The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RE:Website published on ADSL


  • To: ukha_d@xxxxxxx
  • Subject: Re: RE:Website published on ADSL
  • From: Vince <vince@xxxxxxx>
  • Date: Sat, 18 Nov 2000 13:32:39 +0000
  • Delivered-to: rich@xxxxxxx
  • Delivered-to: mailing list ukha_d@xxxxxxx
  • Mailing-list: list ukha_d@xxxxxxx; contact ukha_d-owner@xxxxxxx
  • Reply-to: ukha_d@xxxxxxx

Hi Paul,

At 15:45 17/11/00, you wrote:
>Vince, sorry to piss on your bonfire mate, but I'm not convinced.
Here's
>what I've found:
><SNIP>
>Now, what concerns me is the hops numbered 13 through 16 - the
172.16.X.X
>ones. These are in the non-routable private address space as defined by
>RFC1597 and CANNOT be on the internet. These addresses can only be
inside a
>private LAN, and hidden from the Internet by NAT. As it can be seen
that the
>connection goes over UUNET's network (my ISP) and then over BT's
network
>(your ISP presumably), and THEN hits these private addresses, I can
only
>conclude that these addresses must be inside your corporate LAN,
therefore
>I'm connecting to that webserver via another route through your LAN.

This looks like BT are routing to my ADSL connection thro' their private
network as this is IP range is not used by our LAN. As the destination IP
(My ADSL connection) is a valid IP address and not a private one then I
guess it is valid to route to it thro' a private network.

><SNIP>
>So, you are using a host address within your company's registered and
>published namespace. Also note that you run your own authoritive
nameservers
>for that domain.

Yes we do run our own DNS.

>So, what I think is happening, is that when i use the URL you
specified, DNS
>will resolve the 3b2.com namespace to the normal route into your
company's
>LAN (IE via your leased line/firewall). Then, as you have your own
>nameservers, and they are authoritive, I presume you have added an
address
>record in those internal DNS servers for the host name
"emperor-zurg", which
>I am then able to resolve to get to the machine.

Yes I added the external IP and removed the LAN IP for
"emperor-zurg" from
the DNS.


>This is only based on a cursory examination, and could be wrong of
course,
>but I cannot see how I could hop over 172.16 addresses if I was
connecting
>to that machine directly from the internet via it's ADSL interface. The
true
>test is:

Again why can't a valid Internet IP address be routed thro' a private
network? In this case BT's LAN/WAN.

>Is the webserver in question also connected to your internal LAN? if
so,
>disconnect it, so that it's ONLY connection to the outside world is
it's
>ADSL line, and then lets try this test again... Also, when you've
confirmed
>that is the case, lets try connecting to it's ADSL interface's IP
address.

The machine is connected to our internal LAN but at the time the DNS only
contained the name resolution for the ADSL IP. You will now see that the
address for "emperor-zurg" is back to it's LAN IP and a private
one.

>Actually, I suppose I could see how it could be, IF 3b2.com was a DDNS
>service you were using? is this so? or is that your comany's domain?

The DNS for 3b2.com is a DDNS but as I administer it I can add/change
addresses as needed.

>Cheers.
>
>Paul G.

The WEB & FTP server on "emperor-zurg" are only accessible
thro' it's ADSL
connection to the Internet. Our lease line is firewalled and not configured
to reverse publish these services on "emperor-zurg" so access
thro' this
route is not possible.

I hope this puts you mind at rest that you can (and I have) publish a
WEB/FTP server on BTOW's ADSL connections. I have not read the T&C's
yet to
see if your supposed too.

Regards

Vince


-------------------------- eGroups Sponsor -------------------------~-~>
eGroups eLerts
It's Easy. It's Fun. Best of All, it's Free!
http://click.egroups.com/1/9698/3/_/2065/_/974554312/
---------------------------------------------------------------------_->





Home | Main Index | Thread Index

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.