[Server-devel] Bridging XS to another network

David Leeming david at leeming-consulting.com
Sat Oct 30 20:04:20 EDT 2010 

Hi Phil,

 

Many thanks for helping. I attach a diagram. I have tried port forwarding
192.168.1.88 to port 80 on 172.18.0.1 in port forwarding, UPnP forwarding
and DMZ Host (yes all ports should be exposed). 

 

It's quite complicated. If you connect a PC to the XS with auto settings, it
gets an IP in network 172.18.96.0/255.255.224.0 but the DNS is on
172.18.0.1. Just did it now, and my laptops was given these settings by the
XS:

IP - 172.18.96.28

Mask - 255.255.224.0

Gateway - 172.18.96.1

DHCP - 172.18.96.1

DNS - 172.18.0.1  (sic)

 

If I enter 172.18.96.1 into the browser it gives the "could not establish
connection" page.

If I enter 172.18.0.1 I can see the XS Moodle, wiki everything.

 

So the DNS is on a DIFFERENT network to the DHCP and gateway etc.

 

If I change my PC settings manually to match the router
(172.18.0.88/255.255.255.0)

IP - 172.18.0.89

Mask - 255.255.255.0

Gateway - 172.18.0.88

I can now ping through the router to the external network, and if I enter
172.18.0.1 in the browser I can access the server (it comes up with the
Moodle page - thanks to the DNS). 

 

BUT the server will only ping the 172.18.0.88 LAN side of the router. If I
try the WAN it responds network unreachable.

 

I attach the httpd.conf and route tables from the XS... (note that I added
two routes at the top of the table - didn't work) 

 

 

David Leeming

Solomon Islands Rural Link 



 

From: Phill Hardstaff [mailto:phillh at spc.int] 
Sent: Sunday, 31 October 2010 10:20 a.m.
To: David Leeming
Cc: Mark Flynn
Subject: Re: [Server-devel] Bridging XS to another network

 

David, any chance to do a simple diagram ? I don't think netmasks are the
problem here, and I am not familiar with the WRT running in DMZ host mode,
does that mean it forwards all ports from the WAN port to the DMZ host ? I
sketched out what you have here and basically it looks OK but it will only
work if port 80 is being forwarded from 192.168.1.88 to port 80 on
172.18.0.1 but you need to confirm 1 thing, is Apache listening on
172.18.0.1 ? Easy way to tell would be from the XO network can you get a web
page by going to http://172.18.0.1 ? Or even from the XS itself. Or look at
the Apache config file, usually under /etc/httpd on older Redhats and see
what IP it is listening on.

Generally speaking a default Apache 2 would be listening on all IP's but
have port 80 configured.

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>    
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80

"Trying to connect on the network 2 side using a browser if I enter
192.168.1.88 or 172.18.0.1 it just times out."

172.18.0.1 will never work as there is no route, but 192.168.1.88 should if
there is a port forward for port 80 to 172.18.0.1 and Apache is indeed
running on 172.18.0.1. 

Cheers

Phill


On 30/10/10 6:23 PM, "David Leeming" <david at leeming-consulting.com> wrote:

Corrected line in ***
 

Hello all again,
 
A networking challenge this time.
 
I have an XS at a school where there also exists a wide area private network
connecting schools using Wi-Fi. We want those connected schools to be able
to access the XS, for various reasons.
 
That network (let's call it network 2) is 192.168.1.0/24 and it is connected
with the Internet via a router  running NAT and DHCP.
 
The XS local network seems to be quite complicated, I don't fully understand
it, but what I need to know is the correct slash designation for the httpd
and dns servers at 172.18.0.1 so that I can bridge it to network 2.
 
I am trying to use a Linksys WRT54G2 in DMZ Host mode with the IP address
172.18.0.1 bridged to the external Wan IP address of the WRT (set to
192.168.1.88)
 
The WRT LAN IP setting only allows netmask values of up to 255.255.255.0 and
I am worried if there is a mismatch then it could be why I can't get it to
work. 
 
I also suspect I may have to add something to the apache or routing config
on the XS, so as to "listen" on the WRT external IP address 
 
At the moment I set the Linksys to 
WAN - fixed IP 192.168.1.88 / 255.255.255.0
LAN IP address - 172.18.0.88 / 255.255.255.0  (could the net mask be the
issue?)
*** Application: DMZ Host, value 172.18.0.1 ***
Required changes to  xs apache settings  ??????    
 
Trying to connect on the network 2 side using a browser if I enter
192.168.1.88 or 172.18.0.1 it just times out.
 
If anyone reading this recognises what I am trying to do, I'd very much
appreciate your advice.
 
 
David Leeming
Solomon Islands Rural Link 




-- 
Phill Hardstaff
Manager ICT Section 
Secretariat of the Pacific Community
B.P. D5 - Noumea Cedex - 98848
New Caledonia
 
Phone +687-260141
Mobile +687 838091
http://www.spc.int/it




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/pipermail/server-devel/attachments/20101031/a63ad0dd/attachment-0001.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: httpd.conf
Type: application/octet-stream
Size: 33714 bytes
Desc: not available
Url : http://lists.laptop.org/pipermail/server-devel/attachments/20101031/a63ad0dd/attachment-0001.obj 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: route.txt
Url: http://lists.laptop.org/pipermail/server-devel/attachments/20101031/a63ad0dd/attachment-0001.txt 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Patukae net drawing.png
Type: image/png
Size: 67904 bytes
Desc: not available
Url : http://lists.laptop.org/pipermail/server-devel/attachments/20101031/a63ad0dd/attachment-0001.png

More information about the Server-devel mailing list