Peer-to-peer comms with a friend via the Internet.
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Peer-to-peer comms with a friend via the Internet.
As a long-time Lx user I have a friend who relies on my assistance for his own home Lx box. I'd like to be able to login to his machine across the 'Net from time to time for routine maintenance and repair, and am unsure of how to go about this.
My googling has resulted in a number of 'HowTo' pages that mostly refer to IP tunnelling as the solution, but these all seem to address the 'workstation behind a server' scenario - i.e. the typical corporate setup. We both have standard broadband accounts with a modem/router as the gateway to the 'Net.
Two issues are immediately obvious:
1. How to determine our IP addresses. I know that this can be done via such sites as the following, but I'm unsure as to whether the address given is permanent:
2. How to 'get past the router'. I'd guess that the tunnelling info may answer part of this, but would like some more specific info.
Once these two have been solved, a standard SSH login should be easy, and could presumably be expanded to VNC and/or VoIP.
If those more knowledgeable about these matters are kind enough to respond, I'd be happy to summarize the info collected, add the results of my efforts, and post the lot on my LxQ blog to serve as a future reference.
You can use a dynamic DNS setup, or if you have a 3rd party web/ftp host you can periodically run a script to grab the public IP and push it to the ftp, so you always know what the current public IP is. Or you can just have him go to whatismyip.com every time you need to connect to see what the public IP is.
Unless he's purchased a static IP through his ISP, chances are it's going to change periodically. How often depends on the ISP...I technically have a dynamic IP, but it hasn't changed in over two years.
Then you'll need to set up port forwarding in the router to push incoming connections on port 22 (or a custom port of your choosing) to the local IP of his machine. The machine should have a static IP on the local network so you don't need to worry about changing the port forwarding IP in the router every time his box comes up with a different IP.
So the overall chain goes:
Give his linux box a static IP on the local network
Set up his router to forward incoming connections on port 22 (or a custom port of your choice) to the linux box
Find out his public IP via whatever means you like
Connect to the public IP at the specified port
Thanks for the info, guys. First up, we both use a large local ISP (Optus) here in Australia, mine via 3G wireless broadband, his via copper ADSL. I'd figured that something like this was the case:
> Unless he's purchased a static IP through his ISP, chances are it's going to change periodically. How often depends on the ISP...I technically have a dynamic IP, but it hasn't changed in over two years.
> Then you'll need to set up port forwarding in the router ...
Haven't done this, so will investigate.
> The machine should have a static IP on the local network ...
Yep, have this covered.
> You can use a dynamic DNS setup ...
This is an option in the router, so I'll take a closer look.
> you can periodically run a script to grab the public IP ...
I'm fluent enough in Perl to cover this.
> So the overall chain goes:
> Give his linux box a static IP on the local network
> Set up his router to forward incoming connections on port 22 (or a custom port of your choice) to the linux box
> Find out his public IP via whatever means you like
> Connect to the public IP at the specified port
Good summary! But it's the last one that's still uncertain. What does a "through the router" IP address look like on the commandline? Perhaps:
># ssh fred@49.35.129.11-192.168.1.101
... where the first IP is the router on the Inet, and the second is the LxBox on the LAN?
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
actually what you want can easily be done with a free logmein account and a copy of hamachi, bascially it allows you to create a virtual private lan and then with the client, join both machines to that lan and then they can talk to each other as if they are on an actual lan.
This is an option in the router, so I'll take a closer look.
The Dynamic DNS option in your friend's router is most likely just an updater for a dynamic DNS provider. It doesn't provide a dynamic DNS service, it just updates one. You'd need to set up the dynamic DNS provider account and hostname first with someone like dyn.com or no-ip.com.
As an alternative to using the router's updater, you can use something like ddclient on your friend's system to keep the dynamic DNS hostname updated with the current IP. There are some good reasons for doing that. Some dynamic DNS providers of free DDNS will delete your account if you don't update it periodically. The router's dynamic DNS updater probably only updates the DDNS name when the IP address changes, which may not be often enough to keep the DDNS account from being deleted. This is generally not a problem if you have a paid DDNS account.
Quote:
Originally Posted by tekra
What does a "through the router" IP address look like on the commandline? Perhaps:
># ssh fred@49.35.129.11-192.168.1.101
... where the first IP is the router on the Inet, and the second is the LxBox on the LAN?
You would just ssh to the public IP, "ssh fred@49.35.129.11" or to the dynamic dns hostname "ssh fred@fredsbox.homelinux.net". The homelinux.net domain name is one that you can define a hostname on (in this example, fredsbox) at dyn.com. The dynamic DNS providers generally have a number of domain names you can pick from when you define your hostname@domainname.
Getting to the proper internal IP behind your friend's firewall is a function of the port forwarding on the router. You will set up his router to forward port 22 to his internal static IP.
Good summary! But it's the last one that's still uncertain. What does a "through the router" IP address look like on the commandline? Perhaps:
># ssh fred@49.35.129.11-192.168.1.101
... where the first IP is the router on the Inet, and the second is the LxBox on the LAN?
Quote:
Originally Posted by Z038
You would just ssh to the public IP, "ssh fred@49.35.129.11" or to the dynamic dns hostname "ssh fred@fredsbox.homelinux.net". The homelinux.net domain name is one that you can define a hostname on (in this example, fredsbox) at dyn.com. The dynamic DNS providers generally have a number of domain names you can pick from when you define your hostname@domainname.
Getting to the proper internal IP behind your friend's firewall is a function of the port forwarding on the router. You will set up his router to forward port 22 to his internal static IP.
^ This
You just connect to the public IP, and the router uses the port forwarding rule you set up to push the connection to the correct IP on the LAN.
Thanks for all the replies; I'm starting to get an overview of the situation. My question about a "through the router" IP address was prompted by this short page on IP tunnelling. It's evidently well-established, but requires two kernel modules:
This would work if the router were a server, but not for a standard "black-box" home unit, since the modules couldn't be installed. Port forwarding seems to be the answer:
> You just connect to the public IP, and the router uses the port forwarding rule you set up to push the connection to the correct IP on the LAN.
The Dynamic DNS and hamachi solutions look interesting. I'll take some time to investigate these options and post back with results.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.