Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
02-24-2014, 03:08 PM
|
#1
|
LQ Newbie
Registered: Feb 2014
Posts: 2
Rep:
|
Can't access my webserver through external IP
Hi there,
I have some weird routing issue that I don't understand and can't solve.
I have an apache2 running on a debian7 machine in my homenetwork. my cablerouter forwards port 80 to that machine. people from the internet can access the websever. I can access it with the local 192.168.. address but I can't access it via the external ip.
somehow the server doesn't know how to answer back.
this is the server's routing table
Code:
philipp@scenicxb:~$ sudo route -n
Kernel-IP-Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
I deleted the latter entry and when I do that I can access my webserver with the external ip but not anymore with the local ip.
What I'd want is to be able to access the service with either ip, internal or external.
I appreciate any help I can get.
Here is some more detailed information on the server's network setup. (eth0 is an unused nic) if you need any more info please tell me.
Code:
philipp@scenicxb:~$ sudo ifconfig -a
eth0 Link encap:Ethernet Hardware Adresse 00:30:05:2d:e9:68
BROADCAST MULTICAST MTU:1500 Metrik:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
eth1 Link encap:Ethernet Hardware Adresse 00:0c:f6:48:a9:1c
inet Adresse:192.168.0.187 Bcast:192.168.0.255 Maske:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
RX packets:33816930 errors:0 dropped:0 overruns:0 frame:0
TX packets:40044411 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:3983993477 (3.7 GiB) TX bytes:246395488 (234.9 MiB)
Interrupt:17 Basisadresse:0x3000
lo Link encap:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metrik:1
RX packets:125 errors:0 dropped:0 overruns:0 frame:0
TX packets:125 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:7251 (7.0 KiB) TX bytes:7251 (7.0 KiB)
philipp@scenicxb:~$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
#allow-hotplug eth1
auto eth1
iface eth1 inet static
address 192.168.0.187
netmask 255.255.255.0
gateway 192.168.0.1
philipp@scenicxb:~$ cat /etc/sysctl.d/disable-ipv6.conf
net.ipv6.conf.all.disable_ipv6=1
Last edited by Necrophagos; 02-24-2014 at 03:17 PM.
|
|
|
02-24-2014, 04:50 PM
|
#2
|
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,225
|
Run tcpdump on the server and the local host and check the source and dest addresses on the request and response. Most likely requests are forwarded through the router but responses are not being returned correctly because of address mismatch.
|
|
|
02-24-2014, 05:39 PM
|
#3
|
LQ Newbie
Registered: Feb 2014
Posts: 2
Original Poster
Rep:
|
Thx for your reply
I ran, tcpdump on the server. my clients are windows I'll have to check what to use there. maybe wireshark.
Code:
philipp@scenicxb:~$ sudo tcpdump -vvi eth1 | grep http
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
192.168.0.10.5212 > 192.168.0.187.http: Flags [S], cksum 0x62a9 (correct), seq 1252199176, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5212: Flags [S.], cksum 0x823c (incorrect -> 0x45a3), seq 3254600174, ack 1252199177, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 3], length 0
192.168.0.10.5212 > 192.168.0.187.http: Flags [R], cksum 0x6dc6 (correct), seq 1252199177, win 0, length 0
192.168.0.10.5213 > 192.168.0.187.http: Flags [S], cksum 0x259a (correct), seq 3866537026, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5213: Flags [S.], cksum 0x823c (incorrect -> 0xd0f7), seq 3013707750, ack 3866537027, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 3], length 0
192.168.0.10.5213 > 192.168.0.187.http: Flags [R], cksum 0xf3a8 (correct), seq 3866537027, win 0, length 0
192.168.0.10.5214 > 192.168.0.187.http: Flags [S], cksum 0xdf5c (correct), seq 2121947771, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5214: Flags [S.], cksum 0x823c (incorrect -> 0x4229), seq 93683332, ack 2121947772, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 3], length 0
192.168.0.10.5214 > 192.168.0.187.http: Flags [R], cksum 0x672f (correct), seq 2121947772, win 0, length 0
192.168.0.10.5213 > 192.168.0.187.http: Flags [S], cksum 0x259a (correct), seq 3866537026, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5213: Flags [S.], cksum 0x823c (incorrect -> 0xc8e6), seq 3060567340, ack 3866537027, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 3], length 0
192.168.0.10.5213 > 192.168.0.187.http: Flags [R], cksum 0xf3a8 (correct), seq 3866537027, win 0, length 0
192.168.0.10.5212 > 192.168.0.187.http: Flags [S], cksum 0x62a9 (correct), seq 1252199176, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5212: Flags [S.], cksum 0x823c (incorrect -> 0xf262), seq 3301610081, ack 1252199177, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 3], length 0
192.168.0.10.5212 > 192.168.0.187.http: Flags [R], cksum 0x6dc6 (correct), seq 1252199177, win 0, length 0
192.168.0.10.5214 > 192.168.0.187.http: Flags [S], cksum 0xdf5c (correct), seq 2121947771, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5214: Flags [S.], cksum 0x823c (incorrect -> 0xd7e6), seq 140699129, ack 2121947772, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 3], length 0
192.168.0.10.5214 > 192.168.0.187.http: Flags [R], cksum 0x672f (correct), seq 2121947772, win 0, length 0
192.168.0.10.5213 > 192.168.0.187.http: Flags [S], cksum 0x39a3 (correct), seq 3866537026, win 8192, options [mss 1460,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5213: Flags [S.], cksum 0x8238 (incorrect -> 0x629d), seq 3154313705, ack 3866537027, win 14600, options [mss 1460,nop,nop,sackOK], length 0
192.168.0.10.5213 > 192.168.0.187.http: Flags [R], cksum 0xf3a8 (correct), seq 3866537027, win 0, length 0
192.168.0.10.5212 > 192.168.0.187.http: Flags [S], cksum 0x76b2 (correct), seq 1252199176, win 8192, options [mss 1460,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5212: Flags [S.], cksum 0x8238 (incorrect -> 0x8aba), seq 3395356797, ack 1252199177, win 14600, options [mss 1460,nop,nop,sackOK], length 0
192.168.0.10.5212 > 192.168.0.187.http: Flags [R], cksum 0x6dc6 (correct), seq 1252199177, win 0, length 0
192.168.0.10.5214 > 192.168.0.187.http: Flags [S], cksum 0xf365 (correct), seq 2121947771, win 8192, options [mss 1460,nop,nop,sackOK], length 0
192.168.0.187.http > 192.168.0.10.5214: Flags [S.], cksum 0x8238 (incorrect -> 0x95a9), seq 234698406, ack 2121947772, win 14600, options [mss 1460,nop,nop,sackOK], length 0
192.168.0.10.5214 > 192.168.0.187.http: Flags [R], cksum 0x672f (correct), seq 2121947772, win 0, length 0
^C108 packets captured
110 packets received by filter
0 packets dropped by kernel
philipp@scenicxb:~$ ping 192.168.0.10
PING 192.168.0.10 (192.168.0.10) 56(84) bytes of data.
64 bytes from 192.168.0.10: icmp_req=1 ttl=128 time=0.142 ms
64 bytes from 192.168.0.10: icmp_req=2 ttl=128 time=0.182 ms
64 bytes from 192.168.0.10: icmp_req=3 ttl=128 time=0.178 ms
^C
--- 192.168.0.10 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.142/0.167/0.182/0.020 ms
I tried to visit my server through the browser (using the external ip adress) and this was the output that tcpdump produced. there are occasions of incorrect checksums but I actually don't know what that means.
192.168.0.187 is the server
192.168.0.10 is the client
Last edited by Necrophagos; 02-24-2014 at 05:45 PM.
|
|
|
All times are GMT -5. The time now is 09:25 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|