Print PDF
Favorite
Email
The scenario: You've got a computer you want to use as a web server for your own personal stuff... And it works from the outside when you use a service like DynDNS... but when you use that DynDNS from the inside, you get your router's configuration page! Oh Noes!
You're a victim of what's known as NAT Loopback Blocking. This is fixable by running your own internal DNS server, optionally with a DHCP server
You're a victim of what's known as NAT Loopback Blocking. This is fixable by running your own internal DNS server, optionally with a DHCP server
Remove these ads by
Signing UpStep 1A fast introduction to NATs
A NAT (or Network Address Translator) is a chunk of software that turns one network of IP addresses (say, 192.168.0.0/24) into a single IP address (say, 20.43.45.65) so that the network can be routed.
NATs are often used to turn non-routable networks such as 10.0.0.0/8 and 192.168.0.0/24 (both common networks) into routable IPs (often referred to as "Public" or "External" IPs.)
NAT Loopback is a term used when a NAT understands a connection request for its External IP from an Internal IP and routes it as though it were a request from the outside, heeding your particular port-forwarding requests.
Many ISP-provided routers disallow this, and for good reason: Its really easy to fake a NAT loopback, sending the 'external' connection through a loop or just outright denying it.
NATs are often used to turn non-routable networks such as 10.0.0.0/8 and 192.168.0.0/24 (both common networks) into routable IPs (often referred to as "Public" or "External" IPs.)
NAT Loopback is a term used when a NAT understands a connection request for its External IP from an Internal IP and routes it as though it were a request from the outside, heeding your particular port-forwarding requests.
Many ISP-provided routers disallow this, and for good reason: Its really easy to fake a NAT loopback, sending the 'external' connection through a loop or just outright denying it.
| « Previous Step | Download PDFView All Steps | Next Step » |
2
comments
|
Add Comment
|
Dec 22, 2011. 6:12 PM
mr_bandit
says:
mr_bandit
says:
How different is this sequence using the other common Linux distros?
Reply
203
Dec 23, 2011. 3:37 AMComputothought
says:
Computothought
says:
dnsmasq is not specific to any distro. If you really want to get into dsn then you need to get into bind and it's derivatives. Now with ipv6 and that dns traffic will be encrypted, this will all get real fun. But for the home network it is probably fine. Some of your open source routers already run dnsmasq. No need to set up a whole machine just for that.
Reply
 |
Add Comment
|
