On Tue, May 28, 2002 at 09:32:30AM +0100, Pat Colbeck wrote:
| Thanks guys but still not working.
| I am trying to reach a mail server that exists on our internal LAN (but
| in a different office on a different subnet) as an RFC 1918 address (as
| does my machine). I actually want to reach it via its public address ie
| out of our firewall acrross the internet and back in via the firewall in
| the other office.
|
| Here is a the start of a traceroute, as you can see it goes out via the
| internet.
|
| dasterdly:/etc# traceroute azlan.com
| traceroute: Warning: azlan.com has multiple addresses; using
^^^^^^^^ ^^^^^^^^^^^^^^^^^^
| 193.129.67.7
^^^^^^^^^^^^
Yes, traceroute chose to use the public address.
| Here is where I telnet to port 25 (its a mail server).
|
| dasterdly:/etc# telnet azlan.com 25
| Trying 10.44.65.120...
^^^^^^^^^^^^
Telnet chose a different (yet valid) address to use.
| 250 uk-yk1-dc-01.azlan.com Hello [10.44.70.8]
|
| As you can see it thinks I am coming from my internal address not the
| NATed public address !
That's because, when telnet connected, it did come from the internal
address.
| 193.129.67.7 azlan azlan.com
| 10.44.70.8 azlan.com
If you have 2 addresses for a single host, then be prepared for
applications to choose one of them however they wish. If you remove
that second entry (with the 10. address) then telnet won't find that
as a valid address and will use the other interface. I suggest having
2 separate names, eg "azlan.com" and "azlan.com-priv", so you can
specify which interface to use by the name.
| Robert did you really mean assign my own address to azlan.com in my
| hosts file, seems a bit weird.
If you assigned your own address, then some app might choose to
connect to yourself (because it thinks the remote host is really
localhost).
HTH,
-D
--
"640K ought to be enough for anybody" -Bill Gates, 1981
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
Attachment:
pgplxT9WDP6rJ.pgp
Description: PGP signature