LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-20-2006, 01:08 PM   #1
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Rep: Reputation: 0
website hosting from home - Help!!!!


Hi All,
I have Cent OS 4.0, Comcast cable with cheapest internet and hence dynamic IP address, Linksys Router, Apache Tomcat Server, Http Server comes with Linux CentOS 4.0, I am not sure what it is, but I think its not important at this point. I have small LAN that contains 4 computers; one is running above OS and Tomcat server.

Alrite, so I got this Java application that I wanna host from home, following things I did:
1. Got DNS service provider to point my website with my router IP address.
2. Made Linksys Router to let all http port 80 traffic forward to my CentOS Tomcat machine.
3. I opened http port in CentOS firewall.
4. I have dynamic IP updater client that goes to my DNS service provider and update ip in every 10 mins.

SO after doing all these, very rarely my website seems works fine.. but extremely slow.. but most of the time it doesn't work (9 out of 10 times) And this is the case when I access my URL within my own LAN or ask some friend to try my URL from internet.. Sometime we get page not found error and sometime Gateway time out..

I thought Comcast may be blocking my port, and change port, but same problem..

So I am very frustrated right now, don't know who the culprit is and how to fix it.. I am not sure if its Comcast, linksys router, my DNS service provider, firewall or something else...

So any help from you guys/gals will be very much appreciated..

Thanks,
Sat
 
Old 02-20-2006, 01:59 PM   #2
Dmjmusser
Member
 
Registered: Nov 2005
Location: Detroit, Michigan -- USA
Distribution: Fedora Core
Posts: 90

Rep: Reputation: 15
I think it might have to do with the fact that you've got your server's IP address being dynamically assigned to it. Your updating the DNS service will not instantly re-route traffic going to your server's DNS to the corrected IP address. That takes time. My company uses Rackspace, and any time you make an IP address change or add a sub-domain (host) to the domain space, it will tell you that, due to the nature of DNS, it could take up to 24 hours for the new hostname/IP address to propogate around the internet. However, the change to your server doesn't take long to take effect, and so DNS will be routing traffic to the old address, which may be why you're getting the "Page Not Found" error.

Perhaps this could be your problem. My bet is that if you could obtain a statically assigned IP address (or find a service that will host websites), your problem may be resolved.

~Myles
 
Old 02-20-2006, 02:50 PM   #3
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
Thanks Myles..

I was thinking that may be the case.. but here is why I think thats not the reason.. First of all I found that since last 2 days, my IP address assigned by Comcast is not changed.. and this automatic update script doesn't do anything if ip address is not changed..

I am trying to get this little website going, initally with least amount of money.. because I really can't pay $100 month for the service.. Beside I am not even sure if I get static IP address, things will be fin and dandy..

Thanks,
Sat
 
Old 02-20-2006, 04:27 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
It sounds like you're doing the right things. Here are a few things that I would check:

- The CentOS box has a static LAN IP address
- The CentOS firewall allows traffic to go out as well as in
- Bypass any DNS problems and see if you can access by WAN IP address. If you can access by LAN IP fine, but WAN IP address is slow, it might suggest an issue with your router settings.

If possible, I'd have a listen to your network traffic with something like ethereal and see if you can figure out what is happening to the packets.
 
Old 02-20-2006, 04:49 PM   #5
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
- The CentOS box has a static LAN IP address
>> No; All machines in my LAN get dynamic address from my Linksys DHCP router server. Also my CentOS machine address is not changed since 2 days if you suspect that.

- The CentOS firewall allows traffic to go out as well as in
>> There is only one setting in firewall and I thought it does both things. I didn't find something where I can set in/out traffic

- Bypass any DNS problems and see if you can access by WAN IP address. If you can access by LAN IP fine, but WAN IP address is slow, it might suggest an issue with your router settings.
>> Accessing through my WAN IP address instead my domain name, well I tried that and it work only few times as my domain name

One thing I was thinking what are the chances, that Comcast is somehow fooling system and giving me wrong router/WAN IP address.. Sorry if I am not making sense.. I am going crazy..

When I do nslookup most of the time it shows correct information so I am wondering if my dns provider guy is doing his job correctly and problem may be with Comcast or my machines/router.. In case if you wanna try to find out more, breatheinchrist.com is the website address, you can try to do nslookup and other thing if you would like..
And again I really appreciate your help..

Thanks,
 
Old 02-20-2006, 05:19 PM   #6
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
Find the private IP address of the webserver (192.168.something.something?) and try that in a web browser on your local LAN http://192.168.something.something/ this will verify that everything on the local server is working.

Find your public IP address (http://www.whatsmyip.org/ or other such service) and see if you can get to your website using that from somewhere besides your local LAN, have some friend try that IP address in a browser http://123.123.123.123/. This tests the connection across The Internet to your system, without worrying about the DNS portion of it.
 
Old 02-20-2006, 06:16 PM   #7
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Quote:
No; All machines in my LAN get dynamic address from my Linksys DHCP router server. Also my CentOS machine address is not changed since 2 days if you suspect that.
I'm going to guess that the use of DHCP on your LAN is the root of this problem. I would definitely make your CentOS machine static (the rest of the network can use DHCP). I know that the IP hasn't changed, but it is still worth doing this right. Give it a static IP and make sure that the router forwarding points to that IP.
Quote:
There is only one setting in firewall and I thought it does both things. I didn't find something where I can set in/out traffic
In a console as root, run iptables -L -n. If you're not sure about what you are seeing, post the results.
Quote:
One thing I was thinking what are the chances, that Comcast is somehow fooling system and giving me wrong router/WAN IP address..
The chance of this happening are zero. The WAN IP address on your router is the one you need to know. I've got Comcast and I have a server behind my router and it works just fine.
 
Old 02-20-2006, 11:09 PM   #8
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
Thanks guys for keeping up with me..I really appricate it..
So here is what I got so far.. Tonight I did get breakthrough though..

I got rid of all my LAN and directly connected to CentOS server machine and guess what, it worked.. yahoo!!! but when I put my LAN back with linksys router it didn't work, same thing!!!
But it is breakthrough because, above experiment tells that my Comcast ,and DNS service provider are not culprit.. And I know who is at fault - my Linksys router.. Correct me you guys, if I am wrong..

So I am stuck at this point.. I tried all kinda settings in this linksys router, but still no results..

As asked by hangdog aka LQ Addict (Thanks Bro) I got iptables -L -n output as follows:
------------------------------------------

Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

------------------------

If you can make out anything out of this, that will be great help.. I can't...

One interesting thing, I don't know if its helpful at all, when I connected to my machine directly to cable modem, it assigned new WAN IP address (as desired), but when I connected back to my Linksys router, it used same old IP address.. I thought it was wearied and also whenever I switch connection with cable router to Linksys router or computer, I have to restart my cable modem..

Thanks again,
 
Old 02-20-2006, 11:22 PM   #9
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
ohh yeah I forgot to mention one mpre thing, as you asked hangdog, I have made static IP address for my CentOS server machine as eventually I wanna do that.. thanks again..
 
Old 02-21-2006, 08:54 AM   #10
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Quote:
I got rid of all my LAN and directly connected to CentOS server machine and guess what, it worked.. yahoo!!! but when I put my LAN back with linksys router it didn't work, same thing!!!
Good idea, that pretty much proves it's a router problem. Could you explain how you've set up port forwarding? I've got a Linksys router so I should be able to follow.

- You might try a firmware upgrade if there is one available.

- It is possible you've got faulty hardware. If you still have the reciept, you might try exchanging it.

Quote:
If you can make out anything out of this, that will be great help.. I can't...
Um, unfortunately it pretty much means that you don't have a firewall (which of course rules it out as a cause of your server problems). Notice how all of your policies are set to ACCEPT? That isn't good. Those policies are the action taken if a packet doesnt' match any of the other rules. What you want is for your default policies to be DROP and then have rules that accept only on the ports you want used.
 
Old 02-21-2006, 09:58 AM   #11
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
About my Linksys settings..
I have put port forwarding from 80 to 80 and specified my CentOS server IP address. I tried to open DMZ also and since I was desperate, I put UpnP and port triggering also.. All specified 80 - 80.. Because 80 is the port I am running Tomcat on..
I have BEFSR41 - EtherFast® Cable/DSL Router with 4-Port Switch V2 and already upgraded to latest firmware.

Couple thing probably I can ask you to compare to your router are -
1. In the setup page, WAN Connection Type, I have selected "Obtain an IP
automatically" - Is it ok?
2. In filters page - I am filtering all IP address except my 4 computers IPs inside LAN.
3. In the same page, there is block WAN request - I tried both enable/disable - fruitless.
4. In the same page there are other things like, Multicast Pass Through, IPSec Pass Through, etc.. I tried both enable/disable didn’t work either.
5. Routing feature I am not using it.

Anything else missed out or need changes…

As far as your other comments about no firewall, I was surprised because I do have firewall in CentOS and I set up that to allow only http port.. So wondering my system is still open!!! But I gotta figure out that as you mention.. Probably there are some other things I need to do to secure my machine…

Thanks again..
 
Old 02-21-2006, 10:46 AM   #12
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Quote:
1. In the setup page, WAN Connection Type, I have selected "Obtain an IP automatically" - Is it ok?
Yes, that is as it should be. This gets you an address from Comcast via DHCP and should set up the DNS servers as well.

Quote:
2. In filters page - I am filtering all IP address except my 4 computers IPs inside LAN.
That should be OK. My understanding is that it only filters on the LAN addresses, so it shouldn't affect your server's functioning with WAN access. However, you might try turning it off and see if it helps. I don't use IP filtering on my router.
Quote:
3. In the same page, there is block WAN request - I tried both enable/disable - fruitless.
4. In the same page there are other things like, Multicast Pass Through, IPSec Pass Through, etc.. I tried both enable/disable didn’t work either.
Mine has "Block Anonymous Internet Requests" and "Filter Multicast". Both are enabled.

Quote:
5. Routing feature I am not using it.
If you mean "Dynamic routing" then that is OK. However, firewall and NAT should be enabled.

Quote:
I have put port forwarding from 80 to 80 and specified my CentOS server IP address. I tried to open DMZ also and since I was desperate, I put UpnP and port triggering also.. All specified 80 - 80.. Because 80 is the port I am running Tomcat on..
The only bit I do here is forward port 80 to port 80. My DMZ is off and I don't use port triggering. In theory that shouldn't matter, but you never know. By the way, on my router, I have to use port range forwarding since Linksys seems to have removed the ability to forward ports individually. I use 80 as both the start and the end of the range and it seems to work.

You say you've got Tomcat running on port 80. Do you also have Apache running or are you using Tomcat as your only server? I'm just wondering if the two of them are fighting over port 80.

To be honest, given what you've posted here, I'm suspecting either bad hardware or a bad firmware load. As a last resort, you may want to use the reset to go back to the original firmware and then reflash with the newest version. I have had firmware go bad on me, and it does tend to result in weird behavior. If that doesn't do it though, I'm thinking you got a bum router.
 
Old 02-21-2006, 10:57 AM   #13
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
Awww that doesn't seems very encouraging.. but anywayz, I think I should try to redo my firmware thing and even try to reset router.. Now when you said about firmware, I kinda feel that my firmware might not have been done right, because before I upgraded I used to see firewall setting, but after upgrade I don't.. But I ignored it thinking in new upgrade they got rid of firewall..

Anyway tonight when I get home, I will upgrade/downgrade my firmware again and even reset router and see..

Again thanks for your time and help.. I shall keep this thread open to update on the status.. and meanwhile if you or anybody finds anything, please let me know..
Thanks

PS: my apache is running on different port, you can't even start both server simultaneously if both running on same port
 
Old 02-22-2006, 09:17 AM   #14
hifriend1
LQ Newbie
 
Registered: Sep 2005
Posts: 19

Original Poster
Rep: Reputation: 0
Hi just thought to update what happened last night.. I pulled old version of firmware from linksys website and update my router.. guess what .. didn't help.. Still same problem.. I did reset also no change.. So my next step is get new router.. Thats what I am planning to do today..
I hate it so far.. Costing me so much money this whole deal..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Website hosting - mail problem jfaberna Linux - Networking 2 02-15-2006 07:29 PM
hosting my own website metallica1973 Linux - Networking 4 10-16-2005 03:49 PM
website hosting jkmartha Linux - Newbie 1 05-06-2005 05:01 AM
multiple website hosting matneyc Linux - Newbie 4 12-20-2004 04:21 PM
Need good website hosting distro Joey2619 Linux - Distributions 5 12-11-2004 05:53 PM


All times are GMT -5. The time now is 10:14 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration