Hi,
I have a problem thats now driving me up the wall. Basically I have a apache http server setup and running on a box which runs on port 80 and works fine for access on my internal network.
As soon as I open this up to the internet all connections time out (as far as I can tell the port is “closed”, though the port is open in all the configs and the firewall is off, which makes no sence really).
All this time the server is still accessible thought any address on the local network.
I know there is nothing wrong with the router as this box is a replacement for another one, if I change the ip back to the original server then everything works fine connections are accepted.
Any ideas on what might be causing this, as its reaching pull your hair out time!
Just to be overly-clear, both the old and the new server have the same
exact network settings, right? Please post the output of the following
commands from BOTH machines to verify:
ip addr sh ip route sh
With that done what exactly does Firefox say (from outside your network)
when accessing this server? Error 404? Error 500? Something else?
Also if you can test the connection with netcat that would be
interesting. Please include the entire command you are using as well as
the output for both the new and old server (testing from outside and
inside your network):
netcat -zv <ipAddressOfServer> 80
Finally it’s possible, though less-likely, that your new server is
blocking anything from your router specifically. You mentioned
initially that you tested with the firewall totally off
(rcSuSEfirewall2 status) and if that’s the case you can probably rule
it out. To see current firewall rules (which should only exist if the
firewall is running) use the following command:
iptables-save
Good luck.
Scott07uk wrote:
| Yes the port is open, as I say on the exiting server it works fine, as
| soon as you change the ip to the new box, no one can connect.
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
The error I get externally is connection timed out, internally all is fine.
Just a little info about the network its running on, the box has two interfaces, both on the same physical network, (eth0 is 172.16.1.6, eth1 is 172.16.1.8) the hostname is venus and the routers ip is 172.16.0.1, my main machines ip is 172.16.2.1 and I can access it from my laptop too (dhcp address 172.16.4.254)
The output off your two commands on venus are
venus:~ # ip addr sh
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:08:02:e6:6f:bf brd ff:ff:ff:ff:ff:ff
inet 172.16.1.6/16 brd 172.16.255.255 scope global eth0
inet6 fe80::208:2ff:fee6:6fbf/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:08:02:e6:6f:be brd ff:ff:ff:ff:ff:ff
inet 172.16.1.8/16 brd 172.16.255.255 scope global eth1
inet6 fe80::208:2ff:fee6:6fbe/64 scope link
valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
venus:~ # ip route sh
169.254.0.0/16 dev eth0 scope link
172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.1.6
172.16.0.0/16 dev eth1 proto kernel scope link src 172.16.1.8
127.0.0.0/8 dev lo scope link
default via 172.16.0.1 dev eth1
The old webserver (jupiter) does not support those commands so I cant show you the output (i mean old in terms of hardware and software)
The output of the other command is
venus:~ # rcSuSEfirewall2 status
Checking the status of SuSEfirewall2 unused
I assume your network is setup as a class B network with netmask
255.255.0.0, right? That should be the same for your old server. This
is a little odd since most of the time home (and most) networks use
class C-ish networks either in reality or at least in size. I guess
we’ll see from the commands above.
Also, you have two NICs on the same network? Does unplugging the .8 NIC
help at all? Where is your port forwarding pointed? Is it to .6, I hope?
Good luck.
Scott07uk wrote:
| Hi,
|
| The error I get externally is connection timed out, internally all is
| fine.
|
| Just a little info about the network its running on, the box has two
| interfaces, both on the same physical network, (eth0 is 172.16.1.6,
| eth1 is 172.16.1.8) the hostname is venus and the routers ip is
| 172.16.0.1, my main machines ip is 172.16.2.1 and I can access it from
| my laptop too (dhcp address 172.16.4.254)
|
| The output off your two commands on venus are
| venus:~ # ip addr sh
| 1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
| link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
| inet 127.0.0.1/8 scope host lo
| inet6 ::1/128 scope host
| valid_lft forever preferred_lft forever
| 2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
| 1000
| link/ether 00:08:02:e6:6f:bf brd ff:ff:ff:ff:ff:ff
| inet 172.16.1.6/16 brd 172.16.255.255 scope global eth0
| inet6 fe80::208:2ff:fee6:6fbf/64 scope link
| valid_lft forever preferred_lft forever
| 3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
| 1000
| link/ether 00:08:02:e6:6f:be brd ff:ff:ff:ff:ff:ff
| inet 172.16.1.8/16 brd 172.16.255.255 scope global eth1
| inet6 fe80::208:2ff:fee6:6fbe/64 scope link
| valid_lft forever preferred_lft forever
| 4: sit0: <NOARP> mtu 1480 qdisc noop
| link/sit 0.0.0.0 brd 0.0.0.0
| venus:~ # ip route sh
| 169.254.0.0/16 dev eth0 scope link
| 172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.1.6
| 172.16.0.0/16 dev eth1 proto kernel scope link src 172.16.1.8
| 127.0.0.0/8 dev lo scope link
| default via 172.16.0.1 dev eth1
|
| The old webserver (jupiter) does not support those commands so I cant
| show you the output (i mean old in terms of hardware and software)
|
| The output of the other command is
| venus:~ # rcSuSEfirewall2 status
| Checking the status of SuSEfirewall2
| unused
|
| The netcat test gives this on my box
| netcat -zv ‘Worlds of War II - The free online strategy game’
| (http://www.worldsofwar.co.uk) 80
| Warning: inverse host lookup failed for 172.16.1.6: Unknown host
| ‘Worlds of War II - The free online strategy game’
| (http://www.worldsofwar.co.uk) [172.16.1.6] 80 (http) open
|
| At the moment I have been useing ‘Traceroute, Ping, Domain Name Server
| (DNS) Lookup, WHOIS, and DNS Records Lookup’ (http://www.nwtools.com)
| to test the access to the outside world and that has been reporting
| that the connection times out, though when redirecting to the other
| server it returns a full set of expected http headers straight away.
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org