Solved

Using hostnames to determine data route

Posted on 2002-06-17
10
291 Views
Last Modified: 2013-11-29
Hello!

I currently have a Linksys router which allows me to share my high-speed cable modem over two wired PowerMac G4 towers and two wireless Airport (802.11b / WiFi) iBook laptops.

I'm using NAT, naturally, so that all my 4 computers appear as though they are coming from a single IP to the outside world. The problem is, I would like to allow internet users to connect to my 4 individual computers to access services such as file sharing, web servers, etc...

My Linksys router includes a feature that let's me DMZ (demilitarize) a single host, so that any incoming connections are routed to that computer. I would like to apply that same principle to all four computers, with one important detail: the hostname would determine which computer to connect to.

So, for instance, I would like to get 4 dynamic IP addresses that all point to my router, and then the router would decide, based on the hostname, which computer to route the packets to.

Is this possible without comitting one computer to be always on?

Thank you,
Tonyboy
0
Comment
Question by:Tonyboy
  • 2
  • 2
  • 2
  • +4
10 Comments
 
LVL 3

Expert Comment

by:t1n0m3n
ID: 7084604
I don't think that the router would support that.  It only supports one computer to be put in the DMZ.  (As far as I know.)  You could use port forwarding, and dynamic dns to point at different ports (port 80 on 1, port 8080, on 2)
Lets say 1 is 1.dhs.org and 2 is 2.dhs.org, then you could point 1's offline url to http://2.dhs.org:8080.  (And so on, you can really get crazy with this.)  So, if 1 is down, 2 will receive the request.  All the end user has to remember is "http://1.dhs.org"
http://www.dhs.org was used in the example, but there are many other free dynamic dns servers that can do this for you.
As for the other ports, just port forward them to the box that you want, I am not quite sure how you would do the above with say, netbios....
Anyone else?
0
 
LVL 3

Expert Comment

by:kinsey
ID: 7084953
Is this possible without comitting one computer to be always on?

The answer is no.

would like to get 4 dynamic IP addresses

You can get 4 DNS host _NAMES_ that point to your router, but you only have one IP _ADDRESS_.

You could 'DMZ' one host and use port forwarding/tunneling to get to the others.

Onle one machine can service a specific port at a time.
( one web server, one mail server, one Quake game..etc.)
0
 
LVL 3

Expert Comment

by:mpltech
ID: 7084984
there are web servers which allow host name resolution but they are more designed to allow for multiple sites on one system.


I'm not a Mac expert, but I believe an ideal solution is to introduce a VPN server. your VPN server would have the IP address specified on the DMZ host. once connected to the VPN, a remote user would be on the local network and could access all the systems using the local IP addresses. I'm not sure about VPN solutions for MAC's though. I know a Windows NT VPN server will work on a MAC network, but have no idea what a Mac client needs. I suppose its probably a feature of the newer MacOs's?

you can always access one system at a time, by changing the DMZ host setting from the Internet. The Linksys documentation was very unclear about this, but I think there's a setting to enable remote configuration, then it uses port 8080 from a web browser on the Internet. the Linksys documentation doesn't make any mention at all of telnet functionality. My NetGear router has a telnet interface, and by mapping port 23 to the LAN address I can access it from the Internet to select a system to access.


Mike
0
 
LVL 3

Expert Comment

by:mpltech
ID: 7084990
whoops, I forgot the VPN server would always have to be on. sorry. You could always upgrade your router to one with built-in VPN functionality, as long as it works with your cable modem.





0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7086418
The VPN solution iws impractical for public access, unless you want to make everyone sign up for logins before they can use your services.  It actually *could* work, though...  A fairly sneaky idea.

I'm wondering, if Tony wants to get 4 dynamic IPs, assign them to the router, and then forward respective traffic to each internal machine, just do that (get 4 IPs), and turn off NAT in the router, and give each machine one of the IPs - problem solved.

Cheers,
-Jon
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 7

Expert Comment

by:jmiller47
ID: 7086469
Except that the NetBIOS and many other ports ae blocked by default at many ISPs. Unless you have a business account, they will usually not make an exception for you.

You probably also won't be able to get 4 IP addresses either, but it may be possible. Though, even if he could, You cannot assign 4 WAN addresses to a Linksys router.

The router does not allow DMZ to multiple hosts, only one.

I do not think your request will be possible at all.

If you have specific things that you want to do, you could list them here and possible a setup could be found, but as of right now, your needs are a bit vague...

"I would like to allow internet users to connect to my 4 individual computers to access services such as file sharing, web servers, etc..."

File sharing can be done using many applications even FTP. If web services and FTP are the only 2 things you need, then accomplishing this for 4 computers is rather easy. Please explain precisely what you need and I'm pretty sure that someone here can come up with a solution that will fit your needs.

0
 

Author Comment

by:Tonyboy
ID: 7087331
jmiller,

"File sharing can be done using many applications even FTP. If web services and FTP are the only 2 things you need, then accomplishing this for 4 computers is rather easy. Please explain precisely what you need and I'm pretty sure that someone here can come up with a solution that will fit your needs."

I wasn't more specific because the point is that I don't want to deny myself future expansion. For example, If I install a program in the future that uses, say, port 2000, and which does not allow one to change ports, I could not have this service on more than one computer.

You are right in saying that I can't get 4 IPs, however. My ISP is particularly selfish, and I'm not even sure if they allow 4 computers to share a single IP. Last I heard, they charge an extra 19.95$ CDN per extra computer.

I'm going to have to hide the router and airport cards when the repairman comes on moving day! :)

What about a software fix on an always-on computer? What about some kind of nameserver? What about the Linksys "Dynamic Routing" and "Static Routing" features? Does anyone know anything about these?

Thanks.
Tonyboy
0
 
LVL 8

Accepted Solution

by:
scraig84 earned 300 total points
ID: 7088541
Dynamic and static routing have to do with route tables and how they are populated - not with what you are trying to do.

There is a reason why nobody has heard of any way of doing what you want to do - because it is totally and completely impractical.  You're missing a critical component here.  Let's say I wanted to build an app that do what you want to do - decipher destination based on requested name.  Where exactly am I going to pull that name from?  This works with host headers with web servers because the requested URL is in the same place in the same field in every web session, so it is completely deterministic.  However, depending on the app used (FTP, IM, Terminal Services, whatever), the hostname could be anywhere in that session if it is ever even transferred at all (which with most applications it is not).  Therefore, the app that you want has no way to even determine what the requested hostname was, let alone route it accordingly.  

Your only real options are to either get public IP addresses or map specific ports to specific computers (PAT).  Otherwise you could go with the VPN idea, which is also impractical if you don't necessarily know who the clients are.

Hope that helps.
0
 

Author Comment

by:Tonyboy
ID: 7088628
Thanks for the information. I had worked on a web site once that would serve certain pages based on what the first part of the requested hostname was. For instance, <tonyboy.domain.com> would serve up tonyboy.html, <bob.domain.com> would serve up bob.html, etc...

I didn't realize that hostnames were not transmitted through TCP/IP packets or the like.

I suppose my best bet is to assign ports to my services in increments of 10000. So, POP3 services (port 110) could become 10110 for machine 1, 20110 for machine 2, etc...
0
 
LVL 8

Expert Comment

by:scraig84
ID: 7088696
No problem - glad I could help.  As long as your users know how to change the ports that apps are requested on (and the corresponding app supports it) then your idea should work fine.

Good luck!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now