Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Redirecting an IP address to another IP address in a Host File in Server 2012

Posted on 2015-01-16
8
Medium Priority
?
89 Views
Last Modified: 2015-06-26
I know many out there say this doesn't work but we've have it work in Windows Server 2008 and 2008R2.  Now when we try to do it in Windows Server 2012R2 it doesn't work.  Did Microsoft change something that will now prevent this from working?
0
Comment
Question by:Beratung
8 Comments
 
LVL 60

Accepted Solution

by:
Cliff Galiher earned 1000 total points
ID: 40554636
Nope. If you had this working, it wasn't via host files alone (someone did something else that wasn't documented.)

The IPv4 DNS stack has changed very little even going back to 2000. And that is where the host file comes in, as part of the precedence and fallback of DNS lookups. Valid IP addresses are never subjected to a DNS lookup so a host file is never used. A host file also never "redirects" so that isn't the case either.

-Cliff
0
 
LVL 71

Assisted Solution

by:Qlemo
Qlemo earned 1000 total points
ID: 40555340
There could have been a tricky setup, relying on using the HOSTS file for reverse name resolution, and then the name to resolve to a different IP, but I have never heard of someone doing that.
There are some known "faults" in the TCP/IP stack implementation of WIndows, using Name resolution attempts even when supplying IP addresses, so it might have been possible with older OS to exploit that bug. But it is a bug.

The proper way to translate IP addresses to IP addresses is to use a NAT service. RRAs can do that, at least externally (crossing physical or virtual interfaces).
0
 

Author Comment

by:Beratung
ID: 40579672
I have dug further into this configuration and the use of it and here is what I have uncovered.

The redirection is indeed working on pre-2012 servers.  It is not a redirection of the IP per se but, I believe, it is treating the host file entry as if the IP is an actual name that is resolving to an IP; meaning, entering an ip1 and an ip2 in a host file entry will resolve to ip1 what it believes is a name of ip2.  It sees 192.168.21.x as a name and not an IP.  You might ask yourself so what.  That's where the use comes in.  We are doing this for a file share to make it accessible in a DMZ with a subnet of 172.16.1.x, so that it knows that the share \\192.168.21.x should be resolved to \\172.16.1.x.  Since it sees \\192.168.21.x as a name that's all it needs.  Now if you ping 192.168.21x, even with allowing ping through the DMZ to the LAN for a test, it can't ping it because it then wants it to be an IP address which it is not.  That's where everyone who says you can't redirect an IP in a host file is correct.  You can't, but this is not an IP redirection, but the resolution of a name for which host files use is intended.

This is all guessing on my part but it makes sense.  Now with Server 2012 it must be treating \\192.168.21.x as an IP and not a name for some reason.  Either a bug or a resolution to a previous bug I would think.

Am I on the right track at all?

I know some of you might ask why we are trying to do this.  To be honest, it is a bandaid but we don't have much choice.  We have an application on the DMZ that we can't change the IP address in its agent software configuration that needs to point to a share on another server on the LAN.  The fact that they are on two different subnets with a NAT between them presents a problem, so we found this way to fool the agent into thinking the share \\192.168.21.x is actually the IP it is looking for.  Unfortunately the software manufacturer uses IP's for these shares, doesn't allow using names, and supposedly you can't change where it points.  Flawed I will agree.

The bottom line is the behavior seems to have changed in 2012, but did it really?  Anyhow have any insight on this?
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
LVL 71

Assisted Solution

by:Qlemo
Qlemo earned 1000 total points
ID: 40579743
As I stated in http:#a40555340, if it worked, it was a bug.

All you can try now is to set up a port redirector for share ports (139 and/or 445) on a PC you do not need to have shares enabled (that is, LanManServer service may not be active).
One of those redirectors is FPipe from McAfee.
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40851769
I've requested that this question be closed as follows:

Accepted answer: 500 points for Cliff Galiher's comment #a40554636

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 40851770
The suggested answer http:#a40554636 is only correct in parts.
In http:#a40555340 I explain why this could have worked (contradicting what cgaliher stated) with legacy OS. The OP "confirmed" in http:#a40579672 the setup was probably as I told.

In http:#a40579743 I've suggested a workaround.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question