Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
Royco

Newbie network/routing question

Recommended Posts

Royco

Situation:

One Microserver gen 8 and laptop in the same local network.

Microserver has a domain name assigned (with non local ip address, but external router ip) and requests on router port are forwarded to server.

If I open domain name in browser, how will the packets travel? Will they leave the local network, briefly go into the WWW and come back?

 

I installed owncloud on my gen8 and, when I used the domain name, see the access is logged a non local IP (not 192.168.2.x), but the external router ip. I'm wondering if the upload speed of my Internet connection could become a bottle neck.

 

I hope I got all the terms and explanation right.

Share this post


Link to post
Share on other sites
ikon

Just to be clear, are you talking about an Internet domain, or a Microsoft one?

Share this post


Link to post
Share on other sites
Royco

Internet domain, like www.example.com.

Share this post


Link to post
Share on other sites
Royco

www.example.com has 111.111.111.111 ip address assigned.

 

diagram:

 

laptop -- example.com --> router -- 192.168.2.4 --> Microserver

 

or

 

laptop -- example.com --> router -- 111.111.111.111 --> Provider --> Router --> Microserver

 

I guess the DNS lookup will go outside. But will the router understand it's actually a local request, when it has resolved the IP address? 

 

Sorry, I'm a true novice. Hope it does not sound like a stupid question.

Edited by Royco

Share this post


Link to post
Share on other sites
ikon

Not a stupid question at all. Different versions of it have been asked several times on the forums, but to do with Windows systems.

 

Unfortunately, the answer is "it depends".

 

If your router knows how, it will route the request to your MicroServer. A lot of inexpensive consumer routers can't handle it. My Untangle UTM does.

 

I do not know this for sure, but I think it partly, at least, depends on whether your router is doing DNS proxy/caching. Picture it this way:

 

laptop -> router's DNS -> 111.111.111.111 -> laptop -> send 111.111.111.111 to router -> 192.168.2.4 -> MicroServer

 

IOW, your laptop sends a DNS request to your router. Your router looks in its cache and sees that it knows that the domain is at 111.111.111.111 and sends that IP back to your laptop. You laptop then sends the actual request with IP 111.111.111.111 to your router. Your router sees that it owns the IP and processes the request locally. It sees that the port requested in the packet means it supposed to send the packet to 192.168.2.4, so it sends the packet to your LAN.

 

In the scenario I just described there would be no effect on your Internet connection, because your router is handling everything internally. However, apparently not all routers know enough to route packets addressed to their WAN IP back to the LAN.

 

The best thing you can do is try it, with your domain name and IP address. If you get to your MicroServer then you can be pretty sure your router is smart enough. What happens to people who don't have smart enough routers is they get Page Not Found errors.

  • Like 1

Share this post


Link to post
Share on other sites
Royco

Thanks for the answer.

 

I compared the upload speed between domain name and local ip address. It seems to be the same speed. Seems I've a smart router.

Share this post


Link to post
Share on other sites
ikon

I guess that kind of confirms it. I hope the explanation made sense :)

Share this post


Link to post
Share on other sites
jem101

The feature is referred to as NAT loopback or NAT reflection. If your router supports it (and it sounds like it does) then the data packets never actually leave the local network. There will probably be an external DNS lookup, unless you are running your own DNS internally in which case you can add the proper entries.

Share this post


Link to post
Share on other sites
ikon

Thanks jem101. I could picture how it would work, but never had a name for it. I suspect, as long as his router has its own DNS, hopefully with caching (is there a DNS that doesn't have caching?), he wouldn't even have to add any entries.

Share this post


Link to post
Share on other sites
Royco

Thanks to jem101 I now have a name and wikipedia entry:

 

 

NAT loopback

NAT loopback, also known as NAT hairpinning or NAT reflection,[6] is a feature in many consumer routers[7] which allows a user to connect to his/her own public IP address from inside the LAN. This is especially useful when, for example, a website is hosted at that IP address. The following describes an example network:

  • Public address: 203.0.113.1 (this is the address of the WAN interface on the router)
  • Internal address of router: 192.168.1.1
  • Address of the server: 192.168.1.2
  • Address of a computer: 192.168.100.1

If a packet is sent to the public address (203.0.113.1) by a computer at 192.168.100.1, the packet would normally be routed to the default gateway (the router), unless an explicit route is set in the computer's routing tables. A router with the NAT loopback feature detects that 203.0.113.1 is the address of its WAN interface, and treats the packet as if coming from that interface. It decides based on DNAT (port forwarding) rules on the destination for the packet. For example, if the data were sent to port 80 and there is a DNAT rule for port 80 directed to 192.168.1.2, then the host at that address will receive the packet.

If no applicable DNAT rules are available, the router's firewall drops the packet. An ICMP Destination Unreachable reply may be sent. If any DNAT rules were present, address translation is still in effect; the router still rewrites the source IP address in the packet. The computer (192.168.100.1) sends the packet as coming from 192.168.100.1, but the server (192.168.1.2) receives it as coming from 203.0.113.1. When the server replies the process is identical as for an external sender. Thus, two-way communication is possible between hosts inside the LAN network via their public IP address.

NAT loopback is especially useful when the server hosts a domain name that resolves to a public address. When the router does not perform NAT loopback, any connection attempts to that IP address fail.

 

Just as you both described it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  



×
×
  • Create New...