I have had this problem ever since I started serving up my own web pages using apache, even when I wasn't using Arch Linux.
First, some background info.
1. I am behind a router. The router gets my WAN IP addy from my ISP via DCHP.
2. My LAN IP addy is 192.168.0.2
3. There is a mac on the LAN, IP 192.168.0.3
4. The URL to my web-server is http://26rca.zapto.org
5. I use a re-direct service from noip.com to forward requests for http://26rca.zapto.org to whatever my WAN IP addy happens to be (updated with a client I run locally).
Now, the problem. If I open a web-browser and type 192.168.0.2 for a url, then I get my web page served. If I type http://26rca.zapto.org, I get "could not connect to remote server". The same occurs on the mac.
My workaround to this point has been to add the following to /etc/hosts:
192.168.0.2 26rca.zapto.org limbo
However, I am now trying to use virtual hosts with apache, and things are starting to get ugly. I can't trouble shoot very well because I can't even narrow down where the problems are. So, why does this happen? What can I do to resolve this issue?
Thanks for taking the time to read this. I am by no means an apache guru, and only do it for fun.
Here are some things that I would try...
Dig the URL from an inside machine. Try and ping the address that dig comes up with. I think that you might be seeing issues with the firewall - blocking requests that are starting inside and coming back inside.
Lemme know what comes of the test, and I will put my thinking cap on.
(Not an apache guru, but a LAN/WAN guy)
Thank you very much for your reply.
I executed dig, and then a bash script I have which resolved the WAN IP addy of my router. I then pinged that IP addy, and everything seems ok in that regard.
[root@limbo john]# dig 26rca.zapto.org ; <<>> DiG 9.2.2-P3 <<>> 26rca.zapto.org ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27983 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;26rca.zapto.org. IN A ;; ANSWER SECTION: 26rca.zapto.org. 37 IN A 188.8.131.52 ;; Query time: 3 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Fri Dec 19 00:10:57 2003 ;; MSG SIZE rcvd: 49 [root@limbo john]# whatismyip 184.108.40.206 [root@limbo john]# ping 220.127.116.11 PING 18.104.22.168 (22.214.171.124) 56(84) bytes of data. 64 bytes from 126.96.36.199: icmp_seq=1 ttl=250 time=1.64 ms 64 bytes from 188.8.131.52: icmp_seq=2 ttl=250 time=0.689 ms 64 bytes from 184.108.40.206: icmp_seq=3 ttl=250 time=0.695 ms --- 220.127.116.11 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 0.689/1.009/1.643/0.448 ms [root@limbo john]#
Ok.. so you can ping the WAN port on your router/firewall.. I would try a verbose telnet session to that IP addy on port 80 next. (late, and I canna think - G/F is saying bed.. who am I to argue?) :twisted:
I will check back in the AM.
telnet -n<tracefilename> <ip>:80
Thanks again... I like how you snuck that last post in after admitting you should go to bed... sounds like me and my g/f
I hope this info is useful for you:
[john@limbo temp]$ whatismyip 18.104.22.168 [john@limbo temp]$ telnet -n log 22.214.171.124 80 Trying 126.96.36.199... telnet: Unable to connect to remote host: Connection refused [john@limbo temp]$ file log log: empty [john@limbo temp]$ telnet 192.168.0.2 80 Trying 192.168.0.2... Connected to 192.168.0.2. Escape character is '^]'.
NAT doesn't work from an internal machine trying to access a forwarded port from the outside. At that point it's trying to masq the packets that are coming to itself... I'm confused just thinking about it.
You gotta connect from outside the network.
I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal
Xentac named the problem, and you already employed the (nearly) cleanest solution. You cannot fiddle with static routes due to your dynamic WAN IP, so all you can really do is making sure you are connecting to your local Apache, well, locally, but still using the "Internet" address. It'd be a tad nicer if you were using a DNS server in your LAN, but since we're talking about 2 machines here, it's hardly a problem to set the hosts file on each.
Either way, you should not have problems with your virtual host setup because of that. It's entirely transparent to Apache, _unless_ you unknowledgably tinker with access controls or IP restrictions, which is in itself kinda pointless unless you know what you're doing.
So, maybe you should just experiment a bit more and make sure you understand Apache's docs on this topic, and much will get clearer over time. I'm sure we can help you with concrete problems here as well.
"That's the problem with good advice. Nobody wants to hear it."
Thanks everyong for all your help. I tried describing this problem on #apache when I first started tinkering with web-serving, and they talked to me like I had a toaster for a head.
As long as it is not a "problem", I am happy. Networking is not my forte