Cannot see server within the network

SergioCGB

Junior Member
Apr 28, 2014
1
0
0
I have a small office network with 10 computers & our ISP is Comcast. Within the network, we have an HTTP server which hosts images. The port is routed properly, so if I am outside of the network & I go to Http://myurl.com/myimage.jpg, I see the image. If I try the same URL from within the network, I do not see the image. Within the network, I would have to use the internal IP http://192.168.1.200/myimage.jpg.

This same issue applies to all of the computers. The ones which run Remote desktop can be accessed from outside of the network, but internally, they can only be called by their internal IPs. What can I do differently? Does anyone know why this might be?

Additional info: Comcast gave me a SMCD3G. It's a modem/router. When I told them about this issue they told me that with a modem/router there is no termination point. So I would have to buy a separate router. I bought the Belkin F7D3301 with DD-WRT. When I called back, they said that internal routing is outside of their demarcation... I have several servers at home (with a different ISP) & I don't have this issue. do you guys know what could be different?
 
Last edited:

XavierMace

Diamond Member
Apr 20, 2013
4,307
450
126
Sounds like your DNS isn't configured properly. Do you have a DNS server on your network?
 

yinan

Golden Member
Jan 12, 2007
1,801
2
71
This is called split-horizon DNS I believe. You need to get a server set up to be a DNS server and host the zone for yourdomain.com, but use the correct internal IP addresses. Also, all of your clients should point at this server.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
Or get a router that wraps connections properly so you can use the outside address.
 

XavierMace

Diamond Member
Apr 20, 2013
4,307
450
126
Or get a router that wraps connections properly so you can use the outside address.

Router doesn't have anything to do with it if he's running his own DNS server. If you've got an local DNS server configured with a zone for myurl.com (or whatever your address is), it needs the appropriate DNS entries/A records or any client going through that DNS server won't resolve the address.
 

yinan

Golden Member
Jan 12, 2007
1,801
2
71
Or get a router that wraps connections properly so you can use the outside address.
That is kind of a an ugly way to do it. At one level you have to NAT an external address to an internal address (the server), while at the same time NATing an internal address (the client), to an external address, then reprocessing that packet back into the network. Much easier just to set up a dns server. The server could also cache DNS requests.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
Router doesn't have anything to do with it if he's running his own DNS server. If you've got an local DNS server configured with a zone for myurl.com (or whatever your address is), it needs the appropriate DNS entries/A records or any client going through that DNS server won't resolve the address.

You are making quite the assumption there.
The reason he can't get to it is:
a) he has a split DNS and the internal server is not in DNS.
b) he has no DNS and the world DNS servers will give him his external IP. From there the router is quite relevant as there are many that will not double NAT/PAT the internal -> external -> internal that the connection requires.
c) he is using some other method entirely that is causing issues like a HOSTS entry from testing that is causing the problem.

So specific to your response: if a NAT reflection is configured, allowed and working the external IP will work internally and the site will resolve. He doesn't even need onsite DNS to make this work. Depending on the scope of the request such as "home" or tiny business this is a perfectly valid way to operate. Is it the cleanest? Not for anything but the smallest of sites. In addition, DD-WRT does this right of the box:

http://www.dd-wrt.com/wiki/index.php/Port_Forwarding_Troubleshooting#Test_Loopback

It also supports internal DNS but it seems to do it via masq which can be interesting to configure to say the least.
 
Last edited:

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
That is kind of a an ugly way to do it. At one level you have to NAT an external address to an internal address (the server), while at the same time NATing an internal address (the client), to an external address, then reprocessing that packet back into the network. Much easier just to set up a dns server. The server could also cache DNS requests.

I only would agree if this is a home or business with someone that has the knowledge to set up and maintain the server. If it is a home or a tiny business, it would not be worth the time or trouble unless someone on staff / at home / is well versed on how to setup and manage a DNS domain.
 

XavierMace

Diamond Member
Apr 20, 2013
4,307
450
126
You are making quite the assumption there.
The reason he can't get to it is:
a) he has a split DNS and the internal server is not in DNS.
b) he has no DNS and the world DNS servers will give him his external IP. From there the router is quite relevant as there are many that will not double NAT/PAT the internal -> external -> internal that the connection requires.
c) he is using some other method entirely that is causing issues like a HOSTS entry from testing that is causing the problem.

So specific to your response: if a NAT reflection is configured, allowed and working the external IP will work internally and the site will resolve. He doesn't even need onsite DNS to make this work. Depending on the scope of the request such as "home" or tiny business this is a perfectly valid way to operate. Is it the cleanest? Not for anything but the smallest of sites. In addition, DD-WRT does this right of the box:

http://www.dd-wrt.com/wiki/index.php/Port_Forwarding_Troubleshooting#Test_Loopback

It also supports internal DNS but it seems to do it via masq which can be interesting to configure to say the least.

You're making just as large assumption assuming he doesn't have a DNS server. Most small business do.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
You're making just as large assumption assuming he doesn't have a DNS server. Most small business do.

You may want to look up the definition of assumption. You will have quite a bit of difficulty showing where I said he didn't have DNS. The fact that I listed both sides and "might be none of those" is contradictory to your entire statement.
 

XavierMace

Diamond Member
Apr 20, 2013
4,307
450
126
Or get a router that wraps connections properly so you can use the outside address.

That right there assumes he does not, because if he does have an internal DNS server with a zone setup for the domain he's using, the router isn't going to do jack as the DNS lookup will fail.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
That right there assumes he does not, because if he does have an internal DNS server with a zone setup for the domain he's using, the router isn't going to do jack as the DNS lookup will fail.

No actually it doesn't. I never assumed he didn't have DNS. I noted that he had it working from the outside, and if NAT loopback/reflection was enabled, the site would operate as expected. No where in that statement do I ever state "since you don't have DNS."