think it's reverse DNS related. Most probably it's apache config related. Maybe you need to post your httpd.conf so we can see how you're doing everything.

You need to setup separate zones. You're getting the outside IP on the lookup, which points to the router. Whatever router you're using isn't smart enough to realize what's going on. If you setup your DNS server to return the local addresses for your domain to local machines, then you avoid the problem. Or, you can buy a different router :-) I have a Netgear FVS318 that will reroute such requests in a transparent manner.

when i goto for example mail.mydomain.com the lookup goes outside my network to lookup the IP then it comes back into my network and is ment to goto my server. The problem accures when it tries to come back into my webserver because i think my router cannot handle lookback requests so it brings me up my router config page instead of forwarding the request onto my server. when i type in my server ip it comes up with my localhost virtual server (as expected).

Now you said it i think it might be a router problem! can anyone give me any advice ?

Regards, Ben

think we need to know more about your network config.

-could be a client problem:
-> tell your browser not to use a proxy when connecting to LAN-IP´s,....

- DNS-server problem
- verify /etc/hosts
- NAT-problem?!

Ok, it might be a client problem. My browser does not use a proxy as im not running one.
How would it be DNS-server problems? im not running a DNS-server.
do u mean the hosts file on my server? because my clients are windows machines.
How do you mean a NAT problem?

Thanks,

hi ben,
something must do the name-resolution....dns-server or local host(s)-file or wins or....
what happens if you enter the ip-address of your website?

is the problem only when you trying to connect via hostname?

besides, please post the virtualhost-section of your httpd.conf!

Brian Knoblauch is on the money - pretty sure it's a shortcoming of your router - i've had this happen on a few ADSL routers with port forwarding enabled, myself - specifically Netcomm and DLINK routers.

I guess the logic is that port forwarding is a postrouting rule (like the iptables policy). The router see's the connection as being 'local', and establishes the connection on the LAN interface as it's 'more direct'. As there's no port forwarding rules on this interface to apply to the traffic postrouting, you just get a plain old connection to the routers GUI. Makes sense, but also doesn't - just my stab in the dark.

Maybe you'd be better off setting up a local zone file (or /etc/hosts entry) for the domain or host and pointing the record to your internal interface, or get your DNS provider to setup a 'view' so it resolves locally from your host (if they're running bind9, anyway).

If you get really stuck, try having your routers web interface listen on a high port (like 8080 or something) and port forward LAN/tcp/80 back to your web server, the same way as you're doing on the WAN interface...

If you're going to be serious about running servers out of your home, you might want to get serious about buying a decent router. I recommend one that supports 1 to 1 NAT so that you can map your external IP addresses to local (192.168.x.x) Ip addresses on your LAN. This will simplify the whole thing and it will allow you to get a decent (stateful) firewall that will better protect your machines.

The experts say that you should never try to take on the burden of running servers from your own house. I did it myself, and they scoffed at me the whole time. I thought I was going to be the exception to the rule. Well, I was, but now that I've colocated my machines to a real datacenter, I can see the light now and I should have been listening to them all along.

You should plan to colocate your machines to a real datacenter for a variety of reasons that I won't go into here. But the bottom line is... by getting a decent router, you can stand a much better chance of setting all this up easily in your house and when you're ready to colocate the machines to a datacenter, you can send the router along with the machines to be sure your installation will be easy.

The above scenario is exactly what I have just finished doing over the last month. The router I'm using is a SonicWALL TZ170 which ran me about $500, but was definitely worth the money if you're serious about running your own servers. Doing anything less is really a hack job in my opinion. I also recommend searching around for a different model router that supports 1-1 NAT. I'm sure there are others available that can do this but will be a more realistic price. I just happened to have the money, so I didn't mind spending it.

donboy: Cheers mate that was a nice read. ive got a few questions tho.

What do you mean by that? Do you mean just running my own servers but in a decent (proper) place?

What is 1 to 1 NAT ? And when you say "map your external IP addresses" do you mean external IP addresses i have assigned to my WAN connection? or IP addresses from other people connecting to my LAN?

Thanks again,

>> Do you mean just running my own servers but in a decent (proper) place?

Yes. Like you're paying a datacenter "monthly rent" to have your machines running on their internet connection and in their building. This gives you excellent resources like fire supression, heat control, cleaner environment, multiple internet connections in case one goes out, multiple generators so power isn't a problem.

1 to 1 NAT is a feature supported by some professional-grade routers. The feature will let you specify that all traffic coming from a certain external IP address (eg 66.92.204.251 for example) shall be directed to an internal IP (eg 192.168.0.10) on your LAN. This overcomes the problem of port forwarding. For example, lets say you have 2 servers and both of them are running apache. Well, you can't selectively forward port 80 traffic to either machine. Port forwarding requires that all traffic on port 80 is forwarded to ONE of your 2 machines. So by using 1 to 1 NAT, you can forward everything from an outside IP to an internal IP on your LAN.