Results 1 to 3 of 3

Thread: openSUSE 13.2 internet gateway/router issue

  1. #1
    Join Date
    Apr 2009
    Location
    The Balogna Capitol, Lebanon PA
    Posts
    104

    Question openSUSE 13.2 internet gateway/router issue

    Greetings,

    I lost my internet gateway/router this past week which was running openSUSE 12.3 due to a power surge. So I reconfigured a box I built that's running openSUSE 13.2 to replace the failed machine. However I've again ran into a situation which we ran into configuring the 12.3 box when setting it up, and can't remember how we solved it then.

    The condition is this: Following the SDB for internet connection sharing, I configured the gateway box for masquerading including a segment of the LAN sub net for DHCP. I also configured a port forward from the public internet which has a static public ip and redirect port 80 to a web server that sits on the LAN, and opened the port on the external zone. This all works fine from the public internet. In other words these websites are visible to anyone outside of the LAN. My issue is that these same sites are not accessible from the LAN! Yes if I connect to the servers internal ip I get the default website in Apache2.

    I know this is a simple fix as it was resolved in the past. I know it was a rule setup in YAST under the firewall (SuSEfirewall2). However what it was is alluding, presently.

    Any help would be greatly appreciated.

    Wil

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,293
    Blog Entries
    2

    Default Re: openSUSE 13.2 internet gateway/router issue

    From what you describe you may be having one of two different issues...

    - If your LAN hosts are supposed to connect to your website using the public IP address, then your NIC needs to support and be configured for hairpin routing. Not all NICs support this so if you changed hardware then this may be different than your original setup. The solution to this is to configure a special DNS zone <only> for your LAN(aka split DNS) that points to your website's private IP address (from what you describe) instead of the public IP address public DNS is providing. Of course, if you are deploying multiple virtual websites on the same IP address or something similar, additional configuration may be necessary.

    - There could be a name resolution issue. From your LAN hosts, do an nslookup to verify the name is resolving and they are connecting to the correct IP address.

    HTH,
    TSU

  3. #3
    Join Date
    Apr 2009
    Location
    The Balogna Capitol, Lebanon PA
    Posts
    104

    Default Re: openSUSE 13.2 internet gateway/router issue

    Quote Originally Posted by tsu2 View Post
    From what you describe you may be having one of two different issues...

    - If your LAN hosts are supposed to connect to your website using the public IP address, then your NIC needs to support and be configured for hairpin routing. Not all NICs support this so if you changed hardware then this may be different than your original setup. The solution to this is to configure a special DNS zone <only> for your LAN(aka split DNS) that points to your website's private IP address (from what you describe) instead of the public IP address public DNS is providing. Of course, if you are deploying multiple virtual websites on the same IP address or something similar, additional configuration may be necessary.

    - There could be a name resolution issue. From your LAN hosts, do an nslookup to verify the name is resolving and they are connecting to the correct IP address.

    HTH,
    TSU

    1. LAN hosts are to connect to the website/s using the pulic IP address.
    2. No running name servers on the lan, and DNS resolution has been tested out and functioning.
    3. This worked on the previous machine with a firewall rule applied through YAST.
    4. I'm using the same nic that was in the failed machine.


    Wil

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •